Linux

A Linux kernel patch that “implements a new NAT-compatible, TCP option for stealthy port knocking with a few new twists for improved security” has been released.

Port knocking is a security implementation that’s designed to reduce the visibility of TCP servers on the network. A good port knock tool renders TCP servers stealthy, making them invisible to port scanners.

The point of a port knock tool is to make TCP servers respond to TCP SYN request only after a pre-defined sequence of packets have been sent and received. It’s like having a club house whose doors open only after a set number and sequence of knocks. There have been tools like in the past, but as far as I know, all have been in user space. Knock is thus likely the first port knock tool for Linux in kernel space.

Related Post:  New Software Brings Facial-Recognition Technology to Mobile Phones

From the release announcement:

  • Knocking is done in the Linux kernel. Applications can activate Knock with a single additional setsockopt call (in both client and server). Thus, once Linux has been patched, deployment will be much simpler compared to other implementations. Also, as Knock operates in the Kernel, timing attacks should be much harder to do.
  • Our Knock optionally does not merely enable opening the connection, but also can be used to protect the first N bytes of the TCP payload. Thus, given a sane protocol being run above TCP (one begins with a key exchange), an active attacker cannot simply take over the TCP connection after the handshake without also being locked into sending the same TCP payload. Thus, if the client begins by sending his public key and then continues to send data that must be authenticated with that key, even an active man-in-the-middle adversary cannot hijack the connection.

Knock is the work of Julian Kirsch, Maurice Leclaire and Christian Grothoff. The complete release announcement, associated documentations, as well as the code, are available here. The patch has been submitted to the Linux Kernel Mailing List (LKML), the kernel networking mailing list and subsystem maintainer. Could be coming to a Linux kernel next, if it passes muster.

Related Post:  How is the NSA breaking SSL?

Share:

Share on facebook
Facebook
Share on twitter
Twitter
Share on pinterest
Pinterest
Share on linkedin
LinkedIn

Hola! Did you notice that LinuxBSDos.com no longer runs network ads?  Yep, no more ads from the usual suspects that track you across the Internet.  But since  I still need to pay to keep the site running, feel free to make a small donation by PayPal.

Subscribe for updates. Trust me, no spam!

Mailchimp Signup Form

Sponsored links

1. Attend Algorithm Conference, a top AI and ML event for 2020.
2. Reasons to use control panel for your server.
3. DHgate Computers Electronics, Cell Phones & more.

Leave a Reply

Your email address will not be published. Required fields are marked *

Get the latest

On social media
Via my newsletter
Mailchimp Signup Form

Partner links

1. Attend Algorithm Conference, a top AI and ML event for 2021.
2. Reasons to use control panel for your server.
3. DHgate Computers Electronics, Cell Phones & more.
Hacking, pentesting distributions

Linux Distributions for Hacking

Experts use these Linux distributions for hacking, digital forensics, and pentesting.

Categories
Archives

The authors of these books are confirmed to speak during

Algorithm Conference

T-minus AI

Author was the first chairperson of AI for the U.S. Air Force.

The case for killer robots

Author is the Director of the Center for Natural and Artificial Intelligence.

Why greatness cannot be planned

Author works on AI safety as a Senior Research Scientist at Uber AI Labs.

Anastasia Marchenkova

An invitation from Anastasia Marchenkova

Hya, after stints as a quantum researcher at Georgia Tech Quantum Optics & Quantum Telecom Lab, and the University of Maryland Joint Quantum Institute, I’m now working on superconducting qubit quantum processors at Bleximo. I’ll be speaking during Algorithm Conference in Austin, Texas, July 16 – 18, 2020. Meet me there and let’s chat about progress and hype in quantum computing.