Re: idea for improving security

To: debian-security@lists.debian.org
Subject: Re: idea for improving security
From: Tim van Erven <tve@vormig.net>
Date: Wed, 7 May 2003 01:14:04 +0200
Message-id: <20030506231404.GB6778@mould.vormig.net>
Mail-followup-to: debian-security@lists.debian.org
In-reply-to: <3EB7F9DC.2000501@iit.edu>
References: <3EB7F9DC.2000501@iit.edu>

On Tue, 06/05/2003 13:07 -0500, Mark Edgington wrote:
> incorporate functionality into inetd/xinetd/rinetd which listens for a 
> predefined sequence of connection attempts on certain ports.  Upon noticing 
> the correct sequence (as specified somewhere in the config file), it opens 
> up certain ports (i.e. SSH) for a specified amount of time or for the next 
> connection attempt only.  The parameters which could be set in the config 
> file would be:
> 1) the "trigger" sequence (an ordered list of port numbers)
> 2) the port(s) to make available upon receiving this trigger sequence
> 3) whether the ports to be made available are available for a) the next n 
> connections only, and/or b) the next n minutes
> 3) how long to disable watching for the sequence after an invalid sequence 
> has been detected.

You could also run a daemon that listens on some port for a password and
opens up other ports if it receives the right one, to get the same
effect, but much easier to implement.

-- 
Tim van Erven <tve@vormig.net>          Fingerprint: F6C9 61EE 242C C012
OpenPGP Key ID: 712CB811                   36D5 BBF8 6310 D557 712C B811

Reply to:

Follow-Ups:
- Re: idea for improving security
  - From: Hans Spaans <debian-security@lists.hansspaans.nl>

References:
- idea for improving security
  - From: Mark Edgington <edgimar@iit.edu>

Prev by Date: Re: idea for improving security
Next by Date: Re: idea for improving security
Previous by thread: Re: idea for improving security
Next by thread: Re: idea for improving security
Index(es):
- Date
- Thread