Port Knocking

Speaker: Adrianus Warmenhoven

Abstract

Using SPA for profit and fun, or, a zero-cost solution to getting your fridge out of Shodan.

Port knocking has been around for quite a while; send a sequence of packets to seemingly closed ports and Sesame opens up. This is, however, not so very secure. Single Packet Authentication port knocking, involving a signed packet with an timestamp, is a lot more secure and works quite well.

I want to make the case that, just like firewalling (IPTables), SPA port knocking should be a default mechanism in any modern OS, especially the IoT OSes. It is easily implemented (both on server and on client side) and is readily available. It takes the stress out of getting every underpaid worker on the same security page whilst still enabling access when needed.

And finally, it can be used (a hobby of mine) to waste tremendous amounts of time and resources of (wannabe) attackers; your server can be a Decepticon too!

Biography

Adrianus Warmenhoven has been involved in pioneering endeavors in IT since the early 1990’s. Collaborated in setting up firsts in Dutch anti-cybercrime, branch organization for ISP’s as well as being CTO for one of the first free ISP’s in the Netherlands, co-designer of supercomputing hardware and running projects for Dutch governmental organizations.

For various international companies, he has done security reviews and given advice on how to deal with active threats and extortion. He is now affiliated with RedSocks as security evangelist and develops academic classes in hacking.