Read Paper (in PDF)
Rennie deGraaf
University of Calgary
Canada
John Aycock
University of Calgary
Canada
Michael Jacobson, Jr.
University of Calgary
Canada
It is sometimes desirable to allow access to open ports on a firewall only to authorized external users and present closed ports to all others. We examine ways to construct an authentication service to achieve this goal, and then examine one such method, ``port-knocking'', and its existing implementations, in detail. We improve upon these existing implementations by presenting a novel port-knocking architecture that provides strong authentication while addressing the weaknesses of existing port-knocking systems.
Keywords: port knocking authentication firewall access control