fediversity_website/content/evenementen/nluug/voorjaarsconferentie-2018/talks/adrianus-warmenhoven-port-knocking.md
Patrick Reijnen 4c8f91573a Vergeten presentatie JP Mens toegevoegd in NJ2018
Talks VJ2018 toegevoegd
2024-01-03 15:44:54 +01:00

1.9 KiB
Raw Blame History

categories date description layout tags title speakers presentation recording
presentaties
2018-11-15T10:31:43+02:00 event-talk
hacking
port-knocking
single-packet-authentication
Adrianus Warmenhoven - Port Knocking
adrianus-warmenhoven
filename
2018-11-15-adrianus-warmenhoven-port-knocking.pdf
platform url
youtube

Abstract

Using SPA for profit and fun, or, a zero-cost solution to getting your fridge out of Shodan.

Port knocking has been around for quite a while; send a sequence of packets to seemingly closed ports and Sesame opens up. This is, however, not so very secure. Single Packet Authentication port knocking, involving a signed packet with an timestamp, is a lot more secure and works quite well.

I want to make the case that, just like firewalling (IPTables), SPA port knocking should be a default mechanism in any modern OS, especially the IoT OSes. It is easily implemented (both on server and on client side) and is readily available. It takes the stress out of getting every underpaid worker on the same security page whilst still enabling access when needed.

And finally, it can be used (a hobby of mine) to waste tremendous amounts of time and resources of (wannabe) attackers; your server can be a Decepticon too!

Biography

Adrianus Warmenhoven has been involved in pioneering endeavors in IT since the early 1990s. Collaborated in setting up firsts in Dutch anti-cybercrime, branch organization for ISPs as well as being CTO for one of the first free ISPs in the Netherlands, co-designer of supercomputing hardware and running projects for Dutch governmental organizations.

For various international companies, he has done security reviews and given advice on how to deal with active threats and extortion. He is now affiliated with RedSocks as security evangelist and develops academic classes in hacking.