Simple port knocking method against TCP replay attack and port scanning / Mohd Azuan Mohamad Alias

Port knocking is technique first introduce in the Black Hat to prevent attackers from discovering and exploiting potentially vulnerable service on a network host, while allowing authenticated users to access these service. Despite being potentially useful tool, it suffers various vulnerabilities suc...

Full description

Saved in:
Bibliographic Details
Main Author: Mohamad Alias, Mohd Azuan
Format: Thesis
Language:English
Published: 2012
Online Access:https://ir.uitm.edu.my/id/eprint/63972/1/63972.PDF
https://ir.uitm.edu.my/id/eprint/63972/
Tags: Add Tag
No Tags, Be the first to tag this record!
id my.uitm.ir.63972
record_format eprints
spelling my.uitm.ir.639722023-08-25T08:13:48Z https://ir.uitm.edu.my/id/eprint/63972/ Simple port knocking method against TCP replay attack and port scanning / Mohd Azuan Mohamad Alias Mohamad Alias, Mohd Azuan Port knocking is technique first introduce in the Black Hat to prevent attackers from discovering and exploiting potentially vulnerable service on a network host, while allowing authenticated users to access these service. Despite being potentially useful tool, it suffers various vulnerabilities such as TCP replay, port scanning and etc. Most work in this area is proposed complex method to harden port knocking. This study presents an improved scheme over the existing Port Knocking by employ the Source Port sequences that will simplify a technique for port knocking system. Source port usually was automatic generate by operating system. Source Port is preassign to generate a sequence. A technique to control when certain service start and stop was introduced to mitigate problem with TCP replay attack and port scanning. In addition, a proposed method doesn't need to integrate with firewall like other port knocking method. Experiment indicates that packet capture was able to grab port sequence but doesn't define what the service request is. In term of performance, proposed method work faster than others method like Basic port knocking and Fwknop + SPA. The performance of the proposed method was evaluated by measuring the authentication time to knock the server. The proposed port knocking method was useful to system administrators who need to access the server remotely but has a strict firewall rules. 2012 Thesis NonPeerReviewed text en https://ir.uitm.edu.my/id/eprint/63972/1/63972.PDF Simple port knocking method against TCP replay attack and port scanning / Mohd Azuan Mohamad Alias. (2012) Masters thesis, thesis, Universiti Teknologi MARA (UiTM).
institution Universiti Teknologi Mara
building Tun Abdul Razak Library
collection Institutional Repository
continent Asia
country Malaysia
content_provider Universiti Teknologi Mara
content_source UiTM Institutional Repository
url_provider http://ir.uitm.edu.my/
language English
description Port knocking is technique first introduce in the Black Hat to prevent attackers from discovering and exploiting potentially vulnerable service on a network host, while allowing authenticated users to access these service. Despite being potentially useful tool, it suffers various vulnerabilities such as TCP replay, port scanning and etc. Most work in this area is proposed complex method to harden port knocking. This study presents an improved scheme over the existing Port Knocking by employ the Source Port sequences that will simplify a technique for port knocking system. Source port usually was automatic generate by operating system. Source Port is preassign to generate a sequence. A technique to control when certain service start and stop was introduced to mitigate problem with TCP replay attack and port scanning. In addition, a proposed method doesn't need to integrate with firewall like other port knocking method. Experiment indicates that packet capture was able to grab port sequence but doesn't define what the service request is. In term of performance, proposed method work faster than others method like Basic port knocking and Fwknop + SPA. The performance of the proposed method was evaluated by measuring the authentication time to knock the server. The proposed port knocking method was useful to system administrators who need to access the server remotely but has a strict firewall rules.
format Thesis
author Mohamad Alias, Mohd Azuan
spellingShingle Mohamad Alias, Mohd Azuan
Simple port knocking method against TCP replay attack and port scanning / Mohd Azuan Mohamad Alias
author_facet Mohamad Alias, Mohd Azuan
author_sort Mohamad Alias, Mohd Azuan
title Simple port knocking method against TCP replay attack and port scanning / Mohd Azuan Mohamad Alias
title_short Simple port knocking method against TCP replay attack and port scanning / Mohd Azuan Mohamad Alias
title_full Simple port knocking method against TCP replay attack and port scanning / Mohd Azuan Mohamad Alias
title_fullStr Simple port knocking method against TCP replay attack and port scanning / Mohd Azuan Mohamad Alias
title_full_unstemmed Simple port knocking method against TCP replay attack and port scanning / Mohd Azuan Mohamad Alias
title_sort simple port knocking method against tcp replay attack and port scanning / mohd azuan mohamad alias
publishDate 2012
url https://ir.uitm.edu.my/id/eprint/63972/1/63972.PDF
https://ir.uitm.edu.my/id/eprint/63972/
_version_ 1775626328406491136
score 13.211869