Abstract
Port knocking is technique first introduce in the Black Hat to prevent attackers from discovering and exploiting potentially vulnerable service on a network host, while allowing authenticated users to access these service. Despite being potentially useful tool, it suffers various vulnerabilities such as TCP replay, port scanning and etc. Most work in this area is proposed complex method to harden port knocking. This study presents an improved scheme over the existing Port Knocking by employ the Source Port sequences that will simplify a technique for port knocking system. Source port usually was automatic generate by operating system. Source Port is preassign to generate a sequence. A technique to control when certain service start and stop was introduced to mitigate problem with TCP replay attack and port scanning. In addition, a proposed method doesn't need to integrate with firewall like other port knocking method. Experiment indicates that packet capture was able to grab port sequence but doesn't define what the service request is. In term of performance, proposed method work faster than others method like Basic port knocking and Fwknop + SPA. The performance of the proposed method was evaluated by measuring the authentication time to knock the server. The proposed port knocking method was useful to system administrators who need to access the server remotely but has a strict firewall rules.
Metadata
Item Type: | Thesis (Masters) |
---|---|
Creators: | Creators Email / ID Num. Mohamad Alias, Mohd Azuan UNSPECIFIED |
Contributors: | Contribution Name Email / ID Num. Thesis advisor Mohd Ali, Fakariah (Dr.) UNSPECIFIED |
Divisions: | Universiti Teknologi MARA, Shah Alam > Faculty of Computer and Mathematical Sciences |
Programme: | Master of Science in Computer Networking |
Keywords: | Scanning, Port, Tcp |
Date: | 2012 |
URI: | https://ir.uitm.edu.my/id/eprint/63972 |
Download
63972.PDF
Download (12kB)