This is a read-only archive. Find the latest Linux articles, documentation, and answers at the new!

Re:UDP can't work

Posted by: Anonymous Coward on September 17, 2004 03:45 AM
I don"t think you understand how TCP/IP works either. UDP requires applacation work to assure that lost or re-ordered packets are worked around. I believe, if you read the article, the author was suggesting a UDP based pre-authentacation deamon that listens on a UDP port for a "key" and then opens other ports, while still generating a ICMP_PORT_UNREACHABLE packet.

A good design goal of any security technique is that it fails CLOSED. When packet loss is becomes an issure, interactive use of across the networks is mostly usuless anyway.


Return to A critique of port knocking