How could simulating the ports as open be useful?

posted 1 month ago

I’ve read an article which describes how to simulate the close ports as open in Linux by eBPF. That is, an outside port scanner, malicious actor, will get tricked to observe that some ports, or all of them, are open, whereas in reality they’ll be closed.

How could this be useful for the owner of a server? Wouldn’t it be better to pretend otherwise: open port -> closed?

Sort:

Hot Top Controversial New Old

You are viewing a single thread.

View all comments View context

[ - ]

nous@programming.dev

3 points

1 month ago

Port knocking does not require open ports though? It works by trying to connect to closed ports in a specific sequence does it not?

permalink

report

parent

[ - ]

originalucifer@moist.catsweat.com

1 point

1 month ago

or maybe fake ports?

permalink

report

parent

[ - ]

nous@programming.dev

3 points

1 month ago

What is a fake port?

permalink

report

parent

Programming

!programming@programming.dev

Create post

Welcome to the main community in programming.dev! Feel free to post anything relating to programming here!

Cross posting is strongly encouraged in the instance. If you feel your post or another person’s post makes sense in another community cross post into it.

Hope you enjoy the instance!

Rules

Follow the programming.dev instance rules
Keep content related to programming in some way
If you’re posting long videos try to add in some form of tldr for those who don’t want to watch videos

Wormhole

Follow the wormhole through a path of communities !webdev@programming.dev

Community stats

3.8K
Monthly active users
800
Posts
6.5K
Comments

Rules

Wormhole

Community stats

Community moderators