Port Knocking!

Would you like to hide a port until a certain knock-knock procedure is received?

Like this:

knock3000 4000 5000 && ssh -puser@host && knock5000 4000 3000

Knock on ports to open a port to a service (ssh for example) and knock again to close the port.

First you need to install knockd.
See example config file below.

[options]

logfile = /var/log/knockd.log

[openSSH]

sequence = 3000,4000,5000

seq_timeout = 5

command = /sbin/iptables -A INPUT -i eth0 -s %IP% -p tcp –dport 22 -j ACCEPT

tcpflags = syn

[closeSSH]

sequence = 5000,4000,3000

seq_timeout = 5

command = /sbin/iptables -D INPUT -i eth0 -s %IP% -p tcp –dport 22 -j ACCEPT

tcpflags = syn

Hope you found it userful.

Leave a Reply

Your email address will not be published. Required fields are marked *