|
What is port knocking?
Port knocking is a technique
to manage access to a range of ports using information gleaned
from the firewall logs. Basically, protects a tcp port from
getting connected to without "authenticating" first,
much like the common system of telnetting to a particular port on
a router to change it's firewall rules. The difference is that
this doesn't require that service be running to receive anything
on those ports -> it gleans the information from the paket logs
on those ports.
The net result is that you can operate a
box without any "open" ports, and still have it be
remotely accessible from any IP, offering a viable replacement for
access control lists when managing sensitive ports.
For
more information about port knocking in general, and the
perl/ipchains implementation that I based this off of, go to
Martin Krzywinski's excellent
site. In particular, you should read this description
of how port knocking works.
For more information about
my simplified, BASH implementation of portknocking, read
on!
To learn how to install it, click
here.
|