- 19
- Jan
image by recursion_see_recursion
Port Knocking is a way to open ports on a firewall by attempting to connect to a predefined sequence of closed ports. Once the correct connection attempts are made, the firewall opens the ports to let the source of the connection attempts in through the firewall.
In other words, it is like a combination lock for your firewall/Linux machine.
How is this useful?
There could be several reasons that you would implement port knocking. The best example I can think of is that the system administrator is working on the road, never knowing where he/she would be connecting from.
Usually, I block all ports, except for only network ranges that should connect. Port 80 is a good example, for a web server, where all hosts would be accepted. Port 22, for SSH, would be a good example that I would only allow access from a few, specific addresses. This would be a problem if I worked on the road.
Port knocking would avoid the hassle and allow me to open the firewall from where ever I might be, as long as I knew the sequence of ports to make a connection attempt to.
Ducea.com has written a tutorial if you are interested in implementing port knocking.
![[del.icio.us]](http://images.del.icio.us/static/img/delicious.small.gif){kind=small}
Related Posts
Tags: Linux, Networking, Open source, Port knocking, Security
January 19th, 2008 at 5:19 pm
The link for the Ducea.com tutorial doesn’t work, it begins with http://http//www.ducea.com
January 19th, 2008 at 7:03 pm
I fixed it, thanks Bob.