Port Knocking

Perl prototype: v0.30

pcaplib support added; daemon no longer requires firewall log file

2004-Nov-14 18:59 | ...more

new Net::Pcap support added to sniff packets directly ...more

Learn about firewalls and discover port knocking. Find out how to use port knocking to secure your servers with a Perl prototype or other implementations. Play with knocks in the knock lab. Contribute to the port knocking project. See what others are saying. Is port knocking a form of security through obscurity? The author doesn't think so and also has some other opinions.

summary features port forwarding port triggering obscurity critique requirements haha

Logos and Banners

Port Knocking (c) 2002,2003 Martin Krzywinski

More images are available.

features

Port knocking is summarized in this list of features, which can be seen as advantages.

firewall-based method for user authentication
establish connections to hosts with no open ports through subversive use of closed ports
seal off your network hosts and prevent remote profiling
impossible to determine whether port knocking is implemented
detection by sniffers both difficult and loud
encrypted sequences for increased security
one time encryption pads provide maximum possible protection
benefits from access control provided by firewall and IDS systems

Any implementation of port knocking targetted at production systems with a large number of connection attempts needs to consider

misordered/missing ports in a knock sequence caused by network latency
detection and interpretation of simultaneous knock sequences
impact on system and network load

A simple implementation of port knocking is available. It is coded as a proof-of-concept and has not been optimized for heavy use. On the other hand, I've been using it at home and it's very functional for a system with a handful of users.

last updated 2005-Jan-04 13:17