
about
firewall primer details knock lab download implementations documentation FAQ images resources contact ![]() ![]()
The port knocking Perl prototype is licensed under the GPL license.
GPL License
![]() |
Port KnockingPerl prototype: v0.30
2004-Nov-14 18:59 | ...more new Net::Pcap support added to sniff packets directly ...more
Learn about firewalls and discover port knocking. Find out how to use port knocking to secure your servers with a Perl prototype or other implementations. Play with knocks in the knock lab. Contribute to the port knocking project. See what others are saying. Is port knocking a form of security through obscurity? Port knocking is definitely not any kind of ultimate solution and some think that it should be avoided altogther. The author doesn't think so and also has some other opinions.
port triggeringPort triggering is a feature included in some
routers
Suppose you have two hosts in an internal network and you would like to host some service from one or the other machine (e.g. Quake or Roger Wilco server). Depending on which internal machine you use to host the service, you will need to either reprogram the port forwarding rules or change the internal IPs to match the rules. That's annoying and this is exactly where port triggering comes in. Triggering forwards incoming connections to a particular internal host when this internal host initiates a connection. The act of the internal host initiating a connection is the trigger. For example, if an internal host connects to port snmp/25 on a remote server, triggering could be configured to then allow incoming connections from the remote server to port auth/113 of the internal host. The nice thing about triggering is that the internal host's IP/MAC address does not need to be configured anywhere - the router will perform the forwarding smartly. See details on Networking FAQ at broadbandreports.com. Thus, port triggering is similar to port fowarding, except that instead of configuring the forwarding rules yourself, they are automatically configured based on outgoing connections. last updated 2004-Apr-05 16:07
|