Set up port knocking server to hide an open port

Security Linux
Created At :
Count:227 Views 👀 :
  1. What is Port Knocking ?
  2. Server Setup
    1. Install the package
    2. Configuration
    3. Enable the deamon
  3. Client side
    1. Linux
    2. Windows

What is Port Knocking ?

Port knocking is a simple method to grant remote access without leaving a port constantly open.
This preserves your server from port scanning and script kiddie attacks.

Server Setup

Install the package

Debian: 

apt install knockd

Configuration

/etc/knockd.conf

I want to hide the ssh.
You have to change the sequence, because the script kiddies will try this sequence first. 

[options]
      logfile = /var/log/knockd.log

[SSH]
      sequence    = 7000,8000,9000
      seq_timeout = 20
      command     = /sbin/iptables -A INPUT -s %IP% -p tcp --dport 22 -j ACCEPT
      tcpflags    = syn
      cmd_timeout   = 10
      stop_command  = /sbin/iptables -D INPUT -s %IP% -p tcp --dport 22 -j ACCEPT

You have some exemple here.

ubuntu.com

Enable the deamon

/etc/default/knockd
Uncomment the START_KNOCKD=1 line to enable the daemon. 

################################################ 
# 
# knockd's default file, for generic sys config 
# 
################################################ 

# control if we start knockd at init or not 
# 1 = start 
# anything else = don't start 
START_KNOCKD=1 

# command line options 
KNOCKD_OPTS="-i eth0"

Client side

Linux

You should install knockd on the client too.
knock -v 192.168.1.250 7000 8000 9000

Windows

Download this: SourceForge-KnockKnock
You sould read the README.txt
KnockKnock.zip - archive containing all files
|- Shortcut to KnockKnock - Shortcut to knock client
|
|- Shortcut to KnockMonitor - Shortcut to knock server

©2021 Peanutstick's Blog

Built with Hexo and 3-hexo theme