Librenix  
(Show all Tutorial articles . . .
)  
Headlines | Linux | Apps | Coding | BSD | Admin | News
Information for Linux System Administration 

Tutorial: Make a Stealth Server with Port Knocking

Up
vote
Down

Hide your secret SSH server (or whatever) and only open the port after the secret knock. This is a clever solution for private or login-required servers. [This article has been up a few months but is well worth a look. -Ed.]
Open ports remain a necessary vulnerability: they allow connections to applications but also may turn into open doors for attack. This article presents a new security system, termed port knocking, in which trusted users manipulate firewall rules by transmitting information across closed ports.

Briefly, users make connection attempts to sequences of closed ports. The failed connections are logged by the server-side packet filtering firewall and detected by a dæmon that monitors the firewall log file. When a properly formatted knock sequence, playing the role of the secret used in the authentication, is received, firewall rules are manipulated based on the information content of the sequence. This user-based authentication system is both robust, being mediated by the kernel firewall, and stealthy--it's not possible to detect whether a networked machine is listening for port knocks. Port knocking does not require any open ports, and it can be extended to transmit any type of information encoded in a port sequence.
 read more | mail this link | score:7981 | -Ray, February 6, 2004
More Sysadmin articles...

Buy Large Wall Art Prints

Selected articles

Testing the Digital Ocean $5 Cloud Servers with an MMORPG

Microsoft to push unlicensed users to Linux

Space Tyrant: A threaded C game project: First Code

Hacker Haiku

Why Programmers are not Software Engineers

Graffiti Server Download Page

The life cycle of a programmer

 

Firefox sidebar

Site map

Site info

News feed

Features

Login
(to post)

Search

 
Articles are owned by their authors.   © 2000-2012 Ray Yeargin