ServerWatch: Tip of the Trade: Knockd
Aug 10, 2006, 07:30 (9 Talkback[s])
(Other stories by Carla Schroder)
"Port-knocking has long been kicked around as a nearly
fool-proof tactic for keeping intruders out of the network, while
unfailingly allowing only legitimate connections. It works like
this: The 'secret knock' daemon listens on a network interface for
a specific sequence of 'knocks,' or port hits. The client 'knocks'
by sending TCP or UDP packets to certain ports on the server. You
don't need to leave any ports open for this work, because the
daemon listens at the link-layer level. When the 'secret knock'
daemon detects the correct sequence of port hits, opens a port, and
allows incoming traffic..."