Linux Today: Linux News On Internet Time.

ServerWatch: Tip of the Trade: Knockd

Aug 10, 2006, 07:30 (9 Talkback[s])
(Other stories by Carla Schroder)

"Port-knocking has long been kicked around as a nearly fool-proof tactic for keeping intruders out of the network, while unfailingly allowing only legitimate connections. It works like this: The 'secret knock' daemon listens on a network interface for a specific sequence of 'knocks,' or port hits. The client 'knocks' by sending TCP or UDP packets to certain ports on the server. You don't need to leave any ports open for this work, because the daemon listens at the link-layer level. When the 'secret knock' daemon detects the correct sequence of port hits, opens a port, and allows incoming traffic..."

Complete Story

Related Stories: