Index
Subject
: Re: LUG: RoadRunner residential subnet mask IP filtering
From
: Richard Carter <rwcarter@ncsu.[redacted]>
Date
: Wed, 23 Dec 2009 20:35:58 -0500
Parent
I can't find one article that I'm thinking of, but this will do:
http://www.commandlinefu.com/commands/view/2785/port-knocking
Looks like it's pretty simple in Linux, provided that you install knockd. I know I've seen a non-knockd command sequence too, but I can't find it right now (can anyone else think of something like that?). On Windows, however, I'm not quite sure what you would use.
This actually sounds like the perfect use for a Java applet. This kind of thing would be very easily implemented in an applet; that way, no matter the system, no downloading or installing would be necessary; just open the web page with the applet, type in your IP address and knock sequence, and hit a button and then connect via ssh. Anyone care to write it? :)
As far as actually setting up port knocking on your system, you can do it with only iptables (do a google search for port knocking iptables) or use the above-mentioned knockd daemon.
Also, on a whim, I tried
http://www.portknocking.org/
and it exists. Check that out for additional information, though it's several years old.
On Wed, Dec 23, 2009 at 9:38 AM, Daniel Underwood
<
daniel.underwood@ncsu.[redacted]
>
wrote:
Richard, thanks for the info. I'll definitely look at the arin stuff.
I'm familiar with only the concept of port-knocking, not the
implementation. The reason I didn't investigate this option is because
I presumed it would be difficult to configure on some client machines
on-the-go. Whereas using the VPN only requires logging in and
establishing a connection, port knocking would require me (depending on
the client OS) to program the knocking sequence. Maybe that's not
difficult, but I presumed it was. Any comments or thoughts?
--
Replies
: