Comments on: How to safely connect from anywhere to your closed Linux firewall

By: My Personal Blog » Blog Archive » How to safely connect from anywhere to your closed Linux firewall | MDLog:/sysadmin

Sat, 03 Jul 2010 23:00:30 +0000

[...] How to safely connect from anywhere to your closed Linux firewall | MDLog:/sysadmin: “In general all the great ideas are the simple ones. Many times we see a great idea in practice and we wander why didn’t we thought of that before? It is just so simple… The first time I have seen the knockd project I liked it instantly. The idea is so simple, and though so effective. Knockd is a port-knocking application that silently runs on a server passively listening to network traffic. Once it will see a port sequence it has an action configured for it, it will run that action. We can see this as a remote control to our server: once we hit the right button it will take the appropriate action!” Filed under: Tech Stuff | Permalink [...]

By: mazziblog » Blog Archive » knock knock

mazziblog » Blog Archive » knock knock — Thu, 29 May 2008 20:19:39 +0000

[...] [Link ] [...]

By: Debian SSH Problems | etbe

Debian SSH Problems | etbe — Sun, 18 May 2008 08:08:43 +0000

[...] of packets (from this host). For example SYN packet on ports 1000, 2000, 3000, 4000. More on: http://www.ducea.com/2006/07/05/how-to-safely-connect-from-anywhere-to-your-closed-linux-firewall/ Package is included in Debian, work very well. Not recommended on weak machines with lots of [...]

By: Linux: What Is Port Knocking? | Hackosis

Linux: What Is Port Knocking? | Hackosis — Sun, 20 Jan 2008 00:03:12 +0000

[...] has written a tutorial if you are interested in implementing port knocking. Tags: Linux, Networking, Open source, Port knocking, Security Like this post? Subscibe [...]

By: Corran

Corran — Thu, 29 Nov 2007 21:40:38 +0000

I use it, as some has stated, as an EXTRA layer of security for production servers. I have locked SSH, and to open it I have to do the knockd-sequence to at all open SSH. Thus – it is not “false security” – it is extra. I change the sequence at random, but since I still believe in SSH-security, I wouldn’t quite mind if someone sniffs it either. It’s like using greylisting at an smtp gateway – it is not security I use it for, but nmap-scanners can’t see my SSH port at all. And that means that maybe I have saved a few nasty OpenSSH-bugs. Only time will tell.

By: Top Linux News » How to safely connect from anywhere to your closed Linux firewall

Sat, 17 Nov 2007 13:09:49 +0000

[...] read more | digg story [...]

By: clsox

clsox — Mon, 05 Nov 2007 10:34:06 +0000

iam thinking… maybe you need linux system to enter… What occurs if the is a windows or something other operating system…?

thanks

I will try out this

By: New Linux User » Geeky Fun: Knockd

New Linux User » Geeky Fun: Knockd — Tue, 23 Jan 2007 02:47:19 +0000

[...] In this example, Marius uses knockd to modify his iptables when he pings ports 7000, 8000, and 9000 in sequence. The modification involves adding the IP address that the pings came from to allow that IP to SSH into the system. When he’s done, he pings the ports in reverse order and knockd then removes that IP’s access. This allows him to keep his box secure by not allowing anyone except a single internal IP to SSH in except for the brief period of time when he uses knockd to change that. Bloody brilliant. [...]

By: me

me — Sat, 30 Dec 2006 13:56:37 +0000

sounds like a safe. you dail 5647,3456,2746 and the safe show all his nice secrets.

but remember: http://web.mit.edu/kvogt/www/safecracker.html

By: Linux Unix » How to safely connect from anywhere to your closed Linux firewall

Fri, 01 Sep 2006 12:45:05 +0000

[...] The idea is so simple, and though so effective. Knockd is a port-knocking application that silently runs on a server passively listening to network traffic. Once it will see a port sequence it has an action configured for it, it will run that action. Once we hit the right button it will take the appropriate action!read more | digg story [...]