Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Next revision
Previous revision
tools:fwknop [2022/08/28 15:18] – created darrontools:fwknop [2023/01/20 20:16] (current) – [Server] darron
Line 1: Line 1:
 ====FWKNOP==== ====FWKNOP====
 +
 +Single Packet Authorization (SPA) Port Knocking.
 +
 +Port knocking is used to alter packet filter rules on a host
 +dependant upon a packet encrypted with a secret key delivered to that host.
 +
 +It can be used to open a normally closed port to an SSH server
 +from a single host for a limited time duration.
 +
 +===Server===
 +
 +==IPtables==
 +
 +<code>
 +iptables -t filter -A INPUT -i eth0 -p tcp --syn --destination-port 22 -j REJECT --reject-with icmp-port-unreachable
 +</code>
 +
 +==FWKNOP==
 +
 +==Install==
 +
 +<code>
 +apt install fwknop-server
 +</code>
 +
 +==Run==
 +<code>
 +/usr/sbin/fwknopd
 +</code>
 +
 +==access.conf==
 +
 +<code>
 +SOURCE: ANY
 +OPEN_PORTS: tcp/22
 +KEY: XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
 +FW_ACCESS_TIMEOUT: 60
 +</code>
 +
 +==fwknop.conf==
 +
 +<code>
 +PCAP_INTF eth0;
 +</code>
 +
 +===Client===
 +
 +==Install==
 +
 +<code>
 +apt install fwknop-client 
 +</code>
 +
 +==.fwknoprc==
 +
 +<code>
 +[default]
 +
 +[hostname]
 +SPA_SERVER      x.x.x.x
 +ACCESS          tcp/22
 +ALLOW_IP        resolve
 +KEY             XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
 +</code>
 +
 +==.ssh/config==
 +
 +<code>
 +Match host hostname exec "fwknop -n hostname && sleep 0.5"
 +</code>
  
 ===Resources=== ===Resources===
  
 [[https://www.cipherdyne.org/fwknop/|Home page]] [[https://www.cipherdyne.org/fwknop/|Home page]]