Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision
Previous revision
tools:fwknop [2022/08/28 15:22] – [FWKNOP] darrontools:fwknop [2023/01/20 20:16] (current) – [Server] darron
Line 4: Line 4:
  
 Port knocking is used to alter packet filter rules on a host Port knocking is used to alter packet filter rules on a host
-dependant upon a secret packet delivered to that host.+dependant upon a packet encrypted with a secret key delivered to that host.
  
-It can be used to open a port to an SSH server from a single +It can be used to open a normally closed port to an SSH server 
-host. This opening will occur for a limited time period to +from a single host for a limited time duration. 
-allow authentication. After a fixed duration. the port is then closed + 
-to world as it was originally.+===Server=== 
 + 
 +==IPtables== 
 + 
 +<code> 
 +iptables -t filter -A INPUT -i eth0 -p tcp --syn --destination-port 22 -j REJECT --reject-with icmp-port-unreachable 
 +</code> 
 + 
 +==FWKNOP== 
 + 
 +==Install== 
 + 
 +<code> 
 +apt install fwknop-server 
 +</code> 
 + 
 +==Run== 
 +<code> 
 +/usr/sbin/fwknopd 
 +</code> 
 + 
 +==access.conf== 
 + 
 +<code> 
 +SOURCE: ANY 
 +OPEN_PORTS: tcp/22 
 +KEY: XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX 
 +FW_ACCESS_TIMEOUT: 60 
 +</code> 
 + 
 +==fwknop.conf== 
 + 
 +<code> 
 +PCAP_INTF eth0; 
 +</code> 
 + 
 +===Client=== 
 + 
 +==Install== 
 + 
 +<code> 
 +apt install fwknop-client  
 +</code> 
 + 
 +==.fwknoprc== 
 + 
 +<code> 
 +[default] 
 + 
 +[hostname] 
 +SPA_SERVER      x.x.x.x 
 +ACCESS          tcp/22 
 +ALLOW_IP        resolve 
 +KEY             XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX 
 +</code> 
 + 
 +==.ssh/config== 
 + 
 +<code> 
 +Match host hostname exec "fwknop -n hostname && sleep 0.5" 
 +</code>
  
 ===Resources=== ===Resources===
  
 [[https://www.cipherdyne.org/fwknop/|Home page]] [[https://www.cipherdyne.org/fwknop/|Home page]]