You are here: start » tools » fwknop

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
tools:fwknop [2022/08/28 15:23] – [FWKNOP] darrontools:fwknop [2023/01/20 20:16] (current) – [Server] darron
Line 4: Line 4:
  
 Port knocking is used to alter packet filter rules on a host Port knocking is used to alter packet filter rules on a host
-dependant upon a secret packet delivered to that host.+dependant upon a packet encrypted with a secret key delivered to that host.
  
 It can be used to open a normally closed port to an SSH server It can be used to open a normally closed port to an SSH server
 from a single host for a limited time duration. from a single host for a limited time duration.
 +
 +===Server===
 +
 +==IPtables==
 +
 +<code>
 +iptables -t filter -A INPUT -i eth0 -p tcp --syn --destination-port 22 -j REJECT --reject-with icmp-port-unreachable
 +</code>
 +
 +==FWKNOP==
 +
 +==Install==
 +
 +<code>
 +apt install fwknop-server
 +</code>
 +
 +==Run==
 +<code>
 +/usr/sbin/fwknopd
 +</code>
 +
 +==access.conf==
 +
 +<code>
 +SOURCE: ANY
 +OPEN_PORTS: tcp/22
 +KEY: XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
 +FW_ACCESS_TIMEOUT: 60
 +</code>
 +
 +==fwknop.conf==
 +
 +<code>
 +PCAP_INTF eth0;
 +</code>
 +
 +===Client===
 +
 +==Install==
 +
 +<code>
 +apt install fwknop-client 
 +</code>
 +
 +==.fwknoprc==
 +
 +<code>
 +[default]
 +
 +[hostname]
 +SPA_SERVER      x.x.x.x
 +ACCESS          tcp/22
 +ALLOW_IP        resolve
 +KEY             XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
 +</code>
 +
 +==.ssh/config==
 +
 +<code>
 +Match host hostname exec "fwknop -n hostname && sleep 0.5"
 +</code>
  
 ===Resources=== ===Resources===
  
 [[https://www.cipherdyne.org/fwknop/|Home page]] [[https://www.cipherdyne.org/fwknop/|Home page]]