Differences
This shows you the differences between two versions of the page.
| Both sides previous revisionPrevious revisionNext revision | Previous revision | ||
| tools:fwknop [2022/08/28 15:26] – [FWKNOP] darron | tools:fwknop [2023/01/20 20:16] (current) – [Server] darron | ||
|---|---|---|---|
| Line 4: | Line 4: | ||
| Port knocking is used to alter packet filter rules on a host | Port knocking is used to alter packet filter rules on a host | ||
| - | dependant upon a secret | + | dependant upon a packet |
| It can be used to open a normally closed port to an SSH server | It can be used to open a normally closed port to an SSH server | ||
| from a single host for a limited time duration. | from a single host for a limited time duration. | ||
| - | ===Setup=== | + | ===Server=== |
| - | ==iptables== | + | ==IPtables== |
| < | < | ||
| Line 17: | Line 17: | ||
| </ | </ | ||
| - | ==fwknop== | + | ==FWKNOP== |
| - | __Run__ | + | ==Install== |
| + | |||
| + | < | ||
| + | apt install fwknop-server | ||
| + | </ | ||
| + | |||
| + | ==Run== | ||
| < | < | ||
| / | / | ||
| </ | </ | ||
| - | __access.conf__ | + | ==access.conf== |
| < | < | ||
| Line 33: | Line 39: | ||
| </ | </ | ||
| - | __fwknop.conf__ | + | ==fwknop.conf== |
| < | < | ||
| PCAP_INTF eth0; | PCAP_INTF eth0; | ||
| + | </ | ||
| + | |||
| + | ===Client=== | ||
| + | |||
| + | ==Install== | ||
| + | |||
| + | < | ||
| + | apt install fwknop-client | ||
| + | </ | ||
| + | |||
| + | ==.fwknoprc== | ||
| + | |||
| + | < | ||
| + | [default] | ||
| + | |||
| + | [hostname] | ||
| + | SPA_SERVER | ||
| + | ACCESS | ||
| + | ALLOW_IP | ||
| + | KEY | ||
| + | </ | ||
| + | |||
| + | ==.ssh/ | ||
| + | |||
| + | < | ||
| + | Match host hostname exec " | ||
| </ | </ | ||
