My freshmeat project
Startup scripts for linux: client | server
What the hell is port knocking?
Port knocking describes a method of establishing a connection to a networked computer with no open port.
Ports are opened with the use of port knock sequences: a series of connection attempts to a series of
closed and logged ports. A remote user possessing the authentication secret which generates knock
sequences manipulates the server's firewall rules to render specific ports open. The manipulations
are mediated by a server-side port knock daemon which monitors the firewall log file for correctly
formatted knock sequences. Once the desired ports are opened, the user can establish a connection and
begin their session. Another knock sequence is used to close the port.
Text from Martins site
The initial inspiriation for my project was an article on Slashdot.
The general idea and first implementation appears to have come from Martin Krzywinski.
I implemented the port knocking theme in Java using both blocking and non-blocking sockets. The code currently
supports what I call an -active- mode, wherein a single port is opened (the first port in the sequence) to listen for
initial connections. If a connection is received then the second port is opened and a connection from the initiator is
listened for.. this continues until the sequence is completed. A final port is opened if the same initiator has
successfully completed the sequence, this is the port that used as a tunnel or end-point for their requested service.
I am working on the -passive- mode right now and hope to be finished soon.. work, school, and family allowing.
Links
My freshmeat project
Startup scripts for linux: client | server