What the hell is port knocking?
Port knocking describes a method of establishing a connection to a networked computer with no open port. Ports are opened with the use of port knock sequences: a series of connection attempts to a series of closed and logged ports. A remote user possessing the authentication secret which generates knock sequences manipulates the server's firewall rules to render specific ports open. The manipulations are mediated by a server-side port knock daemon which monitors the firewall log file for correctly formatted knock sequences. Once the desired ports are opened, the user can establish a connection and begin their session. Another knock sequence is used to close the port.
Text from Martins site
The initial inspiriation for my project was an article on Slashdot.
The general idea and first implementation appears to have come from Martin Krzywinski.
I implemented the port knocking theme in Java using both blocking and non-blocking sockets. The code currently supports what I call an -active- mode, wherein a single port is opened (the first port in the sequence) to listen for initial connections. If a connection is received then the second port is opened and a connection from the initiator is listened for.. this continues until the sequence is completed. A final port is opened if the same initiator has successfully completed the sequence, this is the port that used as a tunnel or end-point for their requested service. I am working on the -passive- mode right now and hope to be finished soon.. work, school, and family allowing.
My freshmeat project
Startup scripts for linux: client | server