Helping you keep sensitive data accessible and protected.
Port knocking: a stealthy system for network authentication across closed ports
Port Knocking has not been seen on TV
port knocking > details > transfer

Details of Port Knocking Mechanism

Perl prototype: v0.30

  • pcaplib support added; daemon no longer requires firewall log file

2004-Nov-14 18:59 | ...more

new Net::Pcap support added to sniff packets directly ...more

Once you've perused the firewall primer, learn about the details of port knocking here. Ideas about how to use port knocking in simple situations are presented, as well as an outline of how to use encryption to avoid eavesdropping.

information transfer

Information is flowing across closed ports to modify firewall rules. This process can be extended to transfer any kind of information across closed ports and generalizes to the idea of data transfer across closed ports. The data to be transfered can be embedded in a knock, in the following way.

{header} {payload info} {payload} {checksum} {footer}

where each {section} is composed of one or more individual knocks. For example, the {header} and {footer} can be designed to distinguish a data knock from an authentication knock. The {payload info} sequence could store the number of entries in {payload} or some other useful information. The {payload} would be your data stream encoded, and possibly encrypted, into an integer sequence. Finally, {checksum} could be used to contain information which is used to validate the integrity of the received payload.

last updated 2010-Oct-17 10:16
Port Knocking (c) 2002-2017 Martin Krzywinski