Keep your ports open - for yourself.
Port knocking: a stealthy system for network authentication across closed ports
Port Knocking has not been seen on TV
port knocking > faq > implementations

FAQ

Perl prototype: v0.30

  • pcaplib support added; daemon no longer requires firewall log file

2004-Nov-14 18:59 | ...more

new Net::Pcap support added to sniff packets directly ...more

What kind of implementations of Port Knocking exist?

There is a Perl prototype which implements the proof of concept of port knocking. The bulk of this code is detailed in the June 2003 SysAdmin article. Both a client (knockclient) and a server (knockdaemon) are implemented. The prototype is not designed to be used in a production environment. The server implementation monitors the firewall log file for connection attempts. Flexible log format files are supported by defining regular expressions which extract fields of interest. Using a configuration file, which governs what actions are taken when a knock is detected, the server can be programmed to react in an arbitrary way.

In addition to the prototype, there are many other implementations.

How is Port Knocking licensed?

All code is licensed under GPL. The conceptual method is not under any license. A number of individuals have implemented home-grown security systems very similar to port knocking (see above).

last updated 2004-Dec-31 19:35
Port Knocking (c) 2002-2014 Martin Krzywinski