
about
firewall primer details knock lab download implementations documentation FAQ images resources contact ![]() ![]()
The port knocking Perl prototype is licensed under the GPL license.
GPL License
![]() |
Firewall PrimerPerl prototype: v0.30
2004-Nov-14 18:59 | ...more new Net::Pcap support added to sniff packets directly ...more
This section introduces the idea of communication ports and firewalls at a very introductory level. If you are familiar with TCP/IP and firewalls, you can skip past this section and go straight to the details of the port knocking implementation. This introduction is not a technical document and is targetted at a non-technical audience or novices computer users and administrators.
port typesThe figures in this introduction depict four different types of ports, each with a different icon.
serverConsider a network server which hosts a number of
network services
The table on the right shows four possible states for any given port. Ports can be either closed or opened as prescribed by the server's firewall configuration, regardless of the presence of any listening applications. Ports can appear open to some computers but not others with the use of firewall-based IP-filtering, described below. The firewall, as in the case of IPCHAINS/IPTABLES on Linux, is mediated by the operating system kernel and controls the flow of communication upstream of any listening applications. Figure 1 shows a server which is running four services and which has no firwall. All ports are open. Remote computers may attempt to connect to all ports and will successfully connect to four ports: ftp/21, smtp/25, http/80 and pop/110. ![]() ![]() ![]()
Figure 1 | A hypothetical internet server running FTP (port 21), mail (SMTP, port 25), web (HTTP, port 80) and POP (port 110) services. POP (Post Office Protocol) is a protocol used by mail clients (e.g., Eudora, pine, Outlook Express, etc). Remote hosts can establish connections to ports that are open (green) and that have listening applications. This server has no firewall and consequently all ports are open. Two of the applications (grey) are not network services and are not listening to ports.
last updated 2004-Apr-05 16:42
|