0x29A.0.gnu/linux.1010011010.0.*foobar.: .knockd.

Wednesday, February 18, 2009

.knockd.

## (to) knock; knockd. however, that `d' comes from `daemon'.

% echo -e 'e.g.,\n'

% iptables -L -n
Chain INPUT (policy DROP)
target prot opt source destination
ACCEPT tcp -- foo.bar.qux.def 0.0.0.0/0 tcp dpt:22
DROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:22

% cat /etc/knockd.conf
[openSSH]
sequence = foobar,def,plugh,fred,xyzzy,thud
seq_timeout = 5
command = /sbin/iptables -I INPUT -s %IP% -p tcp --dport 22 -j ACCEPT
tcpflags = syn

[closeSSH]
sequence = thud,def,fred,foobar,xyzzy,plugh
seq_timeout = 5
command = /sbin/iptables -D INPUT -s %IP% -p tcp --dport 22 -j ACCEPT
tcpflags = syn

% knock -v foo.bar.qux.quux foobar def plugh fred xyzzy thud

% echo 'however, knocks can be sent via netcat, hping, packit, etc.'

% echo 'open_port command executed @foo.bar.qux.def.'
% echo 'do sleep 16; while job_done; done...'

% knock -v foo.bar.qux.quux thud def fred foobar xyzzy plugh

% echo 'close_port command now executed @specific.host. all set. w00t!'

n.b.
#01. {def,foobar,fred,plugh,thud,xyzzy} == (tcp || udp) ports.
#02. use as many as you want... anyway, 3 should be just fine (read as `secure').

 .
..:

6 comments:

Anonymous said...: Oi. Start writing. Can't leave your blog dead and Identica frozen. Reach out and choke someone.; October 29, 2009 at 8:40 PM
haha said...: 心靈補手。休憩園地 ROM 兩性生活討論區品味生活討論區女人女人。玩美論壇孤獨之詩★文學藝術論壇 cute99！可愛女人幫 Z頻道＊戶外休閒論壇亞特蘭提斯。ACG論壇風流人生＊男仕論壇清境生活綜合討論區左岸咖啡休閒網 168休閒館流星花園生活情報網 Nt.Sec潮流網歡樂天堂生活網可愛女人家男人味論壇秋萍文學網小丸子娛樂休閒網夢想家休閒論壇花花世界論壇天上人間生活網浪琴女人天地伊勒生活網潘妮女性休閒網巴莎咪卡生活網快樂媽媽討論區 ~斑鳩的家~休閒論壇追夢人生休閒論壇輝煌年代★創意生活網日月星休閒網雄霸天下☆休閒論壇 ⊕鳶尾花⊕生活休閒網朵莉流行網 ☆星宿海☆生活秘笈網 e日茶休憩小站麥克家族討論區巴黎夢想家幻想倉庫網 55888男性休閒論壇永富人生網酷炫潮流網愛情派對交流網微風頻道~居家討論區訊息倉庫番 396生活資訊網嘮嘮叨叨分享論壇模範世家~生活休閒網圓桌武士生活交流網 G頻道~數位論壇易富網~財富論壇 858女性生活網 e時代新潮文化網紫之海~葡萄網伊達生活趣味網樂活島生活休閒論壇 ☆殘酷天使☆生活論壇奧雷特⊕活力補給站永恆的優雅☆女性時尚論壇硬漢人生★男士風格網殺很大~生活休閒網地球世界村文化交流網關鍵報告~生活交流網斷翼天使☆夢想交流網 HomeZ！網路交流網科技時尚男性論壇台灣新人類~生活論壇長恨歌◇文學分享論壇 101女性風尚論壇領導者商務生活網; November 18, 2009 at 8:06 AM
Anonymous said...: This comment has been removed by a blog administrator.; December 8, 2009 at 4:20 PM
rtfgvb7833 said...: IS VERY GOOD..............................; April 2, 2010 at 12:19 PM
masaj erotic said...: Felicitari in primul rand pentru blog,este o munca depusa eficient,in al doilea rand pentru minunatele postari...mi se pare foarte interesant. succes si sa munciti cu cel putin acelasi simt de raspundere pe viitor; November 7, 2011 at 10:44 PM
adirau said...: wtf jula, ti-au raspuns chinezii si curvele. fii atent (re, knockd): http://ingles.homeunix.net/software/ost/ noi fol. ostiary ptr ssh; December 13, 2012 at 4:03 PM

Subscribe to: Post Comments (Atom)

Creative Commons Licence [Some Rights Reserved]

Ionuț Jula :: licensed for reuse under this Creative Commons Licence.

                            Some rights reserved. | Creative Commons Attribution-Share Alike 3.0 Unported License.
 .
..: