0x29A.0.gnu/linux.1010011010.0.*foobar.

|_&&']['20/22.#4[x3/2.|*#!1050|*#`/. gnu/linux; *nix. c 1 9 being redirected to /dev/null. issues to null@altair.uni.cx. *alt*.serving./at/.`{altair,algol,antares,arcturus,aldebaran,spica,ceti,vega,fomalhaut,rigel,sirius}./dot/.uni./dot/.cx'. ---- this blog still exists only for historical evidence (to my embarrassment). some of the non-laughable "articles" can be read at altair.uni.cx/growl/. :wq.

Wednesday, February 18, 2009

.knockd.

## (to) knock; knockd. however, that `d' comes from `daemon'.

% echo -e 'e.g.,\n'

% iptables -L -n
Chain INPUT (policy DROP)
target prot opt source destination
ACCEPT tcp -- foo.bar.qux.def 0.0.0.0/0 tcp dpt:22
DROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:22

% cat /etc/knockd.conf
[openSSH]
sequence = foobar,def,plugh,fred,xyzzy,thud
seq_timeout = 5
command = /sbin/iptables -I INPUT -s %IP% -p tcp --dport 22 -j ACCEPT
tcpflags = syn

[closeSSH]
sequence = thud,def,fred,foobar,xyzzy,plugh
seq_timeout = 5
command = /sbin/iptables -D INPUT -s %IP% -p tcp --dport 22 -j ACCEPT
tcpflags = syn

% knock -v foo.bar.qux.quux foobar def plugh fred xyzzy thud

% echo 'however, knocks can be sent via netcat, hping, packit, etc.'

% echo 'open_port command executed @foo.bar.qux.def.'
% echo 'do sleep 16; while job_done; done...'

% knock -v foo.bar.qux.quux thud def fred foobar xyzzy plugh

% echo 'close_port command now executed @specific.host. all set. w00t!'

n.b.
#01. {def,foobar,fred,plugh,thud,xyzzy} == (tcp || udp) ports.
#02. use as many as you want... anyway, 3 should be just fine (read as `secure').
 .
..:
Posted by ionuț jula at 2:04:00 AM submit to reddit
Labels: ,

7 comments:

Anonymous said...

Oi. Start writing. Can't leave your blog dead and Identica frozen. Reach out and choke someone.

October 29, 2009 at 8:40 PM
Anonymous said...
This comment has been removed by a blog administrator.
December 8, 2009 at 4:20 PM
masaj erotic said...

Felicitari in primul rand pentru blog,este o munca depusa eficient,in al doilea rand pentru minunatele postari...mi se pare foarte interesant. succes si sa munciti cu cel putin acelasi simt de raspundere pe viitor

November 7, 2011 at 10:44 PM
adirau said...

wtf jula, ti-au raspuns chinezii si curvele. fii atent (re, knockd): http://ingles.homeunix.net/software/ost/ noi fol. ostiary ptr ssh

December 13, 2012 at 4:03 PM
Unknown said...

This tutorial on knockd was really informative Ionut. Thanks a lot for sharing it with us. We make some Python tutorials as well that may benefit your readers at https://www.linkedin.com/company/firebox-training

August 4, 2014 at 7:36 AM
impotence said...

What's up, this weekend is fastidious in favor of me, since this occasion i am reading this great educational post here at my residence.

November 25, 2020 at 5:06 AM
erectile dysfunction pills said...

I got this web site from my friend who informed me on the topic of this website and at the moment this time I am browsing this web page and reading very informative articles or reviews at this time.

November 25, 2020 at 5:23 AM

Post a Comment

Subscribe to: Post Comments (Atom)

; about::fdd.

My photo
twin peaks, 42 milky way, sol system, earth, United States
-----BEGIN GEEK CODE BLOCK----- GCS/E/IT/L/M/MU/P/S/TW/ dpu s:- a-- C++++(+++) UBHLSV++++ P---(P-) L+++++ E++(+++) W+++ N++++ o+++ K++++++ w O+ M-- V-- PS+++ PE/++ Y+++ PGP++++ t+++/* 5++>++++ X++++ R++@ !tv b++++ DI+++@ D++(+++) G+++++ e* h+>++ !r y**. ma+ k++ F3 X+++ ------END GEEK CODE BLOCK------

; blog.archive.

; labels.

Creative Commons Licence [Some Rights Reserved]Ionuț Jula :: licensed for reuse under this Creative Commons Licence.
                            Some rights reserved. | Creative Commons Attribution-Share Alike 3.0 Unported License.
 .
..: