Port Knocking

Показать описание

I came across this today and thought it to be an interesting concept.
Security through obscurity at best, but I'd say it's a million times better than just having SSH open to the internet. It's a great method for nearly removing port scanning as a vulnerability.

I'm using knockd by Judd Vinet.

Steven Polley

Рекомендации по теме

Комментарии

I was reading a white paper and not really understanding port knocking so I appreciate your easy to follow explanation and example. I get it now. Thanks.

vaughnpeterson

I would imagine the commonly pointed out vulnerability to this is that it's essentially a clear text password... but it's more than that. It hides ports from port scans while still having them obscurely available. A person could also easily implement a ratcheting system in which as soon as the SSH port is opened, an SSH session is established and the client can then ratchet the ports the server listens to using randomized values, which would be sent over the SSH tunnel. This would then mean the next time that client "knocks" the secret would still be safe and secure. The number of ports in the sequence could also be significantly increased for additional security. Having three ports allows for 281, 462, 092, 005, 375 possibilities. (281 trillion). Increasing to four ports allows for 18, 445, 618, 199, 572, 250, 625 (18.4 quintillion), the increase is exponential.

WDZSuperRaWR

Great video Steven. Thanks. I stumbled across port knocking a few years ago at at DefCon convention at Las Vegas and always found it a fascinating concept. Critics indicate that sniffers on any segment could witness and replay the port knock sequence but there would still be the hurdle of authenticating or even port security so it's not a lost cause.

zzsql

Cool and clear explanation, thanks bro.

amigator

Hey, thanks for the sharing. I came across this technique long time ago, but still can't get better understanding. Nevertheless, this video of yours is taking me closer to understand the concept.

muhdshamashraffmaskan

Nice Demo. Please do an episode on how to create these back doors.

sowmithgantla

Thanks, simple explanation. BTW, "No ones really going to watch this." I'm an aspiring hacker, and I'm watching...

Gravitized

Port Knocking

Port Knocking (Network Security Technique) Explained and Demoed in 5 Minutes!

Port Knocking Attack | Ryan's CTF [17] Knock-Knock FINALE

Port knocking with MikroTik

Python Port Knocking

Mikrotik port Knocking

Port Knocking

1-Stream | Admin Panel - Port Knocking

What is Port Knocking?

Firewall Port Knocking erklärt - Zugriff nur mit Kombination - RouterOS

How to Secure your SSH & FTP servers using Port Knocking

[CENTOS] Port Knocking (Aprire le porte sul firewall a richiesta)

Linux Firewall Ports öffnen durch anklopfen (Port knocking) mit Ubuntu - IT Sicherheit

Port Knocking Step by Step - Mikrotik RouterOS v6 & 7

How to obscure open ports with knockd

Port Knocking

Port Knocking & Scanner Detection - Mikrotik Firewall Ep 3

knock command for the Port Knocking

How to open/close windows port via knockd and openssh

Port Knocking & Wireshark Packet Analysis | Moria Vulnhub CTF Walkthrough solution

Mikrotik - Port Knocking

TIL about port knocking. If you want access to a closed port, you need to hit the server ports i...

My SSH in Paranoid Mode: Port-Knocking + Latch + TOTP

Make your server invisible with OpenVPN or port knocking

¿Qué es el PORT KNOCKING? - Explicado con un Ejemplo #SHORTS