Jump to content
Versus71

knockd - a port-knocking server

Recommended Posts

Posted

ibx6tcaFLmcAmD.jpg

knockd is a port-knock server. It listens to all traffic on an ethernet (or PPP) interface, looking for special "knock" sequences of port-hits. A client makes these port-hits by sending a TCP (or UDP) packet to a port on the server. This port need not be open -- since knockd listens at the link-layer level, it sees all traffic even if it's destined for a closed port. When the server detects a specific sequence of port-hits, it runs a command defined in its configuration file. This can be used to open up holes in a firewall for quick access.

Options:

-i, --interface <int>
Specify an interface to listen on. The default is eth0.

-d, --daemon
Become a daemon. This is usually desired for normal server-like operation.

-c, --config <file>
Specify an alternate location for the config file. Default is /etc/knockd.conf.

-D, --debug
Ouput debugging messages.

-l, --lookup
Lookup DNS names for log entries. This may be a security risk! See section SECURITY NOTES.

-v, --verbose
Output verbose status messages.

-V, --version
Display the version.

-h, --help
Syntax help.

Download:

http://www.zeroflux.org/projects/knock

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.



×
×
  • Create New...