3
I understand it’s about sending a sequence of requests to a server to unlock a port.
It would then be possible through a browser to activate the port for ssh, for example:
Access servidor.com:80 then the servidor:81 and then the servidor:82 unlocked port 9999 (ssh) for example?
I found the concept interesting, but I’ve never heard of it. Is it widely used? There are similar alternatives?
3
What is Port Knocking?
Port Knocking is known as the act of visiting / knocking / sending data on specific doors, thus allowing another door to be opened after sequence of correct doors have been visited.
Is widely used?
No, because the Port Knocking service introduces several problems to the system that would not exist, ultimately causing more disadvantages than advantages. Among the worst problems, I will quote the SPOF (Single point of Failure - single point failure), which is a problem since most services are designed not to have this type of failure, the problem of Security by obscurantism which leads to the false belief that if the attacker does not know what is attacking will have more difficulties (Note: Although some disagree, I believe it is a form of obscurantism), is being easily reproducible if there is the attack "Man in the Middle" and depending on the mode of implementation is equivalent to a plaintext password.
Alternatives to Port Knocking
The main alternative similar to port knocking is the Shimmer, Always keeping 16 ports online where only one is providing what one really wants, all others provide access to a "fake" service. These 16 doors change every minute, so an attacker has to guess which door is the correct one and be able to penetrate it before the doors change again. For greater security of timing, the minute before and next to the current is also considered, so there are 48 ports - only 3 provide the correct service.
The best alternative to port knocking is a simple 2-factor authentication, which provides a real alternative to the problem that is tested and used by various technology giants.
Links to Depth Study
http://bsdly.blogspot.com.br/2012/04/why-not-use-port-knocking.html
https://en.wikipedia.org/wiki/Port_knocking
https://wiki.archlinux.org/index.php/Port_knocking
https://security.stackexchange.com/questions/1194/port-knocking-is-it-a-good-idea
1
The idea is to "knock" on the right ports and in the right sequence and for this you can use even telnet host:1111; telnet host:2222, telnet host:3333 for example.
Here are some useful articles:
Archlinux Wiki - Port knocking
How to Secure SSH Server using Port Knocking on Ubuntu Linux
Hope I helped, hugs!
Browser other questions tagged linux ssh
You are not signed in. Login or sign up in order to post.