knockd – a port-knocking server – setup
knockd – a port-knocking server . It’s amazing and I feel it’s an essential tool to secure the ports.
Here i setup knockd server for Open-SSH in ubuntu
#1: Install Knockd
$ sudo apt-get install knockd
up on installation, you will get a message says knockd is disabled
#2 : First need to configure the files before we start the service , edit knockd.conf file
$ sudo vim /etc/knockd.conf
this is how my file looks like
[options]
UseSyslog
[openSSH]
sequence = 7000,8000,9000
seq_timeout = 5
command = iptables -D INPUT -p tcp –dport 22 -j DROP
tcpflags = syn
[closeSSH]
sequence = 9000,8000,7000
seq_timeout = 5
command = iptables -A INPUT -p tcp –dport 22 -j DROP
tcpflags = syn
#3: Edit /etc/default/knockd file to enable the service
$ sudo vim /etc/default/knockd
my file looks like this
################################################
#
# knockd’s default file, for generic sys config
#
################################################
# control if we start knockd at init or not
# 1 = start
# anything else = don’t start
#
# PLEASE EDIT /etc/knockd.conf BEFORE ENABLING
START_KNOCKD=1
# command line options
KNOCKD_OPTS=”-i eth1″
#4 Start the service
sudo service knockd start #<– start server
sudo service knockd stop #<– stop server
sudo service knockd restart #<– restart server
sudo service knockd status #<– see status server
#5: how to use knock
From client machine try this (you might need to install knockd)
knock -v 192.168.1.2 7000, 8000, 9000
you will see
hitting tcp 192.168.1.1:7000
hitting tcp 192.168.1.1:8000
hitting tcp 192.168.1.1:9000
Whala! now you can ssh into the machine
ssh ajay@192.168.1.1