Definiton

Portknocking is one method in network security used to open a closed port or open access to firewall and permit knocker enter into port by passing selected packet to selected server/firewall.

The Methode

  • use the key coats combination to protect a communications port.
  • Key of knocking port system is itself communications ports. The way to open the key is by accessing designedly some communications ports that truely closed.
  • When some communications ports accessed with selected combination, will open a new communications port and you are free to enter.
  • For example, to open the port 22 ( communications port for remote login application SSH ), you must “knock” port of 450, 360, 270, 180. When you enter correct combination in a selected time, port 22 will open like you wish

The advantages

Portknocking good for computer user often work outside or network and server administrator to managing server 24 hour everywhere. Port Knocking is remarkable method as a road access to peripherals of their computer.

Port knocking suited for the them that still wish to strengthen the computer security system and peripheral of his network, while still have personal communication into the system and can be done from everywhere.

Personal communications means connection the unopenness generally like SMTP or HTTP. Usually this personal communications have the administrative character and use the services like telnet, SSH, FTP, TFTP, and etc. This Personal communications will be dangerous if done by the others people with no previllege. By using Port knocking, the services will fixed closed to be accessed by public, but can opening by whom which have the combination knock of his port.

Ilustration
before port knocking work

after port knocking work

First illustration : Firewall block packet to SSH [port 22].

Second illustration : Client deliver Packet Knocking to Firewall to Port 100,200,300. Because Firewall have setting Parameter to knocking server, firewall will open the access from client to Server with a purpose to SSH port [port 22].

People Also Read