Page 1 of 1

Port knocking: more than one port or sequence

Posted: 13 Apr 2013, 04:25
by argienomad
Hello, and thank you for building this tool that I completely love.

I've been experimenting with Port Knocking and it works perfectly, but just for opening one port server-wide.

Is there a way to define multiple ports to open or different sequences for different ports?

For example: I have a server that acts as a Webmin controller for other servers, and also as a SSH proxy to the same servers. Some of my users would require http access to port 10000 to restart services etc, and other users would connect to the server to port 22 to SCP files on this server or others in the network.

I'd like to define 10000;TCP;20;port1;port2;port3 and 22;TCP;20;por1;port50;port649. Is there some sort of separator to add more than a sequence to that field/variable? Or can I define a range of ports to be opened as 22-10000;TCP;20;etc?

Here's my port knocking helper script. It works like a charm in Mac OS X:

Code: Select all

#!/bin/bash
HOST=$1
shift
for ARG in "$@"
do
        /usr/bin/curl --no-keepalive --connect-timeout 2 -o /dev/null --retry 0 -4fs http://$HOST:$ARG
done
I call it k and invoke it with "k hostDotCom port port port" right before ssh'ing or whatever I need to do.

Thanks in advance.
Cheers,
Argie

Re: Port knocking: more than one port or sequence

Posted: 13 Apr 2013, 15:48
by argienomad
Commas! That magical little low-hanging friend.

I started experimenting with what I saw throughout the rest of the config file, an it turns out this works:
10000;TCP;20;port1;port2;port3,22;TCP;20;port1;port50;port649 (notice the comma between port3 and 22)

Now I can have a totally stealth server with nothing interesting/tempting to show to the outside world, that I can access and use whenever I want.

Have fun!
Argie