[svlug] knock knock

Kim kim at linuxpuppy.net
Tue Oct 14 15:40:03 PDT 2003


Well, after shooting my mouth off the other day about doing a write up on port 
knocking, I did a little googling and found there is already a wealth of info 
and code thats way more comprehensive than I could ever write.

A good place to start is at this Linux Journal article:

http://www.linuxjournal.com/article.php?sid=6811

Good info and links to code.

So, in order to save face and contribute at least something to the topic, here 
is a way to implement port knocking if your not using IP filtering and are 
hidden behind a NAT box. This works with my Linksys router. YMMV if you are 
using a different router.

Since all the code I've seen is based around tailing the firewall log and 
watching for the secret knock, you need to get the log from the Linksys onto 
the computer that is 'listening' .

Some poking around found a neat little program called linksysmon.

http://woogie.net/linksysmon/

It's very easy to install and has all the info in the INSTALL file to set your 
Linksys to send its connection log to a host on your LAN.

After a few minutes of twiddling, there is now a /var/log/linksys.log file 
being written that can be used by a listening daemon or script.

Thanks Brian for pointing me to PK, its a nifty trick I'll defiantly keep in 
my Cool-Tools box.

Peace;

Kim








More information about the svlug mailing list