Taylor Cody L Contractor 502 AOS/PETS wrote:
I thought this was a good article. Port knocking sounds like a neat and
simple solution to shut down as many ports as possible when they are not in
use. At least for a small office or a home network.
-Cody
An introduction to how trusted users can manipulate firewall rules to
transmit information across closed ports.
http://www.linuxjournal.com/article.php?sid=6811
I haven't tried it yet, but one could presumably do really cool, similar stuff
entirely in kernel space with iptables and some various matches.
For example, the recent match combined with, say, a string match. This could
simplify setup by not requiring complex log monitoring daemons to see the
"knock" and modify the ruleset to open ports.
--MonMotha
