# Port Knocking

#### View the port knocking config 

```
cat /etc/knockd.conf

Output will look something like this
[options]
 logfile = /var/log/knockd.log
 interface = ens31[openSSH]
 sequence = 581,280,909 
 seq_timeout = 5
 start_command = /sbin/iptables -I INPUT -s %IP% -p tcp --dport 22 -j ACCEPT
 tcpflags = syn[closeSSH]
 sequence = 909,280,581
 seq_timeout = 5
 start_command = /sbin/iptables -D INPUT -s %IP% -p tcp --dport 22 -j ACCEPT
 tcpflags = syn 
```

#### Port scanning in sequence.

```
for x in "581 280 909"; do nmap -Pn --max-retries 0 -p $x 10.10.10.10 && sleep 1; done
```

#### Re-scan the target

```
nmap 10.10.10.10

PORT    STATE SERVICE
22/tcp  open  ssh            <-- On the initial scan SSH was not open. Now it is.
80/tcp  open  http
443/tcp open  https
```