Port Knocking

View the port knocking config 

cat /etc/knockd.conf

Output will look something like this
[options]
 logfile = /var/log/knockd.log
 interface = ens31[openSSH]
 sequence = 581,280,909 
 seq_timeout = 5
 start_command = /sbin/iptables -I INPUT -s %IP% -p tcp --dport 22 -j ACCEPT
 tcpflags = syn[closeSSH]
 sequence = 909,280,581
 seq_timeout = 5
 start_command = /sbin/iptables -D INPUT -s %IP% -p tcp --dport 22 -j ACCEPT
 tcpflags = syn

Port scanning in sequence.

for x in "581 280 909"; do nmap -Pn --max-retries 0 -p $x 10.10.10.10 && sleep 1; done

Re-scan the target

nmap 10.10.10.10

PORT    STATE SERVICE
22/tcp  open  ssh            <-- On the initial scan SSH was not open. Now it is.
80/tcp  open  http
443/tcp open  https
PreviousStrace/LtraceNextScreenshots in Kali

Last updated