port knocking
Hi there,
doorman is core dumping and not working properly. could somebody please recommend a good port knocker? Cheers, Noah -- ubuntu-users mailing list ubuntu-users@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users |
port knocking
Noah a écrit :
> Hi there, > > doorman is core dumping and not working properly. could somebody please > recommend a good port knocker? > > Cheers, knockd -- Léa Gris - http://www.noiraude.net/ () Campagne du ruban texte brut contre les courriels en HTML, / contre les pièces jointes dans un format propriétaire. Contre les DRMs appelez le : 09f911029d74e35bd84156c5635688c0 -- ubuntu-users mailing list ubuntu-users@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users |
port knocking
Em Thursday 27 December 2007 20:14:42 Noah escreveu:
> Hi there, > > doorman is core dumping and not working properly. could somebody please > recommend a good port knocker? > I use fwlogwatch to block IPs based on access to non-permitted ports. Since it lets you use your own script upon activation, you can do pretty much anything with it (including opening ports). It should be simple enough to start from the default blocking rules to add an opening rule. regards FF -- ubuntu-users mailing list ubuntu-users@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users |
port knocking
okay I like knockd. the knockd.conf example file I have only shows a
sequence to TCP ports. how do I only accept a sequence UDP packets on a particular port? Cheers, Noah Lea Gris wrote: > Noah a écrit : >> Hi there, >> >> doorman is core dumping and not working properly. could somebody please >> recommend a good port knocker? >> >> Cheers, > > knockd > > > -- ubuntu-users mailing list ubuntu-users@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users |
port knocking
Noah a écrit :
> okay I like knockd. the knockd.conf example file I have only shows a > sequence to TCP ports. > > how do I only accept a sequence UDP packets on a particular port? See man knockd Example #2 > Example #2: > This example uses a single knock to control access to port 22 > (SSH). After receiving a successful knock, the daemon will run > the start_command, wait for the time specified in cmd_timeout, > then execute the stop_command. This is useful to automatically > close the door behind a knocker. The knock sequence uses both > UDP and TCP ports. > [options] > logfile = /var/log/knockd.log > [opencloseSSH] > sequence = 2222:udp,3333:tcp,4444:udp > seq_timeout = 15 > tcpflags = syn,ack > start_command = /usr/sbin/iptables -A INPUT -s %IP% -p tcp -- syn -j ACCEPT > cmd_timeout = 5 > stop_command = /usr/sbin/iptables -D INPUT -s %IP% -p tcp -- syn -j ACCEPT Basically, an UDP only sequence would be like: sequence = 2222:udp,3333:udp,4444:udp Regards, -- Léa Gris - http://www.noiraude.net/ () Campagne du ruban texte brut contre les courriels en HTML, / contre les pièces jointes dans un format propriétaire. Contre les DRMs appelez le : 09f911029d74e35bd84156c5635688c0 -- ubuntu-users mailing list ubuntu-users@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users |
| All times are GMT. The time now is 01:28 AM. |
VBulletin, Copyright ©2000 - 2013, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.