Port knocking with UFW

Adithya
Jul 13, 2019

--

Port knocking is a security technique used to secure servers. Connection is attempted to a sequence of ports to open or close an application/service port.
UFW (Uncomplicated Firewall) is available on all recent Ubuntu versions.

knockd installation:

apt install knockd

knockd configuration file:

/etc/knockd.conf

[options] UseSyslog [SSH] sequence = 7000,8000,9000 seq_timeout = 5 start_command = ufw allow from %IP% to any port 22 tcpflags = syn cmd_timeout = 10 stop_command = ufw delete allow from %IP% to any port 22

The sequence for opening port 22 is 7000–8000–9000. The SSH port will be open for 10 seconds before it is closed again. SSH access is enabled only for the IP which is knocking.
The ports in the knocking sequence should be allowed in the firewall first.

Sign up to discover human stories that deepen your understanding of the world.

Free

Distraction-free reading. No ads.

Organize your knowledge with lists and highlights.

Tell your story. Find your audience.

Membership

Read member-only stories

Support writers you read most

Earn money for your writing

Listen to audio narrations

Read offline with the Medium app

--

--

Adithya
Adithya

Written by Adithya

DevOps, IoT and amateur radio

No responses yet

Write a response