Contact Us
on Fri 03 of Sep., 2004 11:26 EDT
Portknocking in BASH
So I've been playing around with PortKnocking for some time, trying to find a good implementation that didn't create potential vulnerabilities itself - or at least presented as few as possible. I can't say that I'm done with that search yet, but I can report that I'm happy with one interesting implementation that I've been toying with. Whats also nice about this implementation is that it should be portable across Linux distributions, and should also work on almost anything else that support BASH scripts.
Yep, you heard right, BASH scripts. What you got here is a 100% shell based portknocking server and client, with neither directly exposed to the traffic coming into the box its protecting. This is a really handy feature, not being a service and not parsing packets directly, because that means we don't have to directly worry about our client and server handling them. You can find out more in the forums as well:
The client being written as a script means that we can use it on almost any OS, provided that we have sha1sum on the client and it can parse bash scripts.
The server and client are posted in the forums as attachments.
