Open main menu
Home
Random
Recent changes
Special pages
Community portal
Preferences
About Wikipedia
Disclaimers
Incubator escapee wiki
Search
User menu
Talk
Dark mode
Contributions
Create account
Log in
Editing
Port knocking
(section)
Warning:
You are not logged in. Your IP address will be publicly visible if you make any edits. If you
log in
or
create an account
, your edits will be attributed to your username, along with other benefits.
Anti-spam check. Do
not
fill this in!
== Security considerations == Port knocking is a flexible, customisable system add-in. If the administrator chooses to link a knock sequence to an activity such as running a shell script, other changes such as implementing additional firewall rules to open ports for specific IP addresses can easily be incorporated into the script. Simultaneous sessions are easily accommodated. By using strategies like dynamic length and pool of length, the probability of hacking knock sequences can be reduced to near zero.<ref>{{Cite journal|last1=Shiraz|first1=Muhammad|last2=Boroumand|first2=Laleh|last3=Gani|first3=Abdullah|last4=Khan|first4=Suleman|title=An Improved Port Knocking Authentication Framework for Mobile Cloud Computing|date=2019-10-29|journal=Malaysian Journal of Computer Science|volume=32|issue=4|pages=269β283|doi=10.22452/mjcs.vol32no4.2|issn=0127-9084|doi-access=free}}</ref> In addition to mitigating brute force password attacks and the inevitable growth in logs associated with the process daemon, port knocking also protects against protocol vulnerability exploits. If an exploit were discovered that could compromise a daemon in its default configuration, using port knocking on the listening port reduces the possibility of compromise until the software or process is updated. Authorized users would continue to be served once they provide the correct knock sequence while random access attempts would be ignored. Port knocking should only be viewed as part of an overall network defense strategy providing protection against random and targeted attacks, not as complete standalone solution. [[Network security]] professionals have largely ignored port knocking as a solution in the past since early implementations relied solely on providing the correct port combinations to achieve access. Modern port knock systems incorporate features such as secure cryptographic hashes, [[blacklist]]s, [[whitelist]]s and dynamic attack responses to further increase system capability. Port knocking is an effective means of maximizing server resources on internet facing networks.{{Citation needed|date=November 2020}} Properly implemented port knocking does not lower the overall security of a system. It is an effective measure that provides an additional layer of security with minimal server resource overhead. At worst, systems such as port knocking introduce new security issues through poor implementation or expose ambivalent administration attitudes through situations such as [[risk compensation]].{{Citation needed|date=November 2020}}
Edit summary
(Briefly describe your changes)
By publishing changes, you agree to the
Terms of Use
, and you irrevocably agree to release your contribution under the
CC BY-SA 4.0 License
and the
GFDL
. You agree that a hyperlink or URL is sufficient attribution under the Creative Commons license.
Cancel
Editing help
(opens in new window)