port knocking


Also found in: Wikipedia.

port knocking

A security method that is used to authenticate a valid user and open a TCP/IP port to accept incoming packets. Firewalls accept or deny packets before any user authentication is performed. As a result, an attacker can gain entrance through the firewall. With port knocking, a "secret" authentication sequence is required in order to gain access in the first place.

Log the Failures
A port knocking connection is made by executing a series of connection attempts to specific port numbers that are always kept closed. The failed attempts are logged at the firewall, and a separate application monitors the failures. When the monitor finds a sequence of failed attempts that matches the secret port sequence; for example: 103, 103, 100, 101, 103 (the "secret knock"), it opens the port and accepts the packets. See TCP/IP port and port filtering.
Copyright © 1981-2019 by The Computer Language Company Inc. All Rights reserved. THIS DEFINITION IS FOR PERSONAL USE ONLY. All other reproduction is strictly prohibited without permission from the publisher.
References in periodicals archive ?
THE PRINCETON Amazingly I found myself with a drop of port knocking about, so I went about finding a cocktail to use up the aforementioned and add to my ever-increasing repertoire.
But if you are unable to install a VPN server, then you should at least try the port knocking method which will open the port 222 for a certain number of seconds only if another port or sequence of ports will be knocked before.
Instead, you can do this with simply using iptables rules, which has got a very useful module called "recent", which allows you to create simple - yet effective - port knocking sequences, as in the following example: