端口敲门tips

前言

有时候会遇到这种Port konck,确实有点像敲门和关门=.=然后这里就简单记录一下.

配置示例

在能读目录的情况下可以优先寻找:/var/log/knockd.log

1
2
3
4
5
6
7
8
9
10
11
For example:

[options]
logfile = /var/log/knockd.log
[opencloseSSH]
sequence = 8881:tcp,7777:tcp,9991:tcp
seq_timeout = 15
tcpflags = syn,ack
start_command = /usr/bin/iptables -A TCP -s %IP% -p tcp --dport 22 -j ACCEPT
cmd_timeout = 10
stop_command = /usr/bin/iptables -D TCP -s %IP% -p tcp --dport 22 -j ACCEPT

更详细的参考:https://wiki.archlinux.org/index.php/Port_knocking

Port Konck

1.Scritp

1
for x in 7000 8000 9000; do nmap -Pn –host_timeout 201 –max-retries 0 -p $x 1.1.1.1; done