Home / port knocking / Port Knocking to Increase Security

Port Knocking to Increase Security

Posted by Admin Tuesday, January 10, 2012 0 comments
The port "knock" itself is similar to a secret handshake and can considt of any number of TCP, UDP, or ICMP or other protocol packets to numbered ports on the destination machine.The KNock may also consist of text strings sent to the device being knocked to add additional complexity and security.
Port knocking example :

Host send a connection to the one of router ports, the router stores the requester's IP for an amount of time.If the host send a connection again in the other ports, the router will check to see if the IP is the same IP from the first connection. If the IP is the same and the time between first attemp and second is within a specified time then the requester IP will be allowed to access the router.

/ip firewall filter

add action=add-src-to-address-list address-list=ICMP address-list-timeout=1m chain=input \
  disabled=no protocol=icmp

add action=add-src-to-address-list address-list="ICMP + Http" address-list-timeout=1m chain=input
  disabled=no dst-port=80 protocol=tcp src-address-list=ICMP

add  action=drop chain=input disabled=no dst-port=22,23,8291 protocol=tcp \
  src-address-list="!ICMP + Http"

(youtube/wiki)
Categories: ,

If You Like This Post, Share it With Your Friends

0 comments:

Post a Comment

Copyright © Mikrotik How To. All rights reserved.