PortKnocker icon indicating copy to clipboard operation
PortKnocker copied to clipboard
verified publisher icon xargsgrep

The formation of a package with the contents

Open ShirokiyAlex opened this issue 7 years ago • 4 comments

You can add to the program the ability to send a package with content (text), for devices that analyze the content of the package is a big plus in security.

ShirokiyAlex avatar Aug 09 '18 07:08 ShirokiyAlex

I think you didn't understand the concept. Packets are not inspected its just filtering for connection attempt to specific ports. There are 65535 ports and from a sequence of 3 ports I think there are 281.462.092.005.375 possible combinations (if I'm getting math correctly here), which is for sure save enough I guess. ;-)

TDFKAOlli avatar Sep 15 '18 12:09 TDFKAOlli

There's no such thing as a lot of security, my boss thinks. For Windows, there is a similar program that sends a text package to the desired port. The router analyzes the packet by Layer7 Protocols if the sequence of ports matches and the contents of the packets allow access. image

ShirokiyAlex avatar Sep 17 '18 07:09 ShirokiyAlex

Yep, I know. :-) Still there might be a point where you think it is reasonable good. ;-)

Anyhow I had a look at the knockd (server) and it looks like it is possible. Packet inspection code seems to also get the tcp packet itself. So I was wrong with my statement above.

TDFKAOlli avatar Sep 20 '18 21:09 TDFKAOlli

We look forward to adding this feature, thank you.

ShirokiyAlex avatar Oct 01 '18 06:10 ShirokiyAlex