knockd is a port-knock server. It listens to all traffic on an ethernet interface, looking for special "knock" sequences of port-hits. A client makes these port-hits by sending a TCP (or UDP) packet to a port on the server. This port need not be open -- since knockd listens at the link-layer level, it sees all traffic even if it's destined for a closed port. When the server detects a specific sequence of port-hits, it runs a command defined in its configuration file. This can be used to open up holes in a firewall for quick access. [ This got memed a while back... I thought it sounded neat, but got my ass handed to me by the actual security nerds on the site, to whom weak security is a worse sin than no security. I shrug. It's a cool idea, if only as a curiosity. -k] knock - a port-knocking implementation |