Simple way to set up port knocking on Linux?
- by Ace Paus
There are well known benefits of Port Knocking utilities when utilized in combination with firewall IP table modification. Port Knocking is best used to provide an additional layer of security over other tools such as the OpenSSH server. I would like some help setting it up on a ubuntu server.
I looked at some port knocking implementations here:
PORTKNOCKING - A system for stealthy authentication across closed ports. IMPLEMENTATIONS
http://www.portknocking.org/view/implementations
fwknop looked good. I found an Android client here. And fwknop (both client and server) is in the ubuntu repos.
Unfortunately, setting it up (on the server) looks difficult. I do not have iptables set up. My proficiency with iptables is limited (but I understand the basics). I'm looking for a series of simple steps to set it up. I only want to open the SSH port in response to a valid knock.
Alternatively, I would consider other port knocking implementations, if they are much simpler to set up and the desired Linux and Android clients are available.