Difference between revisions of "Talk:Port knocking"

From ArchWiki
Jump to: navigation, search
(Created page with 'For me the supplied script did not work. Instead of nmap -P0 --host_timeout 201 -p $2 $1 &> /dev/null nmap -P0 --host_timeout 201 -p $3 $1 &> /dev/null I use nmap -PN --ho...')
 
(No difference)

Revision as of 22:06, 10 April 2011

For me the supplied script did not work. Instead of


nmap -P0 --host_timeout 201 -p $2 $1 &> /dev/null

nmap -P0 --host_timeout 201 -p $3 $1 &> /dev/null


I use


nmap -PN --host_timeout 201 --max-retries 0 -p $2 $1 &> /dev/null

nmap -PN --host_timeout 201 --max-retries 0 -p $3 $1 &> /dev/null


The Flag P0 seems to have been renamed to PN in a more recent nmap version. But the important part is max-retries. If it is not set to 0 nmap sends several TCP SYN packets to the target host. This then causes serveral knocks on Port 1 and 2 instead of just one - thus knocking 'out of order'.

Please edit if you agree - I'm not an 'expert' by all means, this are just my thoughts after examining iptables logs. I'll edit the page in a few days if there is no respone - I just wanted to have feedback before I do.