Difference between revisions of "Talk:Port knocking"

From ArchWiki
Jump to: navigation, search
m (moved Talk:SSH Login Attack to Talk:Port Knocking: "Port Knocking" is even a more precise name. "SSH login attack" sounds like the title of an article about attacking ssh. Besides, port knocking can be used with other ports, not only the ssh ...)
m (Indigo moved page Talk:Port Knocking to Talk:Port knocking without leaving a redirect: sentence case re Help:Style#Title)
(12 intermediate revisions by 3 users not shown)
Line 1: Line 1:
For me the supplied script did not work.
Instead of
nmap -P0 --host_timeout 201 -p $2 $1 &> /dev/null
nmap -P0 --host_timeout 201 -p $3 $1 &> /dev/null
I use
nmap -PN --host_timeout 201 --max-retries 0 -p $2 $1 &> /dev/null
nmap -PN --host_timeout 201 --max-retries 0 -p $3 $1 &> /dev/null
The Flag P0 seems to have been renamed to PN in a more recent nmap version.
But the important part is max-retries. If it is not set to 0 nmap sends several TCP SYN packets to the target host. This then causes serveral knocks on Port 1 and 2 instead of just one - thus knocking 'out of order'.
Please edit if you agree - I'm not an 'expert' by all means, this are just my thoughts after examining iptables logs.
I'll edit the page in a few days if there is no respone - I just wanted to have feedback before I do.

Latest revision as of 18:08, 25 February 2016