Difference between revisions of "Talk:Port knocking"
m (moved Talk:SSH Login Attack to Talk:Port Knocking: "Port Knocking" is even a more precise name. "SSH login attack" sounds like the title of an article about attacking ssh. Besides, port knocking can be used with other ports, not only the ssh ...)
Revision as of 17:09, 15 November 2011
For me the supplied script did not work. Instead of
nmap -P0 --host_timeout 201 -p $2 $1 &> /dev/null
nmap -P0 --host_timeout 201 -p $3 $1 &> /dev/null
nmap -PN --host_timeout 201 --max-retries 0 -p $2 $1 &> /dev/null
nmap -PN --host_timeout 201 --max-retries 0 -p $3 $1 &> /dev/null
The Flag P0 seems to have been renamed to PN in a more recent nmap version. But the important part is max-retries. If it is not set to 0 nmap sends several TCP SYN packets to the target host. This then causes serveral knocks on Port 1 and 2 instead of just one - thus knocking 'out of order'.
Please edit if you agree - I'm not an 'expert' by all means, this are just my thoughts after examining iptables logs. I'll edit the page in a few days if there is no respone - I just wanted to have feedback before I do.