Best tool to use for port knocking into server?

Discussion in 'macOS' started by dancks, Mar 8, 2013.

  1. dancks macrumors member

    dancks

    Joined:
    Nov 8, 2009
    #1
    sudo nmap -sS -T Polite -p22,1,2,3,4 x.x.x.x

    Starting Nmap 6.25 ( http://nmap.org ) at 2013-03-08 05:44 CST
    Note: Host seems down. If it is really up, but blocking our ping probes, try -Pn
    Nmap done: 1 IP address (0 hosts up) scanned in 9.64 seconds
    jason-danckss-macbook:~ Jason$ ssh root@x.x.x.x
    ssh: connect to host x.x.x.x port 22: Operation timed out


    I tried 2 port knocking utilities, thinking something was wrong with the first one then I installed knockd on debian server, same command, no luck, I'm thinking nmap is not the utility to be using.

    /etc/knockd snippet:

    [openSSH]
    sequence = 22,1,2,3,4
    seq_timeout = 5
    command = /sbin/iptables -A INPUT -s %IP% -p tcp --dport 22 -j ACCEPT
    tcpflags = syn


    Should I change the config to look for UDP packets instead or something?
     
  2. HenryAZ macrumors 6502

    HenryAZ

    Joined:
    Jan 9, 2010
    Location:
    South Congress AZ
    #2
    If you just want to see if a port is open,

    nc -z host port
     

Share This Page