LinuxQuestions.org
Register a domain and help support LQ
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices

Reply
 
Search this Thread
Old 05-09-2008, 01:20 PM   #1
adam_blackice
Member
 
Registered: Apr 2006
Location: /*Egypt */ //cairo
Distribution: Ubuntu 7.04 , SLED 10 , Fedora , RHEL 5
Posts: 312

Rep: Reputation: 32
Asking about port knocking


Dear All,

All i want to make is a simple port knocking implementation to only port 22 (SSH) when some one want to connect to that port first must hit two ports to be able to connect like ports (2000,3000) i have tested that with iptables sctipts and test it on my machine locally after running the script i made an SSH connection to local loop . but the failed ,, so i get the knockd and install it and after building it from source finally itis installed but i cann't figure out how to work with ,, when i wrote knockd and press enter nothing happened ?. or #knockd start also there is nothing happened . , or knockd -i lo !! any one could tell me how to make that or any simple way to make a simple port knocking working ?. and i will be thankful ..

Regards .
 
Old 05-09-2008, 01:59 PM   #2
TB0ne
Guru
 
Registered: Jul 2003
Location: Birmingham, Alabama
Distribution: SuSE, RedHat, Slack,CentOS
Posts: 14,595

Rep: Reputation: 2569Reputation: 2569Reputation: 2569Reputation: 2569Reputation: 2569Reputation: 2569Reputation: 2569Reputation: 2569Reputation: 2569Reputation: 2569Reputation: 2569
Check these pages for documentation:

http://gentoo-wiki.com/HOWTO_Port_Knocking
http://www.zeroflux.org/cgi-bin/cvstrac.cgi/knock/wiki
 
Old 05-09-2008, 02:13 PM   #3
adam_blackice
Member
 
Registered: Apr 2006
Location: /*Egypt */ //cairo
Distribution: Ubuntu 7.04 , SLED 10 , Fedora , RHEL 5
Posts: 312

Original Poster
Rep: Reputation: 32
thanks tB0ne for you replay .. i have surfed many docs for that issue but after installing knockd daemon i cannot find it on

/etc/init.d/knockd but itis available throw the command line #knockd .
 
Old 05-09-2008, 03:51 PM   #4
internetSurfer
Member
 
Registered: Jan 2008
Location: w3c
Distribution: Slackware 12 Zenwalk 5.2
Posts: 71

Rep: Reputation: 16
Extra Info: ipt_pkd
_
 
Old 05-09-2008, 06:28 PM   #5
adam_blackice
Member
 
Registered: Apr 2006
Location: /*Egypt */ //cairo
Distribution: Ubuntu 7.04 , SLED 10 , Fedora , RHEL 5
Posts: 312

Original Poster
Rep: Reputation: 32
thanks internetSurfer i have tried to install it from the source and after install all the dependencies i got the following error .. so if you tried that please advice and thanks for you help .
# make
make modules -C /lib/modules/2.6.23.1-42.fc8/build M=/home/blackice/Desktop/pkd-0.5 KERNELRELEASE=2.6.23.1-42.fc8
make: *** /lib/modules/2.6.23.1-42.fc8/build: No such file or directory. Stop.
make: *** [module] Error 2
 
Old 05-09-2008, 08:29 PM   #6
internetSurfer
Member
 
Registered: Jan 2008
Location: w3c
Distribution: Slackware 12 Zenwalk 5.2
Posts: 71

Rep: Reputation: 16
ip tables port knock detection
http://packetstormsecurity.org/filed...d-0.5-tgz.html

1. Looked @ file and it is pkg for Slack but not properly pkg'd.
2. Extracted files and had to move the files in the include folder:

This is wrong

/home/blackice/Desktop/pkd-0.5/pkd-0.5/include/libipq
/home/blackice/Desktop/pkd-0.5/pkd-0.5/include/libiptc
/home/blackice/Desktop//pkd-0.5/pkd-0.5/include/libipulog
/home/blackice/Desktop/pkd-0.5/pkd-0.5/include/linux
/home/blackice/Desktop/pkd-0.5/pkd-0.5/include/ip6tables.h
/home/blackice/Desktop/pkd-0.5/pkd-0.5/include/iptables.h
/home/blackice/Desktop/pkd-0.5/pkd-0.5/include/xtables.h


This is right

/home/blackice/Desktop/pkd-0.5/pkd-0.5/libipq
/home/blackice/Desktop/pkd-0.5/pkd-0.5/libiptc
/home/blackice/Desktop/pkd-0.5/pkd-0.5/libipulog
/home/blackice/Desktop/pkd-0.5/pkd-0.5/linux
/home/blackice/Desktop/pkd-0.5/pkd-0.5/ip6tables.h
/home/blackice/Desktop/pkd-0.5/pkd-0.5/ipt_pkd.h
/home/blackice/Desktop/pkd-0.5/pkd-0.5/iptables.h
/home/blackice/Desktop/pkd-0.5/pkd-0.5/xtables.h
/home/blackice/Desktop/pkd-0.5/pkd-0.5/knock.c
/home/blackice/Desktop/pkd-0.5/pkd-0.5/libipt_pkd.c
/home/blackice/Desktop/pkd-0.5/pkd-0.5/pkd.c
/home/blackice/Desktop/pkd-0.5/pkd-0.5/Makefile
/home/blackice/Desktop/pkd-0.5/pkd-0.5/DISCLAIMER
/home/blackice/Desktop/pkd-0.5/pkd-0.5/GPLv2 /home/blackice/Desktop/pkd-0.5/pkd-0.5/example.ipt_pkd.ini /home/blackice/Desktop/pkd-0.5/pkd-0.5/knock.py
/home/blackice/Desktop/pkd-0.5/pkd-0.5/README


3. During make there are a few errors that shouldn't cause any issues.

libipt_pkd.c:151: warning: initialization from incompatible pointer type
libipt_pkd.c:152: warning: initialization from incompatible pointer type
libipt_pkd.c:154: warning: initialization from incompatible pointer type
libipt_pkd.c:155: warning: initialization from incompatible pointer type


4. Here are the compiled files that should be manually placed in OS

/home/blackice/Desktop/pkd-0.5/knock
/home/blackice/Desktop/pkd-0.5/ipt_pkd.ko
/home/blackice/Desktop/pkd-0.5/ipt_pkd.mod.o
/home/blackice/Desktop/pkd-0.5/ipt_pkd.o
/home/blackice/Desktop/pkd-0.5/knock.o
/home/blackice/Desktop/pkd-0.5/libipt_pkd.o
/home/blackice/Desktop/pkd-0.5/pkd.o
/home/blackice/Desktop/pkd-0.5/.ipt_pkd.ko.cmd
/home/blackice/Desktop/pkd-0.5/.ipt_pkd.mod.o.cmd
/home/blackice/Desktop/pkd-0.5/.ipt_pkd.o.cmd
/home/blackice/Desktop/pkd-0.5/.pkd.o.cmd
/home/blackice/Desktop/pkd-0.5/example.ipt_pkd.ini
/home/blackice/Desktop/pkd-0.5/libipt_pkd.so
/home/blackice/Desktop/pkd-0.5/Module.symvers
/home/blackice/Desktop/pkd-0.5/.temp


5. You can delete the rest of the files minus the ones above and place the
pkd-0.5 folder somewhere like bin and should be able to use the program.


_

Last edited by internetSurfer; 05-09-2008 at 08:46 PM.
 
Old 06-24-2008, 11:59 AM   #7
estabroo
Senior Member
 
Registered: Jun 2008
Distribution: debian, ubuntu, sidux
Posts: 1,094
Blog Entries: 2

Rep: Reputation: 111Reputation: 111
make modules -C /lib/modules/2.6.23.1-42.fc8/build M=/home/blackice/Desktop/pkd-0.5 KERNELRELEASE=2.6.23.1-42.fc8
make: *** /lib/modules/2.6.23.1-42.fc8/build: No such file or directory. Stop.
make: *** [module] Error 2


You need to have your kernel headers installed to compile pkd. /lib/modules/2.6.23.1-42.fc8/build in most cases would be a symbolic link to them (typically in /usr/src)

If your distro has module-assistant and easy way to do this is to install module-assistant and then m-a prepare

That'll install the kernel headers and other stuff needed to compile kernel modules
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Port Knocking through ssh tunnel metallica1973 Linux - Security 10 03-05-2008 09:00 PM
LXer: Tutorial: An Easy Tutorial on IP Tables and Port Knocking LXer Syndicated Linux News 0 02-04-2008 04:20 PM
Does anyone here use port knocking? 144419855310001 General 4 10-07-2007 08:37 AM
port knocking only for ssh port? xpucto Linux - Security 1 03-29-2007 08:22 AM
Who's that Knocking at my door ! cjhills Linux - Newbie 4 01-17-2003 06:55 AM


All times are GMT -5. The time now is 03:21 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration