LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices

Reply
 
Search this Thread
Old 11-03-2012, 01:30 AM   #1
amboxer21
Member
 
Registered: Mar 2012
Location: New Jersey
Distribution: Linux Mint, Gentoo
Posts: 270

Rep: Reputation: Disabled
knockd questions


I have a few questions about knockd for Lubuntu. I installed the openssh-server package and have an open port. It makes me uneasy and I want to take a little extra precautions!

I installed knockd and I still see port 22 open. So the question is, do i need to uninstall the openssh-server package an rely on knockd? Maybe I am supposed to close port 22 and knockd will open port 22 when I knck with the right sequnce?? Can any one shine some light on this for me?

Thanks!
 
Old 11-03-2012, 09:31 AM   #2
unSpawn
Moderator
 
Registered: May 2001
Posts: 26,987
Blog Entries: 54

Rep: Reputation: 2742Reputation: 2742Reputation: 2742Reputation: 2742Reputation: 2742Reputation: 2742Reputation: 2742Reputation: 2742Reputation: 2742Reputation: 2742Reputation: 2742
Quote:
Originally Posted by amboxer21 View Post
do i need to uninstall the openssh-server package an rely on knockd?
No, if you remove the SSH daemon then there's no service to connect to.


Quote:
Originally Posted by amboxer21 View Post
Maybe I am supposed to close port 22 and knockd will open port 22 when I knck with the right sequnce?
Yes. The idea is to block all new connections to the port (either by default filter table INPUT chain policy or specific drop rule) and have the knock daemon add an accept rule on successful knock sequence (check with 'iptables -t filter -nL INPUT'). If this is a remote machine then best add an explicit rule for the IP address or range you connect from while testing to ensure you don't lock yourself out.
 
  


Reply

Tags
knockd, lubuntu, ubuntu


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
problem in knockd configuration in ubuntu 10.04 arun5002 Linux - Server 2 07-01-2012 04:53 PM
LXer: Knockd, to secure your ports on Linux LXer Syndicated Linux News 0 04-17-2011 10:10 AM
installing knockd lulatsch Linux - Newbie 1 08-12-2009 12:47 AM
Knockd ryanoa Linux - Security 3 10-10-2006 06:03 PM
knockd gong Linux - Security 1 07-03-2005 06:49 AM


All times are GMT -5. The time now is 12:51 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration