Tuesday, June 7, 2016

Knocking Server in 50 lines with Scapy

You may prefer knockd daemon, but i prefer something custom.. as always.

If you don't know what it is, google for Port Knocking.

Get my knocking client-server:
git clone https://github.com/nopernik/knocking-client-server

On server-side, i have this iptables config:

root@ubuntu:~# iptables-save
*filter
:INPUT DROP [0:0]
:FORWARD DROP [0:0]
:OUTPUT DROP [0:0]
-A INPUT -i lo -j ACCEPT
-A INPUT -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
-A OUTPUT -o lo -j ACCEPT
-A OUTPUT -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
COMMIT

I'm using whitelisting technique, so all policies set to DROP.
This particular machine will not reply to pings, and will seem to be down.

But, it runs my knocking server and web server in background.
It will accept connection to the web server only if knocking-client will active.

Configuration is pretty simple, just open the source.

No comments:

Post a Comment