Broadly, port knocking describes communication in which information arrives encoded in the form of connection attempts to closed ports, in which the port sequence forms the encoding, and acts as an event trigger on the receiver’s end. The receiver does not return a receipt to the sender during this transaction.
In one instance, port knocking refers to a method of communication between two computers (arbitrary named here client and server) in which information is encoded, and possibly encrypted, into a sequence of port numbers. This sequence is termed the knock. The server initially presents no open ports to a public network and is monitoring all connection attempts. The client initiates connection attempts to the server by sending SYN packets to the ports specified in the knock. This process of knocking is what gives port knocking its name. The server offers no response to the client during the knocking phase, as it “silently” processes the port sequence. When the server decodes a valid knock it triggers a server-side process.
The definition of a valid knock is arbitrary, and up to the implementer. The server-side process is also arbitrary, and up to the implementer. The trigger may result in dynamic modification of firewall rules or other administrative system events.
Brief
Port knocking is a method of establishing a connection to a networked computer that has no open ports look up ports on webopedia.com look up ports on FOLDOC. Before a connection is established, ports are opened using a port knock sequence, which is a series of connection attempts to closed ports. A remote host generates and sends an authentic knock sequence in order to manipulate the server’s firewall look up firewall on webopedia.com look up firewall on FOLDOC rules to open one or more specific ports. These manipulations are mediated by a port knock daemon, running on the server, which monitors the firewall log file for connection attempts which can be translated into authentic knock sequences. Once the desired ports are opened, the remote host can establish a connection and begin a session. Another knock sequence may used to trigger the closing of the port.