1. Computers
  2. Display Drivers
  3. Graphics Cards
  4. Memory
  5. Motherboards
  6. Processors
  7. Software
  8. Storage
  9. Operating Systems


Facebook RSS Twitter Twitter Google Plus


Phoronix Test Suite

OpenBenchmarking.org

Knock: TCP Port Knocking Proposed For Linux Kernel

Linux Kernel

Published on 10 December 2013 01:55 PM EST
Written by Michael Larabel in Linux Kernel
4 Comments

A "Knock" patch has been proposed for the mainline Linux kernel that would provide NAT-compatible, TCP stealthy port knocking for improved network security of Linux systems.

Port Knocking is the process of opening network ports on a firewall by first attempting to connect to a set of predefined unopen ports. It's effectively a key for opening network ports with the password being the pegging of other closed network ports in the correct sequence.

There's know a "Knock" patch for the Linux kernel that would unify this capability within the Linux kernel. Generally, port knocking is handled by a user-space daemon monitoring firewall logs for failed connection attempts. Knock is designed to be stealthy, done completely within the Linux kernel and only activated by a single extra setsockopt call, can be used for protecting the first N-bytes of the TCP payload, is designed to work behind NATs, and is a free, simple kernel modification. The disadvantage to the Knock design is self-admitted that the TCP SYN packet's SQN is only 32-bits long and would be subject to brute force attempts but involving billions of network packets.

Plenty more details on the proposed Knock port knocking for the Linux kernel can be found via the kernel patch submission and the Knock project page.

Latest Linux Hardware Reviews
  1. Mini-Box M350: A Simple, Affordable Mini-ITX Case
  2. Overclocking The AMD AM1 Athlon & Sempron APUs
  3. AMD Athlon 5350 / 5150 & Sempron 3850 / 2650
  4. Upgraded Kernel & Mesa Yield A Big Boost For Athlon R3 Graphics
Latest Linux Articles
  1. AMD OpenCL Performance With AM1 Kabini APUs
  2. A Quick Look At GCC 4.9 vs. LLVM Clang 3.5
  3. Are AMD Athlon/Sempron APUs Fast Enough For Steam On Linux?
  4. AMD Athlon's R3 Graphics: RadeonSI Gallium3D vs. Catalyst
Latest Linux News
  1. QEMU 2.0 Released With ARM, x86 Enhancements
  2. Running The Unity 8 Preview Session On Ubuntu 14.04 LTS
  3. R600 Gallium3D Disables LLVM Back-End By Default
  4. Fedora 21 Gets GNOME 3.12, PHP 5.6, Mono 3.4
  5. Fedora Workstation Is Making Me Quite Excited
  6. Maynard: A Lightweight Wayland Desktop
  7. Chromium Browser Going Through Growing Pains In Ubuntu 14.04
  8. KDE 4.13 Is Being Released Today With New Features
  9. Trying Out Radeon R9 290 Graphics On Open-Source
  10. Intel Broadwell GT3 Graphics Have Dual BSD Rings
  11. Early Linux 3.15 Benchmarks Of Intel Core i7 + Radeon
  12. Red Hat Releases Its RHEL 7 Release Candidate
Latest Forum Discussions
  1. Linux Kernel Developers Fed Up With Ridiculous Bugs In Systemd
  2. After Jack Keane, RuseSoft will briing Ankh 3 to Linux through Desura
  3. The GNOME Foundation Is Running Short On Money
  4. Change installation destination from home directory
  5. Updated and Optimized Ubuntu Free Graphics Drivers
  6. Bye bye BSD, Hello Linux: A Sys Admin's Story
  7. New tool for undervolt/overclock AMD K8L and K10 processors
  8. How to enable opengl 3.3 on r9 270?