Knock: TCP Port Knocking Proposed For Linux Kernel

Written by Michael Larabel in Linux Kernel on 10 December 2013 at 01:55 PM EST. 4 Comments
LINUX KERNEL
A "Knock" patch has been proposed for the mainline Linux kernel that would provide NAT-compatible, TCP stealthy port knocking for improved network security of Linux systems.

Port Knocking is the process of opening network ports on a firewall by first attempting to connect to a set of predefined unopen ports. It's effectively a key for opening network ports with the password being the pegging of other closed network ports in the correct sequence.

There's know a "Knock" patch for the Linux kernel that would unify this capability within the Linux kernel. Generally, port knocking is handled by a user-space daemon monitoring firewall logs for failed connection attempts. Knock is designed to be stealthy, done completely within the Linux kernel and only activated by a single extra setsockopt call, can be used for protecting the first N-bytes of the TCP payload, is designed to work behind NATs, and is a free, simple kernel modification. The disadvantage to the Knock design is self-admitted that the TCP SYN packet's SQN is only 32-bits long and would be subject to brute force attempts but involving billions of network packets.

Plenty more details on the proposed Knock port knocking for the Linux kernel can be found via the kernel patch submission and the Knock project page.
4 Comments
Related News
Linux 6.9-rc5 Released: The Diffstat "Looks A Bit Wonky" But Not Bad
Linux 6.9-rc5 Picking Up Fixes For Intel FRED, BHI & GFNI/VAES Checks
Linux 6.10 Preps A Kernel Panic Screen - Sort Of A "Blue Screen of Death"
Linus Torvalds Injects Tabs To Thwart Kconfig Parsers Not Correctly Handling Them
Linux 6.9-rc4 Brings More Bcachefs Fixes, Native BHI Mitigation
Linux 6.10 To Account For NUMA Node When Allocating Per-CPU Cpumasks
About The Author
Michael Larabel

Michael Larabel is the principal author of Phoronix.com and founded the site in 2004 with a focus on enriching the Linux hardware experience. Michael has written more than 20,000 articles covering the state of Linux hardware support, Linux performance, graphics drivers, and other topics. Michael is also the lead developer of the Phoronix Test Suite, Phoromatic, and OpenBenchmarking.org automated benchmarking software. He can be followed via Twitter, LinkedIn, or contacted via MichaelLarabel.com.

Popular News This Week
Rust-Written LAVD Kernel Scheduler Shows Promising Results For Linux Gaming
Former Nouveau Lead Developer Joins NVIDIA, Continues Working On Open-Source Driver
Fedora Linux 40 Cleared For Release Next Week
AMD: "Additional Parts Of The Radeon Stack To Be Open Sourced Throughout The Year"
Mozilla Finally Begins Offering Firefox ARM64 Linux Binaries
Fedora Linux 40 Available For Download As A Wonderful Upgrade
openSUSE Factory Achieves Bit-By-Bit Reproducible Builds
Linux 6.10 Preps A Kernel Panic Screen - Sort Of A "Blue Screen of Death"