Port knocking is one of the recommended options for securing your server. In this process, you close the firewall ports (including the ones that are currently in use). Mostly, it’s used for SSH port and cPanel ports to prevent brute force attacks. The ports open if and only if the requests submit the secret knock. In this guide, we explain how to use Port Knocking for your server.
Using Knock Server in CSF
To demonstrate port knocking in this tutorial, we’ll be using the control port 22 which is the default SSH port. In the following steps, you’ll learn how to enable port knocking for this port.
Log in to your remote server via the SSH with root credentials
Access and edit the CSF conf file with this code -
You’ll see a lot of executed texts. Ignore most of them and navigate to the line 1350
You’ll be modifying this line such that if you send a TCP request on a specific port, then the port 22 will open up to accept that incoming request. You can use any port to handle the requests to make the sequence secure
Use this command to save the config file if you’re using vim -
Restart your CSF using this command -
Port Knocking from Linux
To knock the ports from Linux, you need to use this command on the terminal -
These will redirect the TCP requests from port 1000, 2000, 3000, and 4050 to port 22 and it will handle the requests.
Knocking Port from Window
You can use port knocking with Windows. For this purpose, you’d have to use Greg’s Sowell’s Port Knocking tool for Windows.
Download and install the program and then launch it. Fill out the fields and set the configurations as per the above settings. To confirm click the “Knock” button.
Using Phone to Knock Ports
You can enable the Port Knocking feature from your smartphone as well. For Android devices, you can use a tool like Port Knocker. If you’re an iOS user, you can use PortKnock. Both the apps are similar to each other.
Launch the app and then set the parameters to knock the server’s firewall and open a specific port. You should keep in mind that if you knock the ports while connected to a WiFi network, then it will open the port for any connected device on the same network.
Using Knock Server in CSF
To demonstrate port knocking in this tutorial, we’ll be using the control port 22 which is the default SSH port. In the following steps, you’ll learn how to enable port knocking for this port.
Log in to your remote server via the SSH with root credentials
Access and edit the CSF conf file with this code -
Code:
vim /etc/csf/csf.conf
You’ll be modifying this line such that if you send a TCP request on a specific port, then the port 22 will open up to accept that incoming request. You can use any port to handle the requests to make the sequence secure
Use this command to save the config file if you’re using vim -
Code:
:wq
Code:
csf -r
To knock the ports from Linux, you need to use this command on the terminal -
Code:
for x in 1000 2000 3000 4050; do nmap -Pn –host_timeout 201 –max-retries 0 -p $x YourServersIP; done
These will redirect the TCP requests from port 1000, 2000, 3000, and 4050 to port 22 and it will handle the requests.
Knocking Port from Window
You can use port knocking with Windows. For this purpose, you’d have to use Greg’s Sowell’s Port Knocking tool for Windows.
Download and install the program and then launch it. Fill out the fields and set the configurations as per the above settings. To confirm click the “Knock” button.
Using Phone to Knock Ports
You can enable the Port Knocking feature from your smartphone as well. For Android devices, you can use a tool like Port Knocker. If you’re an iOS user, you can use PortKnock. Both the apps are similar to each other.
Launch the app and then set the parameters to knock the server’s firewall and open a specific port. You should keep in mind that if you knock the ports while connected to a WiFi network, then it will open the port for any connected device on the same network.