Giter Club home page Giter Club logo

knockr's Introduction

knockr

knockr is a port-knocking utility potentially more convenient to use than a general purpose tool like nmap or netcat. Written in Go, the utility is a single binary, installable on any platform Go supports including Linux, BSD/Unix, Windows and Mac.

Installation

Via the Go tool chain

go install github.com/mwyvr/knockr@latest

Linux without glibc: The Go net package includes CGO bindings; Linux distributions not based on glibc such as Alpine Linux, Chimera Linux or Void Linux (musl variant) can install a statically linked version with:

CGO_ENABLED=0 go install github.com/mwyvr/knockr@latest

Other Install Options

Pre-built binary for Linux:

The releases page provides a link to a non CGO-based binary that will run on various Linux distributions.

Usage

The default timeout and delay durations should be sufficient for most use cases.

Usage: knockr [OPTIONS] address port1,port2...

-d duration
        delay between knocks (default 100ms)
-n string
        network protocol (default "tcp")
-s	silent: suppress all but error output
-t duration
        timeout for each knock (default 1.5s)

Example:

# knock on three ports using the default protocol (tcp) and delays
knockr my.host.name 1234,8923,1233

Tip: Include the port(s) you expect to be unlocked as the first and last port in the chain to observe status before and after. For example, if intending to unlock port 22 (ssh) on a specific host:

# 22 last to demonstrate it has been opened
knockr my.host.name 1234,18923,1233,22

What is port-knocking?

Port-knocking is a network access method that opens ports normally left closed to the outside world, but only when the right sequence of ports has been visited and within time frames determined by your network access configuration. That sequence of ports acts as a key.

knockr is the remote side of the solution; a network access device like a router must be configured.

Port-knocking can be configured on hosts and many routers including some low-cost, high functionality devices accessible to technical consumers such as Mikrotik RouterOS devices.

Typically the solution will be configured such that the target port (not necessarily specified in the port-knocking requests) are only opened to the IP address issuing the correct knock sequence, further improving security and resiliency to exploit, and reducing port-scanning log burden.

See also: Wikipedia - port-knocking.

knockr's People

Contributors

mwyvr avatar

Stargazers

Alex Negulescu avatar Anthony avatar Eric COURTIAL avatar Andrews Cordolino Sobral avatar Zerayan avatar avatar Antoine Leroux avatar avatar mdouchement avatar Éric avatar Eric Hartmann avatar Adrien avatar Alex Swit avatar Faizul mansor avatar José Paulo avatar SoftExpert avatar Fabien Udriot avatar Guillaume avatar avatar Solvik avatar Narno avatar Alexis Brunet avatar Jérôme RINNER avatar Victor avatar avatar Hugo Rochvarger avatar Leslie-Alexandre DENIS avatar Guillaume VILLENA avatar avatar Olivier MARY avatar Athorcis avatar Havrileck Alexandre avatar Darkham avatar Maxime avatar Xavier Fournet avatar Wajdi avatar Guillaume D avatar swinn avatar Benjamin Féron avatar Rachid Zarouali avatar avatar Piwi avatar

Watchers

James Cloos avatar avatar

Forkers

silversword411

knockr's Issues

No binary in releases

Hello,

Can you provide binaries when creating a release ? Maybe with goreleaser. I can make a PR if you're interesting.

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.