Port knock service: Knockd Service.This servcie hide the system open service by adding iptables rules dynamically.Using a customized series of serial number to knock out the service port so that the system needs to open the port and allow externel access
The config file locate at /etc/knockd.conf
The nmap cannot search for anything of ssh as follow After we open the knock service and define the keyword.
┌──(kali㉿kali)-[~] └─$ nmap -A -p 22 192.168.50.71 -oA djinn Starting Nmap 7.92 ( https://nmap.org ) at 2022-03-28 11:03 CST Nmap scan report for 192.168.50.71 Host is up (0.00071s latency). PORT STATE SERVICE VERSION 22/tcp closed ssh
So we have to knock out the keyword
┌──(kali㉿kali)-[~] └─$ knock 192.168.50.71 1356 6784 3409 ┌──(kali㉿kali)-[~] └─$ nmap -A -p 22 192.168.50.71 -oA djinn Starting Nmap 7.92 ( https://nmap.org ) at 2022-03-28 11:03 CST Nmap scan report for 192.168.50.71 Host is up (0.00051s latency). PORT STATE SERVICE VERSION 22/tcp open ssh OpenSSH 7.6p1 Ubuntu 4ubuntu0.3 (Ubuntu Linux; protocol 2.0) | ssh-hostkey: | 2048 b8:cb:14:15:05:a0:24:43:d5:8e:6d:bd:97:c0:63:e9 (RSA) | 256 d5:70:dd:81:62:e4:fe:94:1b:65:bf:77:3a:e1:81:26 (ECDSA) |_ 256 6a:2a:ba:9c:ba:b2:2e:19:9f:5c:1c:87:74:0a:25:f0 (ED25519) Service Info: OS: Linux; CPE: cpe:/o:linux:linux_kernel
knock service reference article: https://www.cnblogs.com/f-carey/p/16066178.html