Port Knocking is a clever technique to secure a machine. No ports are open, but failures on ports are monitored for a specific sequence of port attempts. If the correct ports are attempted in the correct sequence, then a port is opened, and the external machine can get in. The technique adds a meta-level to normal security measures, and turns failures into interesting information.
Comments
That's a clever solution. My ISP uses something similar called "POP-before-SMTP" authentication for the outgoing SMTP mail server. If you try to simply connect to the SMTP server, it will fail. But, if you check a valid POP account, you'll be authenticated to SMTP as well for a time period of 90 minutes or so.
"POP before SMTP" is a common tactic for ISPs to avoid having their SMTP servers act as open relays. Another approach is just to use SMTP AUTH and require the client to authenticate (usually with the same account password used for POP).
Add a comment: