Using Knock ... ?

Support section for FREESCO v0.3.x 3rd Party Packages

Postby bob selby » Thu Jun 05, 2008 3:02 am

Hi, I am trying to setup KNOCK and am having some difficulties :-(

I installed the "knock-0.5e-lightning" package and have tried a number of settings for the ports to use including some of the examples from the conf file but when I try to test it from work it sometimes reports "stage 1" but never gets any further but them I run into troubles because even the "stage 1" port stops responding.

Example:
(Yes - I know this is not the best port seq - it's just a test)

Config:
[openAdmin]
sequence = 23:tcp,24:tcp,25:tcp
seq_timeout = 5
start_command = /bin/ipfwadm -I -i accept -P tcp -S %IP% -D 0/0 82
tcpflags = syn,ack
cmd_timeout = 30
stop_command = /bin/ipfwadm -I -d accept -P tcp -S %IP% -D 0/0 82

Command (windows):
"knock softfoot.dyndns.org 23 24 25"

Any ideas??
Are there any restrictions on the ports you can use??
Do they have to be open/closed/stealthed??

TIA Bob
[cant attach report.txt - forum keeps complaining its in the wrong format or too big (it's 13k)]
bob selby
Advanced Member
 
Posts: 302
Joined: Wed Nov 21, 2001 8:18 am
Location: London, UK

Postby Lightning » Thu Jun 05, 2008 6:23 pm

I have had problems using tcp/udp flags with the port sequence. So I would recommend just using

sequence = 23,24,25


Because the ports are tcp by default. You also have some minor restriction on ports. You should NOT use ports above about 42,000 because those are used by the system for NAT and I would recommend using some higher ports that are out of the standard system port ranges above 1024. That way even if there are other things running on those ports they won't get confused with the knock sequence and those ports are also MUCH less likely to be monitored by anyone..
If you are afraid that you might make a mistake. The chances are high that you will never learn anything.
User avatar
Lightning
FREESCO GOD !!
 
Posts: 12079
Joined: Wed Nov 14, 2001 6:50 am
Location: Oregon, USA

Postby bob selby » Fri Jun 06, 2008 5:57 am

mmm
bob selby
Advanced Member
 
Posts: 302
Joined: Wed Nov 21, 2001 8:18 am
Location: London, UK

Postby bob selby » Fri Jun 06, 2008 5:58 am

Thanks for that :-) I'll give it a try.

Should I remove the "tcpflags = sys,acc" line as well ???

Bob
bob selby
Advanced Member
 
Posts: 302
Joined: Wed Nov 21, 2001 8:18 am
Location: London, UK

Postby Lightning » Fri Jun 06, 2008 12:31 pm

I use

tcpflags = syn
If you are afraid that you might make a mistake. The chances are high that you will never learn anything.
User avatar
Lightning
FREESCO GOD !!
 
Posts: 12079
Joined: Wed Nov 14, 2001 6:50 am
Location: Oregon, USA

Postby bob selby » Fri Jun 06, 2008 12:59 pm

Thanks :-)
bob selby
Advanced Member
 
Posts: 302
Joined: Wed Nov 21, 2001 8:18 am
Location: London, UK


Return to 3rd Party Package Support for FREESCO v0.3.x

Who is online

Users browsing this forum: No registered users and 2 guests

cron