FREESCO Support

[bob selby]

I have this working with 3 ports but they are fairly commonly used ports so not so secure as I'd like.

The problem is that the firewall at the remote site I need to gain access from is screwed down so tight it sqeaks!
and I'm having difficulty finding out what they allow out.

Is there a way I can see what is making it through to my 040 box?? I have turned on the "-v" option (in addition to the existing "-D" option) but it doesnt seem to make much difference to the level of reporting.

Can anyone suggest a way to figure out accessible ports ??

I guess I could put wireshark with a hub on the incoming link - but the volume of cr*p I'd have to filter through would be huge.

Bob

[Lightning]

[bob selby]

All working now

I have found that port 443 (https) is also open from the remote site but 8080 is not - and with the other common ones that are open I feel I have a reasonably secure setup now

One thing I have noticed is that it is advisable to avoid patterns that start and end the same or knockd gets confused - so don't be tempted to try 80,21,433,80 to open and 80,433,21,80 to close - (80,21,80,433 and 443,80,21,80 is fine).

Also avoid sequential ascending patterns like 21,22,23 (fairly obvious really since that is how port scanners operate).

Regards,
Bob