sKnock: Port-Knocking for Masses

TitlesKnock: Port-Knocking for Masses
Publication TypeConference Paper
Year of Publication2016
AuthorsSel D, Totakura SHarsha, Carle G
Conference NameIEEE 35th Symposium on Reliable Distributed Systems Workshops (SRDSW)
Date Published09/2016
Conference LocationBudapest, Hungary
ISBN Number978-1-5090-5259-2

Port-knocking is the concept of hiding remote services behind a firewall which allows access to the services'listening ports only after the client has successfully authenticatedto the firewall. This helps in preventing scanners from learningwhat services are currently available on a host and also servesas a defense against zero-day attacks. Existing port-nocking implementations are not scalable in service provider deploymentsdue to their usage of shared secrets. In this paper we introducean implementation of port-knocking based on x509 certificatesaimed towards being highly scalable.