How to Use Port Knocking on

Linux (and Why You Shouldn’t)

Port knocking is a way to secure a server by closing firewall ports—even those you
know will be used. Those ports are opened on demand if—and only if—the connection
request provides the secret knock.

Port Knocking Is a “Secret Knock”

In the 1920s, when prohibition was in full swing, if you wanted to get into
a speakeasy, you had to know the secret knock and tap it out correctly to get inside.

Port knocking is a modern equivalent. If you want people to have access to services on
your computer but don’t want to open your firewall to the internet, you can use port
knocking. It allows you to close the ports on your firewall that allow incoming
connections and have them open automatically when a prearranged pattern of
connection attempts is made. The sequence of connection attempts acts as the secret
knock. Another secret knock closes the port.