Open ShirokiyAlex opened 6 years ago
I think you didn't understand the concept. Packets are not inspected its just filtering for connection attempt to specific ports. There are 65535 ports and from a sequence of 3 ports I think there are 281.462.092.005.375 possible combinations (if I'm getting math correctly here), which is for sure save enough I guess. ;-)
There's no such thing as a lot of security, my boss thinks. For Windows, there is a similar program that sends a text package to the desired port. The router analyzes the packet by Layer7 Protocols if the sequence of ports matches and the contents of the packets allow access.
Yep, I know. :-) Still there might be a point where you think it is reasonable good. ;-)
Anyhow I had a look at the knockd (server) and it looks like it is possible. Packet inspection code seems to also get the tcp packet itself. So I was wrong with my statement above.
We look forward to adding this feature, thank you.
You can add to the program the ability to send a package with content (text), for devices that analyze the content of the package is a big plus in security.