i have a "server 192.168.1.106" with open ssh , i configure iptables like this
Code: Select all
sudo iptables -S
-P INPUT ACCEPT
-P FORWARD ACCEPT
-P OUTPUT ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
-A INPUT -p tcp -m tcp --dport 5900 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 5800 -j ACCEPT
-A INPUT -j DROP
https://help.ubuntu.com/community/PortKnocking
and i use example 1
in client side i run a command
Code: Select all
knock -v 192.168.1.106 7000 8000 9000
hitting tcp 192.168.1.106:7000
hitting tcp 192.168.1.106:8000
hitting tcp 192.168.1.106:9000
Code: Select all
Starting Nmap 6.40 ( http://nmap.org ) at 2018-02-01 21:51 CET
Nmap scan report for 192.168.1.106
Host is up.
All 1000 scanned ports on 192.168.1.106 are filtered
Nmap done: 1 IP address (1 host up) scanned in 201.30 seconds
the log file is blank
anyone can help me ??? thankz at all