Simon TathamSep 7, 2025

When #PortKnocking was first introduced, somebody made a fork of #PuTTY which had it built in. We didn't take the patch upstream, because it seemed so likely that port knocks would keep evolving and we'd have to run to keep up; we thought a better design would be to delegate to a "make my connection, with any necessary knocks" sub-tool.

But the best thing about this fork was its name. The author called it PoTTY. And it came with a full suite of supporting tools with names like Pogeant and Plonk. Top marks!

Dr. Christopher KunzJan 29, 2025

This is an interesting piece about port-knocking backdoors in Juniper routers. Ineligible for the bingo, but interesting nonetheless.

https://heise.de/-10258876

Portknocking is not a new concept - I encountered it in the early 2000s and wrote my very first article in c't about it, while spending some evenings in the CCC Hannover's meeting room which I remember as a very "old school hacker den", in the literal sense (it was in a school's attic).
#backdoor #juniper #apt #portknocking

Juniper routers: Customized backdoors waiting for Magic Packets

IT researchers have discovered and investigated backdoors on Juniper routers. They are activated by magic packets.

heise online
Peter N. M. HansteenJan 25, 2025

Finally, an industrial-scale "Single Packet Authentication" implementation - https://www.theregister.com/2025/01/25/mysterious_backdoor_juniper_routers/ #security #backdoors #portknocking #singlepacketauthentication #SPA

Reminds me of my own "Why Not Use Port Knocking" (2012) https://nxdomain.no/~peter/why_not_use_port_knocking.html (part of the Hail Mary Cloud sequence, summarized at https://nxdomain.no/~peter/hailmary_lessons_learned.html)

Someone is slipping a hidden backdoor into Juniper routers across the globe, activated by a magic packet

Who could be so interested in chips, manufacturing, and more, in the US, UK, Europe, Russia...

The Register
Dragone2 Aug 26, 2024

Apriamo le #porte per #SSH o altri servizi SOLO per il nostro IP e TEMPORANEAMENTE, imparando ad utilizzare il #PortKnocking su #Linux e #raspberrypi:

https://www.risposteinformatiche.it/come-proteggere-linux-con-knockd-port-knocking/

#UnoLinux #OpenSource #CyberSecurity #Security #`Sicurezza #Tutorial #Utility #Network #Debian #Ubuntu

Come proteggere Linux con Knockd (Port Knocking)

Come proteggere il proprio server con knockd, sfruttando il Port Knocking, con esempi di configurazione e guida passo-passo.

Risposte Informatiche
Christian HagenestJan 7, 2023

#heise erklärt (natürlich hinter der Paywall) wie man #Portknocking einrichtet. Habe noch nie davon gehört, ist das so sinnlos wie das klingt? Hat starke "How to send Hackers to SSH-jail" vibes.

https://www.heise.de/ratgeber/Raspi-Projekt-Computer-im-Netz-mit-Portknocking-schuetzen-7435203.html

Raspi-Projekt: Computer im Netz mit Portknocking schützen

Hackerangriffe bedrohen Firmen und Privatleute. Zum Glück gibt es Methoden, sich zu schützen: Eine Variante ist das Portknocking – eine Art Versteckspiel.

heise online
hackaday unofficialAug 10, 2021

Hiding Links in Plain Sight with Bookmark Knocking

Have you ever been looking for a screwdriver, USB stick, or your keys, only to find them right where you left them in plain sight? We have. As many prolific geocachers know, hiding things out in the open is a great way to make sure that people overlook them.

[Jacob Strieb] has been researching various ways to password protect and hide browser bookmarks in plain sight. He calls his latest technique “Bookmark Knocking” and he’s made a demonstration available on his Github account.

Why hide bookmarks to begin with? A browser’s bookmark collection can give away the habits, interests, and needs of the person who put them there. Bookmarks to gifts, domestic abuse support websites, and other private destinations might be best kept away from prying eyes.

Inspired by port knocking -- opening connections to specific network ports in sequence to gain access through a firewall -- bookmark knocking requires clicking bookmarks in a specific order to open a link. When the bookmarks are accessed in the proper order, the third bookmark reveals a hidden site. It’s not only a novel approach to hiding things in plain sight, it’s very cool to use!

We especially appreciate [Jacob]’s motivation: Helping those who are vulnerable to protect themselves in any way possible. It’s a solid reminder that technology can be elevated to a higher stature when put to a noble use. Be sure to check out the demonstration so you can try it for yourself!

If camouflaging data flips your bits, you may want to look at a neat way to embed data right into bash scripts, or conceal a WiFi enabled microcontroller in a USB cable. Do you have your own favorite "hidden in plain sight" hack? Be sure to let us know through the Tip Line.

#securityhacks #softwarehacks #base64 #javascript #obfuscation #portknocking #security #securitythroughobscurity

Hiding Links In Plain Sight With Bookmark Knocking

Have you ever been looking for a screwdriver, USB stick, or your keys, only to find them right where you left them in plain sight? We have. As many prolific geocachers know, hiding things out in th…

Hackaday
marble 弹珠Aug 21, 2018

Heute kam mein #ESPRESSObin an und auch gleich viel damit rumgespielt.
#Arch Linux draufspielen war recht einfach. Habe mich dann etwas länger mit #Ansible geprügelt bis ich ein einsatzfähiges bootstrap playbook hinbekommen habe.

Habe danach von #PortKnocking erfahren, ein wenig belesen und gleich ausprobiert. Nach ein paar versuchen hat auch das geklappt