找回密码
 注册

QQ登录

只需一步,快速开始

搜索
查看: 8687|回复: 3

[脚本] ros port knocking 是啥意思的

[复制链接]
发表于 2013-1-20 22:33:49 | 显示全部楼层 |阅读模式

马上注册,结交更多好友,享用更多功能,让你轻松玩转社区。

您需要 登录 才可以下载或查看,没有账号?注册

×
Port Knocking

In the firewall we will load onto the router in the next section we divide up access into 2 sections

An address list of devices that have full access to the router
All other devices that have limited access to the router
One thing that all other devices are limited to is they have no Winbox/SSH/telnet access to the router, which sometimes will mean you can't get into it. One way to temporarily allow full access to a router is port knocking.

Port knocking with routeros is a way of adding a dynamic IP address into an address list for a specified amount of time. The way it works is like this

Client sends packet to router on port 1337
Router adds client’s IP address to address list “temp” with a timeout of 15 seconds
Client sends packer to router on port 7331
Router checks to see if the client’s IP address is on address list “temp”
If it is then router adds IP address to address list “safe” with a timeout of 15 minutes
Client has full access to router for 15 minutes
This feature is completely customisable with you able to define how many ports the client has to ‘knock’ before its given access, you can define what port numbers and what protocols you must knock and the timeout values.

http://wiki.mikrotik.com/wiki/Se ... #Loading_A_Firewall
麻烦大家指点下的
routeros
发表于 2013-1-21 00:55:05 | 显示全部楼层
侦测2个port, 并暂时开通某IP权限 15 分
routeros
回复

使用道具 举报

发表于 2013-1-21 08:53:26 | 显示全部楼层
嗯...................大概看懂了!
是說你要連線 Winbox/SSH/telnet  的Port
你可以先送出一個連線 1337 port   去敲ROS的門  然後你又有15秒時間去敲 port 7331
此時就會有15分鐘的連線了
意思是說平時不讓你開啟  winbox等port  但是經過敲門驗證后就會同意你winbox連線了!

這個 Linux 早就有的功能啦!
routeros
回复

使用道具 举报

 楼主| 发表于 2013-1-22 11:14:53 | 显示全部楼层
麻烦详细说下的,还是不明白
routeros
回复

使用道具 举报

您需要登录后才可以回帖 登录 | 注册

本版积分规则

QQ|Archiver|手机版|小黑屋|软路由 ( 渝ICP备15001194号-1|渝公网安备 50011602500124号 )

GMT+8, 2024-11-22 02:03 , Processed in 0.116611 second(s), 4 queries , Gzip On, Redis On.

Powered by Discuz! X3.5 Licensed

© 2001-2024 Discuz! Team.

快速回复 返回顶部 返回列表