Skip to content

Instantly share code, notes, and snippets.

Show Gist options
  • Save buananetpbun/dc63f1539acdcac713f41e0bca88cfde to your computer and use it in GitHub Desktop.
Save buananetpbun/dc63f1539acdcac713f41e0bca88cfde to your computer and use it in GitHub Desktop.
Port Knocking Maker or Generator Icmp + Packet Size
How Port Knocking Maker - Mikrotik Script RouterOS
In computer networking, port knocking is a method of externally opening ports on a firewall by generating a connection attempt on a set of prespecified closed ports. Once a correct sequence of connection attempts is received, the firewall rules are dynamically modified to allow the host which sent the connection attempts to connect over specific port(s). A variant called single packet authorization (SPA) exists, where only a single "knock" is needed, consisting of an encrypted packet.
The primary purpose of port knocking is to prevent an attacker from scanning a system for potentially exploitable services by doing a port scan, because unless the attacker sends the correct knock sequence, the protected ports will appear closed
###########################################################
# Mikrotik Port Knocking Generator with Icmp + Packet Size
# Date/Time: 2/14/2021, 12:14:10 PM
# https://fb.me/buananet.pbun
###########################################################
/ip firewall filter
add action=add-src-to-address-list address-list="port-knocking-first" address-list-timeout="00:00:00" chain=input packet-size="100" protocol=icmp comment="Port Knocking By BNT
add action=add-src-to-address-list address-list="port-knocking-second" address-list-timeout="00:00:00" chain=input packet-size="200" protocol=icmp src-address-list="port-knocking-first"
add action=accept chain=input dst-port="8291,21,22,23,80,443" protocol=tcp src-address-list="port-knocking-second"
add action=drop chain=input dst-port="8291,21,22,23,80,443" protocol=tcp src-address-list="!port-knocking-second"
Copy-Paste Firewall Script into the Terminal!
Unique Packet Size For Key Knocking: 72 and 172
Example Manually Open Key Ping in CMD Windows:
First Key Knock -> ping -l 72 (IP Adrress)
Second Key Knock -> ping -l 172 (IP Adrress)
Example Manually Open Key Ping in Terminal Linux or MacOS:
First Key Knock -> ping -s 72 (IP Adrress)
Second Key Knock -> ping -s 172 (IP Adrress)
Or you can use Port Knocking Maker or Port Knock Generator
https://buananetpbun.github.io/port-knocking-icmp.html
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment