sKnock: Port-Knocking for Masses

Abstract

Port-knocking is the concept of hiding remote services behind a firewall which allows access to the services'listening ports only after the client has successfully authenticatedto the firewall. This helps in preventing scanners from learningwhat services are currently available on a host and also servesas a defense against zero-day attacks. Existing port-knockingimplementations are not scalable in service provider deploymentsdue to their usage of shared secrets. In this paper we introducean implementation of port-knocking based on x509 certificatesaimed towards being highly scalable.