Rhythm's Homepage

Port Knock Verifier

License: GPL

 

-        Port knock sequence verification using the Windows firewall log

-       Option to create firewall allow rule for the connecting IP on a specified port 

 

Description:

 

Port Knock Verifier can check the firewall log against predefined connection sequence. Matching is done on both port and the associated firewall action taken.  An event is created in the Windows application log on successful port knock verification.  If specified a port can be allowed in the firewall for the connecting IP that successfully performed the port knock.

 

Parameters:

 

Port_Knock_Verifier.exe [ports] [firewall action] [rule name] [time] [source IP] [allowed port] 

 

ports

Comma separated value of ports that identify the knock.  These will be listed in the order of the knock sequence.

 

firewall action

Comma separated value of firewall actions that identify the knock.  These will be listed in the order of the knock sequence and are the action taken by the firewall on the associated ports passed in the first parameter.

 

rule name

Text that will be used in the Windows event log notification from a successful knock verification.  Also used if an allowed port is specified in the parameter as the firewall rule name.

 

time

The number of time to look back in the Windows firewall log for a knock sequence match.

 

source IP

An optional parameter specifying the IP address that should match the source IP address performing the port knock sequence.

 

allowed port

An optional parameter that creates a firewall entry to allow the connecting ip on the port specified.

 

Compatibility:

 

-           Tested on Windows XP, Windows Vista, Windows 7

 

Requirements:

 

IP address correlation requires the Windows firewall be enabled and set to log successful and dropped connections 

 

Release notes:


            V 1.0 - First public released version.


 

Download link:

 

Download Link

 

Project page:

 

https://sourceforge.net/p/portknockverify 

 

Contact:

 

RandomRhythm@rhythmengineering.com

 

Special thanks to the following people for allowing the use of their code:

 

Kennith Ives

 

 

Microsoft, Windows XP, Windows Vista, Windows 7 are either registered trademarks or trademarks of Microsoft Corporation in the United States and/or other countries. Other Trademarks are the properties of their respective owners.