Knock, Knock Let Me In

Do you know who is trying to get in to your network. Someone is always knocking at your door. The doors of the network is called ports. Anyone working on my network should have a fairly good understanding and knowledge of why a port is open, and if they do not have a good reason for it to be open then close it. Port knocking provides a stealthy method of authentication and information transfer to a networked machine that has no open ports. Some basic functionality needs to be provided with any port knocking implementation:

1. A way to monitor the firewall log file needs to be devised. 
2. A method to extract the sequences of ports from the log file and translate their payload into usable information. 
3. Once the information is obtained from the sequence, the implementation must provide some way to manipulate the firewall rules.

Port knocking sounds like a great solution when it comes to monitoring closed ports on a firewall, but it does come with a few disadvantages. You have to use client script in order to perform the knocks. This script should be kept a secret and on a removable media such as a USB drive. A number of ports need to be allocated for exclusive use by the system. Any system that manipulates firewall rules in an automated fashion requires careful implementation.