Port Knocking

Technically not just for SSH, but very common if necessary it will be for SSH port.

Finding port via already having access to a shell or file access on the host:

• ps aux -→ look for knockd process

• cat /etc/knockd.conf for the sequence and which port it might open

NMAP PORT KNOCKER:

for i in 571 290 911; do
nmap -Pn --host-timeout 100 --max-retries 0 -p $i 10.10.10.43 >/dev/null
done; ssh -i id_rsa amrois@10.10.10.43