Extension of a port knocking client-server architecture with NTP synchronization

Port knocking is a form of host-to-host communication which relies on deliberately failed TCP connection attempts. The information is encoded into a port sequence. The client attempts to initiate several three-way-handshakes and receives no reply. These connection attempts are monitored by a daemon which interprets their destination port numbers asport knocking client-server architecture data. This mechanism has vulnerabilities that can be exploited by hackers with the help of data sniffed off the network. Through synchronization, these vulnerabilities can be minimized. A knock sequence is less vulnerable to replay and brute force attacks if its lifespan is shorter. All the entities involved in the knock sequence need to be aware all the time of the knock sequence that can be used. For this, it is required that clients and server share the same time. Both possess the means of the determining the sequence, which consists of a hash based on a preshared key, time value, client IP address and destination port. We present the means to achieve the client-server synchronization and describe an application that implements this.