HowTo: Install And Configure FWKNP (Using EnGarde Linux)
Secret knocks have been used for purposes as simple and childish as
identifying friend or foe during a schoolyard fort war. Fraternities
teach these knocks as a rite of passage into their society, and in our
security world we can implement this layer of security to lock down an
SSH server. The FireWall KNock Operator (fwknop) is an excellent port knocking
implementation that combines encrypted port knocking with passive OS
finger-printing. This makes it possible to define specifically which
Linux systems are allowed access to your SSH server. fwknop combines
its functionality with
iptables rules and log messages to grant or deny access to the SSH
daemon.