Int-DNS.startup

# Internal DNS Server.

ifconfig eth0 10.0.9.2/29

# The default route is GW-Int-Servers.
route add default gw 10.0.9.1

service dnsmasq start

# One of the following ports is used for
# port knocking, the rest are for misdirection.

while true; do nc -lvp 1887; done &
while true; do nc -lvp 22456; done &
while true; do nc -lvp 38964; done &

/etc/init.d/ssh start


# Port Knocking to 1887 and within 45 seconds ssh through the unconventional port 36747.

# Useful Commands:
# 1) The server should first have a root password set using the command: "passwd".
# 2) Knock the port 1887 using: "nmap -Pn --max-retries 0 -p 1887 10.0.9.2". Netcat can be used too.
# 3) Within 45 seconds, perform the following command from admin: "ssh -p 36747 root@10.0.9.2".

iptables -A INPUT -s 10.0.13.0/30 -p tcp --syn --dport 1887 -m comment --comment "Portknock sequence" -m recent --set --name portknock

iptables -A INPUT -s 10.0.13.0/30 -p tcp --syn --dport 36747 -m recent --rcheck --seconds 45 --name portknock -m conntrack --ctstate NEW -m comment --comment "SSH Unconventional Port" -j ACCEPT

iptables -A INPUT -p tcp --syn --dport 36747 -m comment --comment "Restrics connections without first portknocking" -j DROP