Performance Evaluation of Widely used Portknoking Algorithms (1207.1700v1)

Abstract: Port knocking is a technique by which only a single packet or special sequence will permit the firewall to open a port on a machine where all ports are blocked by default. It is a passive authorization technique which offers firewall-level authentication to ensure authorized access to potentially vulnerable network services. In this paper, we present performance evaluation and analytical comparison of three widely used port knocking (PK) algorithms, Aldaba, FWKNOP and SIG-2. Comparative analysis is based upon ten selected parameters; Platforms (Supported OS), Implementation (PK, SPA or both), Protocols (UDP, TCP, ICMP), Out of Order packet delivery, NAT (Network Address Translation), Encryption Algorithms, Root privileges (For installation and operation), Weak Passwords, Replay Attacks and IPv6 compatibility. Based upon these parameters, relative performance score has been given to each algorithm. Finally, we deduce that FWKNOP due to compatibility with windows client is the most efficient among chosen PK implementations.