Search Results

The Sophos SFOS/XGS based devices provide advance firewall and UTM capabilities. This replaces the previous UTM devices, which can be integrated here. Knocknoc manages IP addresses within a host-group, it does not edit/change firewall policies, and operates w...

The orchestration agent can be configured to reverse-proxy traffic, simply by enabling this mode and completing a few configuration options, you'll be on your way to controlling HTTPs or TCP attack surface, without an additional firewall or other layer beyond ...

Debian distros (Ubuntu etc) If you are getting the this error: Failed to fetch https://packages.knocknoc.io/debian/dists/bookworm/InRelease The following signatures were invalid: EXPKEYSIG E3AB5DF76BBF701F Knocknoc Support <support@knocknoc.io> You may ha...

The Knocknoc orchestration Agent - which is deployed alongside managed infrastructure (not on desktops) - can be converted to an in-line reverse proxy, providing access control at layer-7 (HTTP/HTTPs) or layer-3 for TCP, linked to Knocknoc. This allows the ce...

The Knocknoc Server can be deployed in various ways to match your high-availability needs and deployment models. Ultimately the Knocknoc solution comprises of these three components: Server Database Orchestration Agent(s) The Server (web-app) can be d...

If you installed Knocknoc Server before version 8.5 (September 2025), your instance is likely using a local SQLite database. The Knocknoc Server now uses PostgreSQL as its primary database. This guide explains how to use the "knocker convertdb" tool, which is ...

Windows Servers and RDP/WinRM - removing pre-auth attack surface A mid-sized business utilizes RDP and WinRM to manage a Windows fleet of servers, however wasn't comfortable with always-on network exposure of these ports/protocols - even to internal managemen...

On a Linux host as Root, execute the below command to setup and install a Knocknoc Agent. You will be stepped through the process. curl -sSL https://packages.knocknoc.io/setup/setup_knocknoc_agent.sh | bash The installer runs on Debian, Ubuntu, Redhat, Oracl...

I've locked myself out!  Default deny is a wonderful thing, the best place to be - except when you lock yourself out. Thankfully Knocknoc has a break-glass control if you need.   Follow these steps to add a 20 minute access path, it requires Admin access. ...