- Cannot be done to ports that are publicly visible like web server (80). But it is great to control access to SSH port
- Port knocking is a technique for opening ports on demand
- Pre-defined knock sequence opens port
- Separate sequence to close port
- Can make machine invisible on the network
