Port Knocking
Briefly, users make connection attempts to sequences of closed ports.
The failed connections are logged by the server-side packet filtering
firewall and detected by a daemon that monitors the firewall log file.
When a properly formatted knock sequence, playing the role of the secret
used in the authentication, is received, firewall rules are manipulated
based on the information content of the sequence. This user-based
authentication system is both robust, being mediated by the kernel
firewall, and stealthy–it’s not possible to detect whether a networked
machine is listening for port knocks. Port knocking does not require any
open ports, and it can be extended to transmit any type of information
encoded in a port sequence.
—full article on
Port Knocking from LinuxJournal