Port knocking is a means of providing an extra layer of security via firewall. The better firewalls are able to keep ports closed against outside attempts to connect unless a set of connections attempts are made to a pre-determined list of ports in a specific order — or, at least, provides the means of implementing port knocking through some additional utility.
In other words, port knocking is like a secret knock, where you knock on a door a certain number of times with some recognizable pauses between some of the individual knocks, producing a pattern that can be used to identify the person on the other side. This can help solve the problem of needing to allow connections to a commonly used port, such as port 22 for SSH, without having to just leave the port open for any schmuck in the world to start bombarding it with connection attempts in a brute-force attack on your user passwords. Not only does this help cut down on the likelihood that a user account that accepts remote connections can be compromised by a brute-force attempt to crack security, but it also eliminates a lot of opportunity for denial of service attacks because it will be more difficult for an attacker to find an open port to attack.
Referring to Chad Perrin, http://blogs.techrepublic.com.com/security/?p=292
