fwknop 1.0.1

Version: 1.0.1

Downloads:0

Hits:573

SourceNO

Link Broken:Report It!

Package:Without source

Price:$0

More info Download

Description

fwknop stands for the "FireWall KNock OPerator", and implements an authorization scheme called Single Packet Authorization (SPA) that is based around iptables and libpcap.SPA requires only a single encrypted packet in order to communicate various pieces of information including desired access through an iptables policy and/or complete commands to execute on the target system.With fwknop deployed, anyone using nmap to look for sshd can't even tell that it is listening; it makes no difference if they have a 0-day exploit or not. The authorization server passively monitors authorization packets via libcap and hence there is no "server" to which to connect in the traditional sense. Access to a protected service is only granted after a valid encrypted and non-replayed packet is monitored from an fwknop client.Single Packet Authorization retains the benefits of Port Knocking (i.e. service protection behind a default-drop packet filter), but has the following advantages over Port Knocking: - SPA can utilize asymmetric ciphers for encryption. Asymmetric ciphers typically have larger key sizes than symmetric ciphers, and the data transmission rate of port knocking (which uses packet headers instead of packet payloads) is not sufficient to effectively use an asymmetric cipher. SPA is compatible with 2048-bit Elgamal GnuPG keys. - SPA packets are non-replayable. There are strategies (such as S/Key-style iteration of a hash function) used by port knocking implementations to reduce the danger of a replayed knock sequence, but these strategies are relatively brittle and not generally very scalable to lots of users. - SPA cannot be broken by trivial sequence busting attacks. For any attacker who can monitor a port knocking sequence, the sequence can be busted by simply spoofing a duplicate packet (as though it comes from the source of the real sequence) to the previous port in a sequence. - SPA only sends a single packet over the network, and hence does not look like a port scan to any intermediate IDS that may be watching. - SPA is much faster because it only sends a single packet. Port knocking implementations must build in time delays between successive packets because there is no guarantee of in-order delivery.

Language: C/C++

Related:

Authorization - Firewall - Firewall Tool - Firewall Utility - Security - Single Packet Authorization

User Reviews:

Write Review *
Your name *
Email *
(Your comments will be reviewed by our staff before they are posted)
Rate this product *
Captcha Image
Enter code from image *

 

Related:

Bandwidth Management Tools 1.0

Bandwidth Management Tools provides a powerful firewall configuration utility.

By: Bwm-tools Homepage

Freeware

Linux ipchains 1.3.10

Linux ipchains is a rewrite of the Linux IPv4 firewalling code and a rewrite of ipfwadm, which was a rewrite of BSD's ipfw.

By: people.netfilter.org Homepage

Freeware

Firewall Builder 2.1.11

Firewall Builder is multi-platform firewall configuration and management tool.

By: Fwbuilder Homepage

Freeware

Firestarter 1.0.3

Firestarter is an Open Source visual firewall program.

By: Firestarter Homepage

Freeware

Fireflier 1.1.6

Fireflier is a firewall tool, which is built on top of the iptables framework.

By: Fireflier Homepage

Freeware

Qt Utils 1.0

Qt utility classes for security, networking, and general extensions to the Qt toolkit.

By: Qtutils Homepage

Freeware

Agnitio 86

A tool to help developers and security professionals conduct manual security code reviews in a consistent and repeatable way.

By: Agnitiotool Homepage

Freeware

Doc-o-matic 5.1

Doc-O-Matic is a single source software documentation tool for source code documentation and Help authoring. It creates fully cross linked...

By: Toolsfactory GmbH

Shareware

TUTI - Table Utilities 3.30

TUTI - TABLE UTILITIES is a useful general-purpose tool applicable to any accessible database for Borland BDE or Microsoft ODBC. It is a powerful...

By: David Simon P. Homepage

Shareware

PDF Encrypt Decrypt Software 2.8.0.5

PDF Encrypt Decrypt Software remove passwords of several PDF files on a single connect. PDF Encrypt and decrypt utility application work with much...

By: PDF Password Remover Homepage

Shareware