[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#305081: RFP: fwknop -- Firewall Knock Operator - advanced port knock daemon

Package: wnpp
Severity: wishlist

* Package name    : fwknop
  Version         : 0.5.0
  Upstream Author : Michael Rash <mbr@cipherdyne.org>
* URL             : http://www.cipherdyne.org/fwknop/
* License         : GPL
  Description     : Firewall Knock Operator - advanced port knock daemon

(Include the long description here.)

fwknop stands for "Firewall Knock Operator" and is a piece of software
that I released at the DEFCON 12 conference in July, 2004 in Las
Vegas: presentation slides

fwknop implements network access controls (via iptables) based on a
flexible port knocking mini-language, but with a twist; it combines
port knocking and passive operating system fingerprinting to make it
possible to do things like only allow, say, Linux-2.4/2.6 systems to
connect to your SSH daemon.

fwknop supports shared, multi-protocol port knock sequences along with
both relative and absolute timeouts, and coded port knock sequences
encrypted with the Rijndael block cipher.

Further reading:

http://www.cipherdyne.org/fwknop/dc_fwknop_slides.pdf
http://www.usenix.org/publications/login
http://www.usenix.org/publications/login/2004-12/index.html
http://it.slashdot.org/it/04/08/01/0436204.shtml

-- System Information:
Debian Release: 3.1
  APT prefers unstable
  APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: i386 (i686)
Kernel: Linux 2.6.10-1-686
Locale: LANG=C, LC_CTYPE=C (charmap=ISO-8859-1) (ignored: LC_ALL set to en_US)
Reply to: