Firewall Knock Operator (fwknop)
NOTE: This project is extremely out of date. Please do not use. It's kept here as a place holder should I want to revisit it.
This project builds packages for the C implementation of the Firewall Knock Operator or fwknop.
Here's a description of fwknop:
Fwknop implements an authorization scheme known as Single Packet Authorization
(SPA) for Linux systems running iptables. This mechanism requires only a
single encrypted and non-replayed packet to communicate various pieces of
information including desired access through an iptables policy. The main
application of this program is to use iptables in a default-drop stance to
protect services such as SSH with an additional layer of security in order
to make the exploitation of vulnerabilities (both 0-day and unpatched code)
much more difficult.
Look here for more info:
http://www.cipherdyne.org/fwknop/
http://trac.cipherdyne.org/trac/fwknop
Name | Changed |
---|
Comments 0