Download Shareware and Freeware Software for Windows, Linux, Macintosh, PDA

line Home  |  About Us  |  Link To Us  |  FAQ  |  Contact

Serving Software Downloads in 976 Categories, Downloaded 31.018.085 Times

TCP Knocking 0.1

  Date Added: June 12, 2010  |  Visits: 810

TCP Knocking

Report Broken Link
Printer Friendly Version

Product Homepage
Download (82 downloads)

TCP Knocking provides a port knocking implementation. Often a secure system needs a port open so that only authorized persons can access a particular service and also the service should not exposed to attackers and worms that may use vulnerabilities that exist in the listening server. Port knocking is designed to be used as a complementary service to the existing authentication mechanism. But one of the biggest problems with port knocking is manipulating the firewall with timeouts. When the correct knock sequence is sent, the firewall is modified for couple of seconds. Having the firewall open automatically for a time period will make any system administrator uncomfortable. TCP knocking attempts to solve the problem by incorporating the knock into the TCP handshake. Tcp knocking is similar to port knocking, but instead sending UDP packets with secret ports, the TCP handshake packets must include secrete codes. It is at least as secure as port knocking and it can be made secure with more hardening. Modified TCP handshake: In normal TCP handshake, the client sends the syn packet and chooses a random initial sequence number. The server responds with a packet that has both syn and ack flags set, choosing a random The modified TCP handshake uses the empty fields in the header. The server does not respond to connection requests without a special code generated along with the syn packet. The server also encrypts the ISN in the ack packet (2) and the final packet of the three-way handshake must have the correct acknowledgment for the servers ISN. The system is further protected from brute-force attacks by closing the connection if the first attempt for the third packet does not have the expected acknowledgment sequence. Also, rather than use conventional encryption techniques like HMAC for verification, this system uses a file with random numbers as the key. This is because of the limited unused space available in the TCP/IP header which makes HMAC very weak. By using a shared file, the length of the key can be much greater than traditional systems and even though some parts of the key can be revealed by attacks, the server can protect itself from replay attacks. The handshake: 1) Syn The syn packet does not use the 32 bit acknowledgment field in the TCP header as it the the first packet to initiate the connection. Further the 16 bit IPID can be used to transmit information. In the current implementation only the 32 bit acknowledgment field is used. Currently the 32 bit ack is derived from a 64 KB file which contains random numbers. The ISN and the source IP address along with the random numbers are used to generate this value. 2) Syn/Ack The ISN is encrypted using the random numbers from the 64 KB file using the destination IP address as well as a 16 bit random number used as IPID. I do not have code for this part yet. 3) Ack The client decrypts the syn number from the encrypted syn, the key file, the 16 bit IPID and its own IP address and sends the ack packet. The server closes all connections from the client for couple of minutes if it sends a wrong ack value. Part of the security relies on the fact that the ISN generated by Linux 2.6 is fairly random. Implementation: I have implemented only the first part, which is the server expecting secret code along with the first syn packet from the client. Hence it is very possible to brute-force the server. Also the system is designed with the second phase in mind, which is the encrypted Initial Sequence Number in the ack packet and closing the connection if the correct ack is not sent on the first try. I do not have an implementation for that yet. The security will be increased greatly when the second phase is incorporated. Also the ability to detect brute-force attacks can be added to this system. But the current system can be used for protecting the server from worms and random scanning. The use-case is similar to port knocking but it does not use the ugly system of opening the firewall for a couple of seconds. Vanilla port knocking is susceptible to brute-force attacks as well. Besides, inserting a kernel module to just ssh into your server will increase your mad sysadmin points. Whats New in This Release: - TCP knocking with Phase 1 of the protocol was implemented..

Requirements: No special requirements
Platforms: Linux
Keyword: Ack Does Not Ip Ipid Isn Knocking Packet Port Port Knocking Random Random Numbers Server Syn Packet Tcp Handshake Tcp Knocking
Users rating: 0/10

License: Freeware Size: 5.12 KB
Network & Internet  -  Bazooka Board 2.75
Bazooka Board is a PHP bulletin board that does not require MySQL. It uses nothing just a single text-file on your web server for its data storage. Bazooka Board was created to help serve those who have PHP webspace, but no MySQL database...
27.65 KB  
Libraries  -  PDL::Bad 2.4.3
PDL::Bad - PDL does not process bad values. PDL has been compiled with WITH_BADVAL either 0 or undef, so it does not contain any bad-value support code. Actually, a number of methods are defined, but they are only placeholders to make writing...
2.1 MB  
Libraries  -  Proc::Command 0.04
Proc::Command is a backtick that does not use the shell for Perl under Windows. SYNOPSIS use Proc::Command @reponse = Proc::Command->command($command) @reponse = Proc::Command->command($command, $trys) @reponse =...
16.38 KB  
E-Mail Tools  -  travmail 0.1.1328
travmail project is an imap webmail client which requires php but does not use the imap routines available in php. Ive just made some rpm files available which have relocation enabled in case you want to install into a path other than the...
19.3 MB  
Modules  -  Counterize II 2.14.1
It does not stores IP address information and uses unique hashes instead to differentiate between users.Installation Unpack and upload it to the /wp-content/plugins/ directory. Activate the plugin through the 'Plugins' menu in WordPress....
Education  -  Wave Packet Model 1.0
The Ejs Wave Packet model displays the motion of an approximate wave packet. The simulation allows an arbitrarily wave packet to be created. The default dispersion relation, with the frequency equal to the wavenumber, results in a wavepacket that...
1.4 MB  
Utilities  -  CAVU free video surveillance 2.2.0
CAVU FREE is a limited version of CAVU PRO, the #1 mobile surveillance applications on iTunes. (ONLY CONNECTS TO CERTAIN AXIS & PANASONIC IP CAMERAS LIVE. DOES NOT RECORD) You can view your live security cameras from anywhere when your CAVU...
4.8 MB  
Utilities  -  HomeMonitor 3.3.8
Important Notice: This program does not work with the PC or IP cameras usually sold. It requires a special camera, please consult our website before you download the application. ---------------------------------------- HomeMonitor...
4.4 MB  
E-Mail Tools  -  spamdyke 2.6.3
spamdyke is a drop-in filter for qmail to provide connection-time blacklisting, graylisting, DNS RBL checking, improved logging, and more spamdyke project is a standalone program that does not use qmail source code or require patching/recompiling...
44.03 KB  
Communication Tools  -  SSuite Office - VOIP Caller Extreme 2.0
Voip PC Phone is a useful program that does not rely on Third-Party Vendors or Special Internet Websites to make calls. All you need is a headset and microphone to make a call. Voip Phone works only on LAN and DSL connections. The minimum...
4.15 MB  
Network & Internet  -  Free WiFi Hotspot 3.3.1
Free WiFi Hotspot is a super easy solution to turn your laptop or notebook into a portable Wi-Fi hotspot, wirelessly sharing your internet connections like DSL, Cable, Bluetooth, Mobile Broadband Card, Dial-Up, etc. through the built-in wireless...
1.04 MB  
Network & Internet  -  Easy Uploads 1.8
Easy uploads is a file storage media streaming application designed by Filestreamers that allows you to upload, store, and stream your files from their virtually unlimited file storage server. Easy Uploads can backup,share, and stream your files...
615.97 KB  
Network & Internet  -  IPv6 CARE 3.2b
IPv6 CARE, "IPv6 Compliant Automatic Runtime Environment", is a Linux tool able to patch ipv6-agnostic programs on-the-fly ('patch' mode). It can also generate a diagnosis about the IPv6 compliance of an application ('check' mode).
409.6 KB  
Network & Internet  -  PacketFence ZEN 3.1.0
PacketFence is a fully supported, trusted, Free and Open Source network access control (NAC) system. Boosting an impressive feature set including a captive-portal for registration and remediation, centralized wired and wireless management, 802.1X...
1024 MB  
Network & Internet  -  django-dbstorage 1.3
A Django file storage backend for files in the database.
10.24 KB  
Networking Tools  -  gvrpad 0.1
gvrpad is a daemon that makes GVRP announcements of all VLAN interfaces on a FreeBSD system. GVRP is the GARP VLAN Registration Protocol, defined in IEEE 802.1Q (VLANS); GARP is the Generic Attribute Registration Protocol, defined in 802.1D...
15.36 KB  
Networking Tools  -  Cheops 0.61
Cheops is an Open Source Network User Interface. It is designed to be the network equivalent of a swiss-army knife, unifying your network utilities. Cheops is for the network what a file manager is for your filesystem..
317.44 KB  
Networking Tools  -  dynacc 0.5.0
Dynacc aims to be a Pakage which gives you control other your Internet Connection. It runs a linux router/host which provides MASQ services and HTTP proxying for a LAN. It gives you the Power to define users/groups which are allowed to make...
122.88 KB  
Networking Tools  -  ssh tunnel on demand 1.0
ssh tunnel on demand provides a script that creates an SSH tunnel on demand. ssh tunnel on demand is a script that makes it possible for a user to create an SSH tunnel to a server and connect to it without needing an account on the box or any...
13.31 KB  
Networking Tools  -  strongSwan 4.1.5
strongSwan is an OpenSource IPsec implementation for the Linux operating system. strongSwan is an OpenSource IPsec implementation for the Linux operating system. In order to have a stable IPsec platform to base our future extensions of the X.509...
1.7 MB