fwknop 1.8.1 |
Date Added: October 22, 2010 | Visits: 844 |
|
||||||||
fwknop stands for the "FireWall KNock OPerator", and implements an authorization scheme based around Netfilter and libpcap that requires only a single encrypted packet in order to communicate various pieces of information including desired access through a Netfilter policy and/or complete commands to execute on the target system. By using Netfilter to maintain a "default drop" stance, the main application of this program is to protect services such as OpenSSH with an additional layer of security in order to make the exploitation of vulnerabilities (both 0-day and unpatched code) much more difficult. The authorization server passively monitors authorization packets via libcap and hence there is no "server" to which to connect in the traditional sense. Access to a protected service is only granted after a valid encrypted and non-replayed packet is monitored. This method is similar to the Single Packet Authorization scheme proposed by Simple Nomad and the folks at NMRC fwknop project was also the first tool to combine traditional encrypted port knocking with passive OS fingerprinting. This makes it possible to do things like only allow, say, Linux-2.4/2.6 systems to connect to your SSH daemon. Whats New in This Release: - A bugfix to ensure that the "keep-state" directive is added to firewall rules on systems running the ipfw firewall. - The --Save-packet and --Save-packet-file command line arguments have been added to the fwknop client. - These options instruct fwknop to save a copy of an encrypted SPA packet before it is sent across the network. - A bugfix to find the minimal unused ipfw rule number for ipfw firewalls. - This fixes an issue where ipfw rules added by fwknopd could be inserted at the same position as rules from an existing ipfw policy.. Cipherdyne System and Network Security
|
License: Freeware | Size: 450.56 KB |
Network & Internet
-
openMosix kernel-2.4.26
openMosix is a Linux kernel extension for single-system image clustering. This kernel extension turns a network of ordinary computers into a supercomputer for Linux applications. Once you have installed openMosix, the nodes in the cluster start... |
10 MB | |
Networking
-
MultiCom Webpage System 0.1
MultiCom Webpage System aims to provide a Guestbook, a NewsSystem and a Forum in one single system, administrable from one Control Center.The system is completely written in PHP/HTML with a MySQL backend. |
235.52 KB | |
Utilities
-
Alternatives system 0.2.0
Alternatives system is an implementation of a Debian alternatives system; a system that allows several programs with the same or similar functions to be installed on a single system at the same time. This implementation solves some problems and... |
22.53 KB | |
Blog
-
Blogora 1.0
Blogora is a unique combination of a blogging platform and forum software into a single system, orginating from the blogoscoped blog.This combination makes it possible to create a tighter community behind a blog or a public home in case of a... |
563.2 KB | |
Utilities
-
Rkdet 0.54
This program is a daemon intended to catch someone installing a rootkit or running a packet sniffer. It is designed to run continually with a small footprint under an innocuous name. When triggered, it sends email, appends to a logfile, and... |
58.37 KB | |
Network & Internet
-
Score Cluster System Software 6.0.1
Score Cluster System Software is a cluster system software is designed for the high performance cluster environment without using the TCP/IP protocol stack. Score Cluster System Software features high performance communication, efficient computer... |
||
Modules
-
Test Quiz Module 2.0
This is a module for php nuke web portal system, like a quizz module in test module you can assign a weight for a single answer, create a profile with range of value, you can create official or funny test |
92.16 KB | |
Utilities
-
GoMF 0.8
GoMF (Garys openMosix Floppy) is a single floppy openMosix Linux mini-distro designed to quickly add CPU/Memory resources to an openMosix cluster. The floppy includes the auto discovery daemon and some user tools like mosctl, mosrun, mosmon,... |
1.4 MB | |
Utilities
-
Amelio 2011.2
Amelio is a console based rescue CD designed to ameliorate the tasks of fixing a broken Linux system by providing several filesystem, LVM, and RAID utilities as well as numerous networking utilities for troubleshooting, sniffing, and monitoring. |
197.35 MB | |
Network & Internet
-
Oliver 1.3.1
Oliver (formerly Webshare) is a free, web based FTP front-end, written in PHP and released under the GPL. It is intended to allow people to access files, normally only available via FTP, using a web browser. This effectively provides users with a... |
51.2 KB |
Network & Internet
-
Free WiFi Hotspot 3.3.1
Free WiFi Hotspot is a super easy solution to turn your laptop or notebook into a portable Wi-Fi hotspot, wirelessly sharing your internet connections like DSL, Cable, Bluetooth, Mobile Broadband Card, Dial-Up, etc. through the built-in wireless... |
1.04 MB | |
Network & Internet
-
Easy Uploads 1.8
Easy uploads is a file storage media streaming application designed by Filestreamers that allows you to upload, store, and stream your files from their virtually unlimited file storage server. Easy Uploads can backup,share, and stream your files... |
615.97 KB | |
Network & Internet
-
PacketFence ZEN 3.1.0
PacketFence is a fully supported, trusted, Free and Open Source network access control (NAC) system. Boosting an impressive feature set including a captive-portal for registration and remediation, centralized wired and wireless management, 802.1X... |
1024 MB | |
Network & Internet
-
django-dbstorage 1.3
A Django file storage backend for files in the database. |
10.24 KB | |
Network & Internet
-
SQL Inject Me 0.4.5
SQL Inject Me is a Firefox extension used to test for SQL Injection vulnerabilities. The tool works by submitting your HTML forms and substituting the form value with strings that are representative of an SQL Injection attack. |
133.12 KB | |
Networking Tools
-
gvrpad 0.1
gvrpad is a daemon that makes GVRP announcements of all VLAN interfaces on a FreeBSD system. GVRP is the GARP VLAN Registration Protocol, defined in IEEE 802.1Q (VLANS); GARP is the Generic Attribute Registration Protocol, defined in 802.1D... |
15.36 KB | |
Networking Tools
-
Cheops 0.61
Cheops is an Open Source Network User Interface. It is designed to be the network equivalent of a swiss-army knife, unifying your network utilities. Cheops is for the network what a file manager is for your filesystem.. |
317.44 KB | |
Networking Tools
-
ssh tunnel on demand 1.0
ssh tunnel on demand provides a script that creates an SSH tunnel on demand. ssh tunnel on demand is a script that makes it possible for a user to create an SSH tunnel to a server and connect to it without needing an account on the box or any... |
13.31 KB | |
Networking Tools
-
strongSwan 4.1.5
strongSwan is an OpenSource IPsec implementation for the Linux operating system. strongSwan is an OpenSource IPsec implementation for the Linux operating system. In order to have a stable IPsec platform to base our future extensions of the X.509... |
1.7 MB | |
Networking Tools
-
triggers 0.41
trigger is a lightweight, asynchronous notification mechanism to set off events in and across systems. The poor mans daily snapshot, glastree builds live backup trees, with branches for each day. Users directly browse the past to recover older... |
14.34 KB |