Download Shareware and Freeware Software for Windows, Linux, Macintosh, PDA

line Home  |  About Us  |  Link To Us  |  FAQ  |  Contact

Serving Software Downloads in 976 Categories, Downloaded 29.990.681 Times

fwknop 1.8.1

  Date Added: October 22, 2010  |  Visits: 627

fwknop

Report Broken Link
Printer Friendly Version


Product Homepage
Download (72 downloads)

fwknop stands for the "FireWall KNock OPerator", and implements an authorization scheme based around Netfilter and libpcap that requires only a single encrypted packet in order to communicate various pieces of information including desired access through a Netfilter policy and/or complete commands to execute on the target system. By using Netfilter to maintain a "default drop" stance, the main application of this program is to protect services such as OpenSSH with an additional layer of security in order to make the exploitation of vulnerabilities (both 0-day and unpatched code) much more difficult. The authorization server passively monitors authorization packets via libcap and hence there is no "server" to which to connect in the traditional sense. Access to a protected service is only granted after a valid encrypted and non-replayed packet is monitored. This method is similar to the Single Packet Authorization scheme proposed by Simple Nomad and the folks at NMRC fwknop project was also the first tool to combine traditional encrypted port knocking with passive OS fingerprinting. This makes it possible to do things like only allow, say, Linux-2.4/2.6 systems to connect to your SSH daemon. Whats New in This Release: - A bugfix to ensure that the "keep-state" directive is added to firewall rules on systems running the ipfw firewall. - The --Save-packet and --Save-packet-file command line arguments have been added to the fwknop client. - These options instruct fwknop to save a copy of an encrypted SPA packet before it is sent across the network. - A bugfix to find the minimal unused ipfw rule number for ipfw firewalls. - This fixes an issue where ipfw rules added by fwknopd could be inserted at the same position as rules from an existing ipfw policy.. Cipherdyne System and Network Security

Requirements: No special requirements
Platforms: Linux
Keyword: Authorization Encrypted Fwknop Networking Packet Scheme Single System
Users rating: 0/10

License: Freeware Size: 450.56 KB
FWKNOP RELATED
Network & Internet  -  openMosix kernel-2.4.26
openMosix is a Linux kernel extension for single-system image clustering. This kernel extension turns a network of ordinary computers into a supercomputer for Linux applications. Once you have installed openMosix, the nodes in the cluster start...
10 MB  
Networking  -  MultiCom Webpage System 0.1
MultiCom Webpage System aims to provide a Guestbook, a NewsSystem and a Forum in one single system, administrable from one Control Center.The system is completely written in PHP/HTML with a MySQL backend.
235.52 KB  
Utilities  -  Alternatives system 0.2.0
Alternatives system is an implementation of a Debian alternatives system; a system that allows several programs with the same or similar functions to be installed on a single system at the same time. This implementation solves some problems and...
22.53 KB  
Blog  -  Blogora 1.0
Blogora is a unique combination of a blogging platform and forum software into a single system, orginating from the blogoscoped blog.This combination makes it possible to create a tighter community behind a blog or a public home in case of a...
563.2 KB  
Utilities  -  MOSIX Grid and Cluster Management 2.21.2.6
MOSIX Grid and Cluster Management is a management system for Linux clusters and organizational grids that provides a Single-System Image. In a MOSIX based system, there is no need to modify or link applications with any library, copy files,...
 
Sports  -  Hunt Pro - Calls and Solunar Calendar 2.9
Hunt Pro integrates crystal clear hunting calls with powerful sound track mixer, Solunar Calendar for best hunting and fishing times, and social networking in a single package. If you intend to use the calls for hunting, check first your...
34.9 MB  
Utilities  -  Rkdet 0.54
This program is a daemon intended to catch someone installing a rootkit or running a packet sniffer. It is designed to run continually with a small footprint under an innocuous name. When triggered, it sends email, appends to a logfile, and...
58.37 KB  
Modules  -  Test Quiz Module 2.0
This is a module for php nuke web portal system, like a quizz module in test module you can assign a weight for a single answer, create a profile with range of value, you can create official or funny test
92.16 KB  
Development Editors  -  RScheme for Linux 0.7.3.3
RScheme is a Scheme implementation with a reflective object system, operating system services, modules, threads, many other system programming features (including the ability to integrate with and compile to C code), and a wealth of useful...
2.28 MB  
Utilities  -  User-space System Device Enumeration 0.82
The User-space System Device Enumeration (uSDE) facility manages the devices attached to a computer system. It is responsible for creating, deleting and maintaining the devices and networking interfaces for the system that it is installed on.
153.6 KB  
NEW DOWNLOADS IN NETWORK & INTERNET, NETWORKING TOOLS
Network & Internet  -  Free WiFi Hotspot 3.3.1
Free WiFi Hotspot is a super easy solution to turn your laptop or notebook into a portable Wi-Fi hotspot, wirelessly sharing your internet connections like DSL, Cable, Bluetooth, Mobile Broadband Card, Dial-Up, etc. through the built-in wireless...
1.04 MB  
Network & Internet  -  Easy Uploads 1.8
Easy uploads is a file storage media streaming application designed by Filestreamers that allows you to upload, store, and stream your files from their virtually unlimited file storage server. Easy Uploads can backup,share, and stream your files...
615.97 KB  
Network & Internet  -  IPv6 CARE 3.2b
IPv6 CARE, "IPv6 Compliant Automatic Runtime Environment", is a Linux tool able to patch ipv6-agnostic programs on-the-fly ('patch' mode). It can also generate a diagnosis about the IPv6 compliance of an application ('check' mode).
409.6 KB  
Network & Internet  -  PacketFence ZEN 3.1.0
PacketFence is a fully supported, trusted, Free and Open Source network access control (NAC) system. Boosting an impressive feature set including a captive-portal for registration and remediation, centralized wired and wireless management, 802.1X...
1024 MB  
Network & Internet  -  django-dbstorage 1.3
A Django file storage backend for files in the database.
10.24 KB  
Networking Tools  -  gvrpad 0.1
gvrpad is a daemon that makes GVRP announcements of all VLAN interfaces on a FreeBSD system. GVRP is the GARP VLAN Registration Protocol, defined in IEEE 802.1Q (VLANS); GARP is the Generic Attribute Registration Protocol, defined in 802.1D...
15.36 KB  
Networking Tools  -  Cheops 0.61
Cheops is an Open Source Network User Interface. It is designed to be the network equivalent of a swiss-army knife, unifying your network utilities. Cheops is for the network what a file manager is for your filesystem..
317.44 KB  
Networking Tools  -  dynacc 0.5.0
Dynacc aims to be a Pakage which gives you control other your Internet Connection. It runs a linux router/host which provides MASQ services and HTTP proxying for a LAN. It gives you the Power to define users/groups which are allowed to make...
122.88 KB  
Networking Tools  -  ssh tunnel on demand 1.0
ssh tunnel on demand provides a script that creates an SSH tunnel on demand. ssh tunnel on demand is a script that makes it possible for a user to create an SSH tunnel to a server and connect to it without needing an account on the box or any...
13.31 KB  
Networking Tools  -  strongSwan 4.1.5
strongSwan is an OpenSource IPsec implementation for the Linux operating system. strongSwan is an OpenSource IPsec implementation for the Linux operating system. In order to have a stable IPsec platform to base our future extensions of the X.509...
1.7 MB