[ANNOUNCE] new match extension about Port Knocking and SPA
fender
frozenspot at gmail.com
Thu May 3 01:06:05 CEST 2007
Hi,
We hope that this project can be added to the p-o-m, as netfilter
experimental part.
(*) Abstract
The PortKnockO Project implements Port Knocking and SPA (Simple Packet
Authentication) in kernel space, as a netfilter match extension. For
instance, this can be used to avoid brute force attacks to ssh or ftp
services.
It allows you to send messages from the kernel module to a user
application. For instance, this would enable to start up an
application (as a web server), after a peer has knocked the ports
specified in a port knocking rule.
Pros:
+ You can configure Port Knocking or SPA rules with the iptables syntax.
+ It does not require any daemons running in background.
+ You do not need to know a new syntax depending on an application.
+ The netfilter module can send messages to an user
application through netlink sockets.
(*) Status
This project is in beta version and it is still under development.
(*) You can check the source code out here:
svn checkout svn://svn.berlios.de/portknocko/trunk
(*) More information at http://portknocko.berlios.de/
Any feedback is welcome!
Regards,
--
J. Federico Hernandez
-------------- next part --------------
A non-text attachment was scrubbed...
Name: pknock-0.3.tar.gz
Type: application/x-gzip
Size: 20648 bytes
Desc: not available
Url : /pipermail/netfilter-devel/attachments/20070503/c5b7267f/pknock-0.3.tar-0001.bin
More information about the netfilter-devel
mailing list