> A firewall that rejects all traffic to everyone, except for one port. > This one port is used to authenticate an IP address through a > challenge/response algorithm. > If successful, the IP is then allowed through the firewall. > After a period of idle time, the IP is removed from the allow table. This one isn't well supported by many clients at this point. I was looking into developing something to fix that, but it didn't happen. > This seems like simple way to protect the box from script kiddies. > Does anyone know of a product like this in existence? pam_iptables is a nice tool, although it needs a little updating to assign custom rules per/user, etc.. It requires that you have an open out-of-band connection to a pam service on the firewall. This could be SSH for instance. The plus is that installation is relatively straight forward and you can use any authentication mechanism through PAM that you see fit. The negative is that you're tied to keeping that pam program open. Once the program is shutdown, the firewall rules close up. Of course, Checkpoint has all of this integrated if you're willing to spend serious cash for the functionality. Connect to telnet/etc.. type username/password, then the rest is taken care of by daemons controlled by the connection's policy. (Totalconnections, total bandwidth, timeout, etc..)
