Hi,
We hope that this project can be added to the p-o-m, as netfilter
experimental part.
(*) Abstract
The PortKnockO Project implements Port Knocking and SPA (Simple Packet
Authentication) in kernel space, as a netfilter match extension. For
instance, this can be used to avoid brute force attacks to ssh or ftp
services.
It allows you to send messages from the kernel module to a user
application. For instance, this would enable to start up an
application (as a web server), after a peer has knocked the ports
specified in a port knocking rule.
Pros:
+ You can configure Port Knocking or SPA rules with the iptables syntax.
+ It does not require any daemons running in background.
+ You do not need to know a new syntax depending on an application.
+ The netfilter module can send messages to an user
application through netlink sockets.
(*) Status
This project is in beta version and it is still under development.
(*) You can check the source code out here:
svn checkout svn://svn.berlios.de/portknocko/trunk
(*) More information at http://portknocko.berlios.de/
Any feedback is welcome!
Regards,
--
J. Federico Hernandez
Attachment:
pknock-0.3.tar.gz
Description: GNU Zip compressed data
