* [ANNOUNCE] new match extension about Port Knocking and SPA
@ 2007-05-02 23:06 fender
2007-05-03 11:01 ` Patrick McHardy
0 siblings, 1 reply; 2+ messages in thread
From: fender @ 2007-05-02 23:06 UTC (permalink / raw)
To: netfilter-devel, netfilter; +Cc: Harald Welte
[-- Attachment #1: Type: text/plain, Size: 1179 bytes --]
Hi,
We hope that this project can be added to the p-o-m, as netfilter
experimental part.
(*) Abstract
The PortKnockO Project implements Port Knocking and SPA (Simple Packet
Authentication) in kernel space, as a netfilter match extension. For
instance, this can be used to avoid brute force attacks to ssh or ftp
services.
It allows you to send messages from the kernel module to a user
application. For instance, this would enable to start up an
application (as a web server), after a peer has knocked the ports
specified in a port knocking rule.
Pros:
+ You can configure Port Knocking or SPA rules with the iptables syntax.
+ It does not require any daemons running in background.
+ You do not need to know a new syntax depending on an application.
+ The netfilter module can send messages to an user
application through netlink sockets.
(*) Status
This project is in beta version and it is still under development.
(*) You can check the source code out here:
svn checkout svn://svn.berlios.de/portknocko/trunk
(*) More information at http://portknocko.berlios.de/
Any feedback is welcome!
Regards,
--
J. Federico Hernandez
[-- Attachment #2: pknock-0.3.tar.gz --]
[-- Type: application/x-gzip, Size: 20648 bytes --]
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2007-05-03 11:01 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2007-05-02 23:06 [ANNOUNCE] new match extension about Port Knocking and SPA fender
2007-05-03 11:01 ` Patrick McHardy
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox