| /// File Name: | fwknop-1.9.11.tar.gz |
Description:
| fwknop implements an authorization scheme that requires only a single encrypted packet to communicate various pieces of information, including desired access through a Netfilter policy and/or specific commands to execute on the target system. The main application of this program is to protect services such as SSH with an additional layer of security in order to make the exploitation of vulnerabilities much more difficult. The authorization server works by passively monitoring authorization packets via libpcap. |
| Author: | Michael Rash |
| Homepage: | http://www.cipherdyne.org/fwknop/ |
| Changes: | Support was added for ipfw "sets" on FreeBSD and Mac OS X systems. A segfault on Debian systems that was exposed in some circumstances with older versions of libpcap was fixed. The --icmp-type and --icmp-code command line arguments were added for the fwknop client in order to manually set the ICMP type/code values when using "--Spoof-proto icmp" or "--Server-proto icmp". Support was added for multiple include/exclude test identifying strings (separated by commas). |
| File Size: | 608575 |
| Last Modified: | May 13 13:23:51 2009 |
| MD5 Checksum: | 2a7a630ec74dd71896a4a180536b8311 |
![.:[ packet storm ]:.](/images/ps-ani.gif)
