ipt_pkd
ipt_pkd is an iptables extension implementing port knock detection with SPA (single packet authorization). This project provides 3 parts: the kernel module ipt_pkd, the iptables user space module libipt_pkd.so, and a user space client knock program. For the knock packet, it uses a UDP packet sent to a random port that contains a SHA-256 of a timestamp, small header, random bytes, and a shared key. ipt_pkd checks the time window of the packet and does the SHA-256 to verify the packet. The shared key is never sent.
| Tags | Utilities Operating System Kernels Linux Networking Firewalls Security Cryptography Internet |
|---|---|
| Licenses | GPLv2 |
| Operating Systems | POSIX Linux |
| Implementation | C |
Recent releases
- 22 Jan 2012 02:22
Release Notes: This release has been updated for Linux 3.x, and tested with Linux 3.2 and iptables 1.4.12.2
- 16 Jun 2011 21:07
Release Notes: Support for iptables 1.4.10, 1.4.11, and 1.4.11.1. Support for kernels through 2.6.39.
- 21 Sep 2010 22:24
Release Notes: This release adds support for iptables 1.4.9 and Linux kernel 2.6.35.
- 08 Jul 2010 23:33
Release Notes: This release adds support for iptables 1.4.7 and 1.4.8 and Linux kernel 2.6.34.
- 29 Jan 2010 09:36
Release Notes: This version was updated for Linux 2.6.32 and iptables 1.4.6. A new knock client was added, which is written in C# and works on both Linux and Windows and encrypts configuration data. A pre-built kernel module, an iptables library for vyatta community edition 5, and a small install script for vyatta were added.
estabroo
17 Oct 2007 13:56
Heartbeat
- Popularity Score
- 145.30
- Vitality Score
- 13.99
- Subscriptions
- 27
