ipt_pkd is an iptables extension implementing port knock detection with SPA (single packet authorization). This project provides 3 parts: the kernel module ipt_pkd, the iptables user space module libipt_pkd.so, and a user space client knock program. For the knock packet, it uses a UDP packet sent to a random port that contains a SHA-256 of a timestamp, small header, random bytes, and a shared key. ipt_pkd checks the time window of the packet and does the SHA-256 to verify the packet. The shared key is never sent.
|Tags||Utilities Operating System Kernels Linux Networking Firewalls Security Cryptography Internet|
|Operating Systems||POSIX Linux|
Release Notes: This release has been updated for Linux 3.x, and tested with Linux 3.2 and iptables 126.96.36.199
Release Notes: Support for iptables 1.4.10, 1.4.11, and 188.8.131.52. Support for kernels through 2.6.39.
Release Notes: This release adds support for iptables 1.4.9 and Linux kernel 2.6.35.
Release Notes: This release adds support for iptables 1.4.7 and 1.4.8 and Linux kernel 2.6.34.
Release Notes: This version was updated for Linux 2.6.32 and iptables 1.4.6. A new knock client was added, which is written in C# and works on both Linux and Windows and encrypts configuration data. A pre-built kernel module, an iptables library for vyatta community edition 5, and a small install script for vyatta were added.