Twenty Year Anniversary
Showing 1 - 25 of 51 RSS Feed

Files from Michael Rash

Email addressmbr at cipherdyne.com
First Active2004-08-05
Last Active2018-08-08
Fwknop Port Knocking Utility 2.6.10
Posted Aug 8, 2018
Authored by Michael Rash | Site cipherdyne.org

fwknop implements an authorization scheme that requires only a single encrypted packet to communicate various pieces of information, including desired access through a Netfilter policy and/or specific commands to execute on the target system. The main application of this program is to protect services such as SSH with an additional layer of security in order to make the exploitation of vulnerabilities much more difficult. The authorization server works by passively monitoring authorization packets via libpcap.

Changes: Added MAX_FW_TIMEOUT to access.conf stanzas to allow a maximum number of seconds for client-specified timeouts in SPA packets. Bug fix in CMD_EXEC mode to make sure to call exit() upon any error from execvpe(). Various other additions and fixes.
tags | tool, scanner, vulnerability
systems | unix
MD5 | 5b5850ab8684ce0bdf52ef400a83065c
Fwknop Port Knocking Utility 2.6.9
Posted Jun 9, 2016
Authored by Michael Rash | Site cipherdyne.org

fwknop implements an authorization scheme that requires only a single encrypted packet to communicate various pieces of information, including desired access through a Netfilter policy and/or specific commands to execute on the target system. The main application of this program is to protect services such as SSH with an additional layer of security in order to make the exploitation of vulnerabilities much more difficult. The authorization server works by passively monitoring authorization packets via libpcap.

Changes: Added support for the SHA3 "Keccak" algorithm. Added support for libnetfilter_queue so that fwknopd can acquire SPA packets via the NFQ target. Various other additions and fixes.
tags | tool, scanner, vulnerability
systems | unix
MD5 | f195bd31e7dc7df2e9b0c35cd80655b7
Fwknop Port Knocking Utility 2.6.8
Posted Dec 24, 2015
Authored by Michael Rash | Site cipherdyne.org

fwknop implements an authorization scheme that requires only a single encrypted packet to communicate various pieces of information, including desired access through a Netfilter policy and/or specific commands to execute on the target system. The main application of this program is to protect services such as SSH with an additional layer of security in order to make the exploitation of vulnerabilities much more difficult. The authorization server works by passively monitoring authorization packets via libpcap.

Changes: Added a major new feature that allows fwknopd to easily integrate with third-party devices and software. Added new access.conf directives. Various other updates.
tags | tool, scanner, vulnerability
systems | unix
MD5 | 768d1e97c04a1490cf28bcb5acc454b9
Fwknop Port Knocking Utility 2.6.7
Posted Aug 26, 2015
Authored by Michael Rash | Site cipherdyne.org

fwknop implements an authorization scheme that requires only a single encrypted packet to communicate various pieces of information, including desired access through a Netfilter policy and/or specific commands to execute on the target system. The main application of this program is to protect services such as SSH with an additional layer of security in order to make the exploitation of vulnerabilities much more difficult. The authorization server works by passively monitoring authorization packets via libpcap.

Changes: When command execution is enabled with ENABLE_CMD_EXEC for an access.conf stanza, added support for running commands via sudo. Added --key-gen to fwknopd. Added a script from Jonathan Bennett at extras/console-qr/console-qr.sh to generate QR codes from fwknopd access.conf keys. Various other updates.
tags | tool, scanner, vulnerability
systems | unix
MD5 | fddca1a80a2fa4ffe79e9c6612242c0e
Fwknop Port Knocking Utility 2.6.6
Posted Apr 24, 2015
Authored by Michael Rash | Site cipherdyne.org

fwknop implements an authorization scheme that requires only a single encrypted packet to communicate various pieces of information, including desired access through a Netfilter policy and/or specific commands to execute on the target system. The main application of this program is to protect services such as SSH with an additional layer of security in order to make the exploitation of vulnerabilities much more difficult. The authorization server works by passively monitoring authorization packets via libpcap.

Changes: fwknopd can now function as a generic SPA gateway. Various bug fixes.
tags | tool, scanner, vulnerability
systems | unix
MD5 | 5f147499d7cb7df280f0ed1356f242f6
Fwknop Port Knocking Utility 2.6.5
Posted Dec 18, 2014
Authored by Michael Rash | Site cipherdyne.org

fwknop implements an authorization scheme that requires only a single encrypted packet to communicate various pieces of information, including desired access through a Netfilter policy and/or specific commands to execute on the target system. The main application of this program is to protect services such as SSH with an additional layer of security in order to make the exploitation of vulnerabilities much more difficult. The authorization server works by passively monitoring authorization packets via libpcap.

Changes: Added a new access.conf variable "DESTINATION" to define the destination address for which an SPA packet will be accepted. The string "ANY" is also accepted if a valid SPA packet should be honored to any destination IP. Bug fix to ensure that proper bounds are enforced when importing digest cache files from previous fwknopd executions.
tags | tool, scanner, vulnerability
systems | unix
MD5 | 91388d20885361a49fc58b51d1f80e15
Fwknop Port Knocking Utility 2.6.4
Posted Nov 18, 2014
Authored by Michael Rash | Site cipherdyne.org

fwknop implements an authorization scheme that requires only a single encrypted packet to communicate various pieces of information, including desired access through a Netfilter policy and/or specific commands to execute on the target system. The main application of this program is to protect services such as SSH with an additional layer of security in order to make the exploitation of vulnerabilities much more difficult. The authorization server works by passively monitoring authorization packets via libpcap.

Changes: Added a UDP server mode so that SPA packets can be acquired via UDP directly without having to use libpcap. Replaced all popen() and system() calls with execvpe() with no usage of the environment. Added support for firewalld to the fwknopd daemon on RHEL 7 and CentOS 7.
tags | tool, scanner, vulnerability
systems | unix
MD5 | e122e22cf77dc4aa79b26bc343b4a04a
Fwknop Port Knocking Utility 2.6.3
Posted Jul 30, 2014
Authored by Michael Rash | Site cipherdyne.org

fwknop implements an authorization scheme that requires only a single encrypted packet to communicate various pieces of information, including desired access through a Netfilter policy and/or specific commands to execute on the target system. The main application of this program is to protect services such as SSH with an additional layer of security in order to make the exploitation of vulnerabilities much more difficult. The authorization server works by passively monitoring authorization packets via libpcap.

Changes: External IP resolution now over SSL by default. Integrated a python fuzzer. Various other updates and additions.
tags | tool, scanner, vulnerability
systems | unix
MD5 | 7a1e5d078346069f9f33b40dfe983d01
Fwknop Port Knocking Utility 2.6.2
Posted Apr 29, 2014
Authored by Michael Rash | Site cipherdyne.org

fwknop implements an authorization scheme that requires only a single encrypted packet to communicate various pieces of information, including desired access through a Netfilter policy and/or specific commands to execute on the target system. The main application of this program is to protect services such as SSH with an additional layer of security in order to make the exploitation of vulnerabilities much more difficult. The authorization server works by passively monitoring authorization packets via libpcap.

Changes: A double free bug in the libfko SPA parser discovered with a new Python SPA payload fuzzer was fixed.
tags | tool, scanner, vulnerability
systems | unix
MD5 | c0c3f32d425576c9f78dea29e3c89dec
Fwknop Port Knocking Utility 2.6.1
Posted Apr 14, 2014
Authored by Michael Rash | Site cipherdyne.org

fwknop implements an authorization scheme that requires only a single encrypted packet to communicate various pieces of information, including desired access through a Netfilter policy and/or specific commands to execute on the target system. The main application of this program is to protect services such as SSH with an additional layer of security in order to make the exploitation of vulnerabilities much more difficult. The authorization server works by passively monitoring authorization packets via libpcap.

Changes: When SPA packets are built with GnuPG, the fwknopd daemon now requires a valid GnuPG signature by default, and a new variable GPG_DISABLE_SIG was added for backwards compatibility (but using this is not a recommended configuration). A bug was fixed in fwknopd for a memory in SPA packet decryption when GnuPG is used. A new code coverage mode was added to the test suite to interface with the 'lcov' tool. Several other minor bugs were fixed.
tags | tool, scanner, vulnerability
systems | unix
MD5 | 7347e1c8eec9cc8a51966d35c52a36ea
Fwknop Port Knocking Utility 2.6.0
Posted Jan 13, 2014
Authored by Michael Rash | Site cipherdyne.org

fwknop implements an authorization scheme that requires only a single encrypted packet to communicate various pieces of information, including desired access through a Netfilter policy and/or specific commands to execute on the target system. The main application of this program is to protect services such as SSH with an additional layer of security in order to make the exploitation of vulnerabilities much more difficult. The authorization server works by passively monitoring authorization packets via libpcap.

Changes: This release adds HMAC support to the Android client, adds an AppArmor policy for the fwknop daemon, adds support for building on Mac OS X "Mavericks", and adds a new Valgrind test mode via the CPAN Test::Valgrind module. A few bugs were fixed with dealing with GnuPG encryption modes in the fwknopd daemon, and the fwknop project has a Coverity defect score of zero.
tags | tool, scanner, vulnerability
systems | unix
MD5 | 9cce1fe4ef577179ebdf4715fd92946d
Fwknop Port Knocking Utility 2.5.1
Posted Jul 28, 2013
Authored by Michael Rash | Site cipherdyne.org

fwknop implements an authorization scheme that requires only a single encrypted packet to communicate various pieces of information, including desired access through a Netfilter policy and/or specific commands to execute on the target system. The main application of this program is to protect services such as SSH with an additional layer of security in order to make the exploitation of vulnerabilities much more difficult. The authorization server works by passively monitoring authorization packets via libpcap.

Changes: A bugfix in the fwknop client to reset terminal settings to original values after entering keys via stdin. A bugfix in the fwknopd daemon to not print a PID file existence warning. A test suite bugfix to not run an iptables Rijndael HMAC test on non-Linux systems.
tags | tool, scanner, vulnerability
systems | unix
MD5 | 6d7fc04b7a94570485d184b183e6c272
Fwknop Port Knocking Utility 2.5
Posted Jul 22, 2013
Authored by Michael Rash | Site cipherdyne.org

fwknop implements an authorization scheme that requires only a single encrypted packet to communicate various pieces of information, including desired access through a Netfilter policy and/or specific commands to execute on the target system. The main application of this program is to protect services such as SSH with an additional layer of security in order to make the exploitation of vulnerabilities much more difficult. The authorization server works by passively monitoring authorization packets via libpcap.

Changes: This release added support for HMAC SHA-256 authenticated encryption in the encrypt-then-authenticate model. Many bugs discovered by the Coverity static analyzer were fixed. OpenSSL compatibility tests were added to the test suite. Client stanza saving ability was added for the ~/.fwknoprc file, simplifying fwknop client usage. The ability to automatically generate both Rijndael and HMAC keys with --key-gen was added.
tags | tool, scanner, vulnerability
systems | unix
MD5 | 324f955d051a02e45cfa2baef779a4d9
Fwknop Port Knocking Utility 2.0.4
Posted Dec 11, 2012
Authored by Michael Rash | Site cipherdyne.org

fwknop implements an authorization scheme that requires only a single encrypted packet to communicate various pieces of information, including desired access through a Netfilter policy and/or specific commands to execute on the target system. The main application of this program is to protect services such as SSH with an additional layer of security in order to make the exploitation of vulnerabilities much more difficult. The authorization server works by passively monitoring authorization packets via libpcap.

Changes: On the server side, this release adds a chain_exists() check to SPA rule creation so that if any of the fwknop chains are deleted out from under fwknopd, they will be recreated on the fly. It adds new SPA packet fuzzing capability to the test suite to assist in validation of SPA operations. It adds upstart config for systems running the upstart daemon. An OpenBSD ndbm/gdbm usage bugfix. ICMP type/code client command line arguments have been added for when SPA packets are sent over ICMP.
tags | tool, scanner, vulnerability
systems | unix
MD5 | 1bd92b2c79651ca310e9f7aeb6c2879e
Fwknop Port Knocking Utility 2.0.3
Posted Sep 8, 2012
Authored by Michael Rash | Site cipherdyne.org

fwknop implements an authorization scheme that requires only a single encrypted packet to communicate various pieces of information, including desired access through a Netfilter policy and/or specific commands to execute on the target system. The main application of this program is to protect services such as SSH with an additional layer of security in order to make the exploitation of vulnerabilities much more difficult. The authorization server works by passively monitoring authorization packets via libpcap.

Changes: Several DoS/code execution vulnerabilities for malicious fwknop clients that manage to get past the authentication stage (so such clients must possess a valid encryption key) have been fixed. Permissions and ownership checks have been added to all files consumed by the fwknop client and server. RPM builds have been fixed by including the $(DESTDIR) prefix for uninstall-local and install-exec-hook stages in Makefile.am.
tags | tool, scanner, vulnerability
systems | unix
MD5 | 93fa811bfa4691a92d32ebdce3ff06bc
Fwknop Port Knocking Utility 2.0.2
Posted Aug 21, 2012
Authored by Michael Rash | Site cipherdyne.org

fwknop implements an authorization scheme that requires only a single encrypted packet to communicate various pieces of information, including desired access through a Netfilter policy and/or specific commands to execute on the target system. The main application of this program is to protect services such as SSH with an additional layer of security in order to make the exploitation of vulnerabilities much more difficult. The authorization server works by passively monitoring authorization packets via libpcap.

Changes: Better handling of GnuPG for SPA packet decryption on the server side (accounts for no passphrase gpg keys when gpg-agent or pinentry are otherwise required). A bugfix in SPA packet replay detection code. A check for the existence of the iptables 'comment' match when the serve is deployed on Linux. Several other bugfixes.
tags | tool, scanner, vulnerability
systems | unix
MD5 | c560358aabac3cc44aba628b1a61adb0
Fwknop Port Knocking Utility 2.0.1
Posted Jul 24, 2012
Authored by Michael Rash | Site cipherdyne.org

fwknop implements an authorization scheme that requires only a single encrypted packet to communicate various pieces of information, including desired access through a Netfilter policy and/or specific commands to execute on the target system. The main application of this program is to protect services such as SSH with an additional layer of security in order to make the exploitation of vulnerabilities much more difficult. The authorization server works by passively monitoring authorization packets via libpcap.

Changes: Various bug fixes including several minor memory leaks. Added parsing of valgrind output to produce a listing of functions that have been flagged. Various other tweaks.
tags | tool, scanner, vulnerability
systems | unix
MD5 | 5c88668597778c76e1d385fdbca25674
Fwknop Port Knocking Utility 2.0
Posted Jan 2, 2012
Authored by Michael Rash | Site cipherdyne.org

fwknop implements an authorization scheme that requires only a single encrypted packet to communicate various pieces of information, including desired access through a Netfilter policy and/or specific commands to execute on the target system. The main application of this program is to protect services such as SSH with an additional layer of security in order to make the exploitation of vulnerabilities much more difficult. The authorization server works by passively monitoring authorization packets via libpcap.

Changes: This is the production release of the fwknop C rewrite. It brings Single Packet Authorization to three different Open Source firewalls (iptables, ipfw, and pf), embedded systems, and mobile devices. The fwknopd server runs on Linux, Mac OS X, FreeBSD, and OpenBSD. The client runs on all of these platforms as well as Android, the iPhone, and Cygwin under Windows. In addition, the client is portable, and can be compiled as a native Windows binary.
tags | tool, scanner, vulnerability
systems | unix
MD5 | b2ee477140d9e92466c9c6f267442625
Fwknop Port Knocking Utility 2.0rc5
Posted Dec 15, 2011
Authored by Michael Rash | Site cipherdyne.org

fwknop implements an authorization scheme that requires only a single encrypted packet to communicate various pieces of information, including desired access through a Netfilter policy and/or specific commands to execute on the target system. The main application of this program is to protect services such as SSH with an additional layer of security in order to make the exploitation of vulnerabilities much more difficult. The authorization server works by passively monitoring authorization packets via libpcap.

Changes: This release adds OpenBSD PF support, adds a new FORCE_NAT mode to transparently force authenticated connections to specified internal systems, adds a comprehensive test suite, and adds the ability to automatically expire SPA keys. Several memory handling bugfixes were made.
tags | tool, scanner, vulnerability
systems | unix
MD5 | 10a40c15a11c67ea63d158b9631fa08b
Fwknop Port Knocking Utility
Posted Sep 10, 2009
Authored by Michael Rash | Site cipherdyne.org

fwknop implements an authorization scheme that requires only a single encrypted packet to communicate various pieces of information, including desired access through a Netfilter policy and/or specific commands to execute on the target system. The main application of this program is to protect services such as SSH with an additional layer of security in order to make the exploitation of vulnerabilities much more difficult. The authorization server works by passively monitoring authorization packets via libpcap.

Changes: The FKO module that is part of the libfko library was fully integrated for all SPA routines: encryption/decryption, digest calculation, replay attack detection, etc. The ability to recover from interface error conditions was added, such as when fwknopd sniffs a ppp interface (say, associated with a VPN) that goes away and then is recreated. The fwknop client was updated to include the SPA destination before DNS resolution when sending an SPA packet over an HTTP request.
tags | tool, scanner, vulnerability
systems | unix
MD5 | 110a5fd2167c1196433657b5e3c869ae
Fwknop Port Knocking Utility
Posted May 13, 2009
Authored by Michael Rash | Site cipherdyne.org

fwknop implements an authorization scheme that requires only a single encrypted packet to communicate various pieces of information, including desired access through a Netfilter policy and/or specific commands to execute on the target system. The main application of this program is to protect services such as SSH with an additional layer of security in order to make the exploitation of vulnerabilities much more difficult. The authorization server works by passively monitoring authorization packets via libpcap.

Changes: Support was added for ipfw "sets" on FreeBSD and Mac OS X systems. A segfault on Debian systems that was exposed in some circumstances with older versions of libpcap was fixed. The --icmp-type and --icmp-code command line arguments were added for the fwknop client in order to manually set the ICMP type/code values when using "--Spoof-proto icmp" or "--Server-proto icmp". Support was added for multiple include/exclude test identifying strings (separated by commas).
tags | tool, scanner, vulnerability
systems | unix
MD5 | 2a7a630ec74dd71896a4a180536b8311
Fwknop Port Knocking Utility
Posted Jan 14, 2009
Authored by Michael Rash | Site cipherdyne.org

fwknop implements an authorization scheme that requires only a single encrypted packet to communicate various pieces of information, including desired access through a Netfilter policy and/or specific commands to execute on the target system. The main application of this program is to protect services such as SSH with an additional layer of security in order to make the exploitation of vulnerabilities much more difficult. The authorization server works by passively monitoring authorization packets via libpcap.

Changes: Added the ability to send SPA packet over HTTP to a webserver. Added ENABLE_EXTERNAL_CMDS for fwknopd to control whether the EXTERNAL_CMD_OPEN and EXTERNAL_CMD_CLOSE directives are used. Various bug fixes.
tags | tool, scanner, vulnerability
systems | unix
MD5 | e5cfc108cd49ee13ad36bad20f84df75
Fwknop Port Knocking Utility
Posted Nov 21, 2008
Authored by Michael Rash | Site cipherdyne.org

fwknop implements an authorization scheme that requires only a single encrypted packet to communicate various pieces of information, including desired access through a Netfilter policy and/or specific commands to execute on the target system. The main application of this program is to protect services such as SSH with an additional layer of security in order to make the exploitation of vulnerabilities much more difficult. The authorization server works by passively monitoring authorization packets via libpcap.

Changes: Added support to fwknop for the Linux 'any' interface. Added support for interfacing fwknop with third party software through the addition of three new variables in the access.conf file. Various other fixes and additions.
tags | tool, scanner, vulnerability
systems | unix
MD5 | 3e5d47e14a26071ba4cce04dfcb3bebd
Fwknop Port Knocking Utility
Posted Oct 1, 2008
Authored by Michael Rash | Site cipherdyne.org

fwknop implements an authorization scheme that requires only a single encrypted packet to communicate various pieces of information, including desired access through a Netfilter policy and/or specific commands to execute on the target system. The main application of this program is to protect services such as SSH with an additional layer of security in order to make the exploitation of vulnerabilities much more difficult. The authorization server works by passively monitoring authorization packets via libpcap.

Changes: Added GPG_NO_REQUIRE_PREFIX to access.conf. Bugfix to make sure that neither fwknop nor fwknopd reference any options file in GnuPG mode. Added the ability to control the path used for the gpg binary. Various other fixes and additions.
tags | tool, scanner, vulnerability
systems | unix
MD5 | 8dac0e2fc52ab4508563efe3617721f0
Fwknop Port Knocking Utility
Posted Aug 26, 2008
Authored by Michael Rash | Site cipherdyne.org

fwknop implements an authorization scheme that requires only a single encrypted packet to communicate various pieces of information, including desired access through a Netfilter policy and/or specific commands to execute on the target system. The main application of this program is to protect services such as SSH with an additional layer of security in order to make the exploitation of vulnerabilities much more difficult. The authorization server works by passively monitoring authorization packets via libpcap.

Changes: Mirek Trmac from Red Hat contributed several patches so that fwknop can be bundled within the Fedora Linux distribution. Updated fwknop, fwknopd, and knoptm to import perl modules out of the /usr/lib/fwknop/ directory if it exists. Added module version output for each non-core perl module used by fwknop and fwknopd in --debug mode. Various other additions and fixes.
tags | tool, scanner, vulnerability
systems | unix
MD5 | 955a2a920aeeab655d16da212f70b5e8
Page 1 of 3
Back123Next

File Archive:

October 2018

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    26 Files
  • 2
    Oct 2nd
    15 Files
  • 3
    Oct 3rd
    15 Files
  • 4
    Oct 4th
    15 Files
  • 5
    Oct 5th
    15 Files
  • 6
    Oct 6th
    2 Files
  • 7
    Oct 7th
    3 Files
  • 8
    Oct 8th
    23 Files
  • 9
    Oct 9th
    16 Files
  • 10
    Oct 10th
    15 Files
  • 11
    Oct 11th
    19 Files
  • 12
    Oct 12th
    16 Files
  • 13
    Oct 13th
    2 Files
  • 14
    Oct 14th
    2 Files
  • 15
    Oct 15th
    15 Files
  • 16
    Oct 16th
    20 Files
  • 17
    Oct 17th
    19 Files
  • 18
    Oct 18th
    21 Files
  • 19
    Oct 19th
    16 Files
  • 20
    Oct 20th
    0 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close