This is a read-only archive. Find the latest Linux articles, documentation, and answers at the new Linux.com!

Linux.com

Re: Fwknop and single packet authorization

Posted by: Anonymous [ip: 85.205.248.79] on May 21, 2008 08:52 AM
Just to add to the clarifications. The authentication/authorization data contained in an fwknop 'auth. packet', is encrypted but also integrity protected by using a SHA-256 hash over the entire content of the packet, that the server stores in a hash log and checks any subsequent auth packet hashes against, to check for replays. The auth packet also contains a timestamp, and if fwknop receives any packet that is older than 120 seconds (by default), that packet is silently rejected. So it helps ensure fresh and non-replayable packets.

For a detailed look at how Port Knocking and SPA work, check out http://www.securethoughts.net/spa/ . For anyone interested in learning more about SPA and its usage, you are welcome to post on the Port Knocking and Single Packet Authorization Forums (http://www.securethoughts.net/forum/viewforum.php?f=6).

// SJ

#

Return to Fwknop and single packet authorization