This is a read-only archive. Find the latest Linux articles, documentation, and answers at the new!

Re: Fwknop and single packet authorization

Posted by: Anonymous [ip:] on May 21, 2008 08:52 AM
Just to add to the clarifications. The authentication/authorization data contained in an fwknop 'auth. packet', is encrypted but also integrity protected by using a SHA-256 hash over the entire content of the packet, that the server stores in a hash log and checks any subsequent auth packet hashes against, to check for replays. The auth packet also contains a timestamp, and if fwknop receives any packet that is older than 120 seconds (by default), that packet is silently rejected. So it helps ensure fresh and non-replayable packets.

For a detailed look at how Port Knocking and SPA work, check out . For anyone interested in learning more about SPA and its usage, you are welcome to post on the Port Knocking and Single Packet Authorization Forums (

// SJ


Return to Fwknop and single packet authorization