ipt_pkd – Single Packet Authorization iptables Extension
I stumbled onto the ipt_pkd project recently, although apparently it’s been around since 2007. ipt_pkd is an iptables extension that allows you to do hash-based Single Packet Authorization directly...
View Articlefwknop 2.0 (C implementation)
After many months of work, fwknop (the Perl Single Packet Authorization implementation) has been entirely rewritten in C. The purpose of the C redesign has been primarily to allow an even more...
View ArticleTalking Single Packet Authorization on Pauldotcom Security Weekly
I’ve been invited to give a technical segment on Single Packet Authorization on the Pauldotcom Security Weekly podcast ‘Thanksgiving Special’ episode on Tuesday 23rd November. I’ve been listening to...
View ArticlePauldotcom Episode 221 – Talking Single Packet Authorization
Episode 221 of Pauldotcom Security Weekly is available for download. In it I give a tech segment about Single Packet Authorization, briefly describe how to configure your firewall and use fwknop to...
View ArticleSingle Packet Authorization on Android with fwknop
Users of Single Packet Authorization and fwknop can now do so on their Android phones, thanks to an app by Max Kastansas. This was achieved using the libfko library provided by fwknop. The open source...
View ArticleSingle Packet Authorization with simpleSPA
I was just made aware of simpleSPA, a recently-released Java implementation of Single Packet Authorization by Chris Chrysler. The package provides a Linux-only server-side daemon, and a Linux and...
View ArticleFwknop in BackTrack 5 Repository
Just a quick update to say that fwknop (Single Packet Authorization tool) has made it into the BackTrack 5 repository. Although it’s not installed by default, it’s a few keystrokes away, and can be...
View ArticleKernel.org Compromised, OpenSSH Source Not Backdoored
Kernel.org, the primary site for the Linux kernel source, was compromised sometime in August. It is believed that the attackers gained access using compromised user credentials, and then escalated...
View ArticleWebKnock.org: An fwknop SPA web-interface
Vasilis Mavroudis has launched WebKnock.org, a web-based front end to the fwknop (Single Packet Authorization) client. It does not yet seem to support the full suite of fwknop features, but the...
View ArticleDome9 Package for Synology NAS
I own a Synology DS413j NAS, and without wanting to write a whole review about it, these things are awesome, the management UI is great, and you can run all kinds of packages on them. One thing I like...
View Article