1 - What is it ?
Coarse Knocking is a simple implementation of Port Knocking techniques.
It sniffs network packets (under
firewall blocked) with determined keys
and executes commands to open and close ports. In the client mode
it injects packets with key to server.
PS: It is my personal project and it is available for everybody by the GPL
Licence. This is running in a Linux system. If you can test in
others
systems, I will be happy!
2 - What is Port Knocking ?
In one instance, port knocking refers to a method of communication
between two computers (arbitrary named here client and server) in
which information is encoded, and possibly encrypted, into a sequence
of port numbers. This sequence is termed the knock. The server
initially presents no open ports to a public network and is monitoring
all connection attempts. The client initiates connection
attempts to the server by sending SYN packets to the ports specified in
the knock. This process of knocking is what gives port
knocking its name. The server offers no response to the client during
the knocking phase, as it "silently" processes the port
sequence. When the server decodes a valid knock it triggers a
server-side process.
The definition of a valid knock is arbitrary, and up to the
implementer. The server-side process is also arbitrary, and up to the
implementer. The trigger may result in dynamic modification of firewall
rules or other administrative system events.
3 - Screenshot
4 - Timeline
* 20060328 - 0.0.6 released
* 20060210 - 0.0.5 released
* 20051114 - 0.0.4 released
* 20051111 - 0.0.3 released
* 20051101 - 0.0.2 released
* 20051020 - Initial release
5 - Install or Uninstall
Please run the install or uninstall script that came with the package,
or use his Debian package.
6
- Download
0.0.6 - 03/28/2006 (Tarball and Debian Package are available)
0.0.5 - 02/10/2006 (Tarball and Debian Package are available)
0.0.4 - 11/14/2005 (Tarball and Debian Package are available)
0.0.3 - 11/11/2005
0.0.2 - 11/01/2005
0.0.1
- 10/20/2005
7 - TODO
* Encryption
* Configuration Tool
* Support to One Time keys
*
Easy installer
* RPM packages to linux distributions
8 - About the author
Andre Luiz Rodrigues Ferreira (aka si0ux) is a Computing Science
student and
Support Analist from Orlandia - SP - Brazil.
His prefered subjects are Computer Networks, Information Security and
Intrusion Detections Systems.
His Portuguese blog: http://openbrains.blogspot.com
He also loves to play drums in his free time :)
PS: Sorry for his poor english. He's learning...
9 - Contact, help and support
You can obtain more information, help, contacts and support
for this software:
1 - Subscribe to the mail list: https://sourceforge.net/mail/?group_id=151153
2
- Access the project forum: https://sourceforge.net/forum/?group_id=151153
3
- Access the Source Forge project: https://sourceforge.net/projects/coarseknocking/
4 - Talk to the author: andrelrf@gmail.com
5 - Commercial Support:
Security your business.Get commercial support in Firewalls, IDS and open source security tools!
10 - How to help
Please reports bugs, patches and send documentation. You will help!
11 - Links and references
Help Net Security: http://www.net-security.org/software.php?id=638
Security Focus: http://www.securityfocus.com/tools/3719
Port Knocking project: http://www.portknocking.org
Linux Journal: http://www.linuxjournal.com/article/6811
Dr. Dobb's: http://www.ddj.com/documents/ddj0411g/0411g.html
Made in Brazil