Coase Logo


1 - What is it ?

Coarse Knocking is a simple implementation of Port Knocking techniques.
It sniffs network packets (under firewall blocked) with determined keys and executes commands to open and close ports. In the client mode
it injects packets with key to server.

PS: It is my personal project and it is available for everybody by the GPL Licence. This is running in a Linux system. If you can test in others
systems, I will be happy!

2 - What is Port Knocking ?

In one instance, port knocking refers to a method of communication between two computers (arbitrary named here client and server) in
which information is encoded, and possibly encrypted, into a sequence of port numbers. This sequence is termed the knock. The server
initially presents no open ports to a public network and is monitoring all connection attempts. The client initiates connection
attempts to the server by sending SYN packets to the ports specified in the knock. This process of knocking is what gives port
knocking its name. The server offers no response to the client during the knocking phase, as it "silently" processes the port
sequence. When the server decodes a valid knock it triggers a server-side process.

The definition of a valid knock is arbitrary, and up to the implementer. The server-side process is also arbitrary, and up to the
implementer. The trigger may result in dynamic modification of firewall rules or other administrative system events.

3 - Screenshot

Coarse Client and server screenshot


4 - Timeline


* 20060328 - 0.0.6 released
* 20060210 - 0.0.5 released
* 20051114 - 0.0.4 released
* 20051111 - 0.0.3 released
* 20051101 - 0.0.2 released
* 20051020 - Initial release

5 - Install or Uninstall

Please run the install or uninstall script that came with the package, or use his Debian package.

6 - Download

0.0.6 - 03/28/2006 (Tarball and Debian Package are available)
0.0.5 - 02/10/2006 (Tarball and Debian Package are available)
0.0.4 - 11/14/2005 (Tarball and Debian Package are available)
0.0.3 - 11/11/2005
0.0.2 - 11/01/2005
0.0.1 - 10/20/2005


7 - TODO

* Encryption
* Configuration Tool
* Support to One Time keys
* Easy installer
* RPM packages to linux distributions

8 - About the author

Andre Luiz Rodrigues Ferreira (aka si0ux) is a Computing Science student and Support Analist from Orlandia - SP - Brazil.
His prefered subjects are Computer Networks, Information Security and Intrusion Detections Systems.
His Portuguese blog: http://openbrains.blogspot.com

He also loves to play drums in his free time :)

PS: Sorry for his poor english. He's learning...

9 - Contact, help and support

You can obtain more information, help, contacts and support for this software:

1 - Subscribe to the mail list:
https://sourceforge.net/mail/?group_id=151153
2 - Access the project forum: https://sourceforge.net/forum/?group_id=151153
3 - Access the Source Forge project: https://sourceforge.net/projects/coarseknocking/
4 - Talk to the author:
andrelrf@gmail.com
5 - Commercial Support:

Security your business.Get commercial support in Firewalls, IDS and open source security tools!


10 - How to help

Please reports bugs, patches and send documentation. You will help!

11 - Links and references

Help Net Security: http://www.net-security.org/software.php?id=638
Security Focus:  http://www.securityfocus.com/tools/3719
Port Knocking project: http://www.portknocking.org
Linux Journal: http://www.linuxjournal.com/article/6811
Dr. Dobb's: http://www.ddj.com/documents/ddj0411g/0411g.html


SourceForge.net Logo




Made in Brazil