fwknopd

FireWall KNock OPerator: Single Packet Authorization and Port Knocking

Install

All systems
curl cmd.cat/fwknopd.sh
Debian Debian
apt-get install fwknop-server
Ubuntu
apt-get install fwknop-server
Arch Arch Linux
pacman -S fwknop
image/svg+xml Kali Linux
apt-get install fwknop-server
Fedora
dnf install fwknop
Windows (WSL2)
sudo apt-get update sudo apt-get install fwknop-server
OS X
brew install fwknop
Raspbian
apt-get install fwknop-server

fwknop

FireWall KNock OPerator: Single Packet Authorization and Port Knocking

fwknop-server

FireWall KNock OPerator server side - C version

The FireWall KNock OPerator implements an authorization scheme called Single Packet Authorization (SPA), based on Netfilter and libpcap. Its main application is to protect services such as OpenSSH with an additional layer of security in order to make the exploitation of vulnerabilities (both 0-day and unpatched code) much more difficult. The authorization server passively listens for authorization packets via libpcap, thus preventing any connections from being processed on the traditional port. Access to a protected service is only granted after a valid encrypted and non-replayed packet is detected.

libfko0-dbg

debugging symbol for the libfko library