Public bug reported:
http://www.cipherdyne.org/fwknop/
fwknop stands for the "FireWall KNock OPerator", and implements an
authorization scheme called Single Packet Authorization (SPA) that is
based around iptables and libpcap. SPA requires only a single encrypted
packet in order to communicate various pieces of information including
desired access through an iptables policy and/or complete commands to
execute on the target system. By using iptables to maintain a "default
drop" stance, the main application of this program is to protect
services such as OpenSSH with an additional layer of security in order
to make the exploitation of vulnerabilities (both 0-day and unpatched
code) much more difficult. With fwknop deployed, anyone using nmap to
look for sshd can't even tell that it is listening; it makes no
difference if they have a 0-day exploit or not. The authorization server
passively monitors authorization packets via libcap and hence there is
no "server" to which to connect in the traditional sense. Access to a
protected service is only granted after a valid encrypted and non-
replayed packet is monitored from an fwknop client.
** Affects: Ubuntu
Importance: Undecided
Status: Confirmed
** Tags: needs-packaging
** Tags added: needs-packaging
** Changed in: Ubuntu
Status: Unconfirmed => Confirmed
--
[needs-packaging] fwknop
https://bugs.launchpad.net/bugs/105763
You received this bug notification because you are a member of Ubuntu
Bugs, which is the bug contact for Ubuntu.
--
ubuntu-bugs mailing list
[EMAIL PROTECTED]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
