diff options
Diffstat (limited to 'security/knock/DETAILS')
-rwxr-xr-x | security/knock/DETAILS | 27 |
1 files changed, 27 insertions, 0 deletions
diff --git a/security/knock/DETAILS b/security/knock/DETAILS new file mode 100755 index 0000000000..bf31d784ff --- /dev/null +++ b/security/knock/DETAILS @@ -0,0 +1,27 @@ + SPELL=knock + VERSION=0.5 + PATCHLEVEL=1 + SOURCE=$SPELL-$VERSION.tar.gz +SOURCE_DIRECTORY="$BUILD_DIRECTORY/$SPELL-$VERSION" + SOURCE_URL[0]=http://www.zeroflux.org/proj/$SPELL/files/$SOURCE + WEB_SITE=http://www.zeroflux.org/projects/knock + ENTERED=20060529 + SOURCE_HASH=sha512:c5f7f3320d4d9a41847dba0cda4d66852f983db419b23d3bf9c83d44a41ba437379bf6cee47a096c600841e321740849dac26d5c3afff9b3ae0178a2fcb6c35e + LICENSE[0]=GPL + GATHER_DOCS=off + SHORT="port-knocking server and client" +cat << EOF +Port knocking is a stealthy system for network authentication across closed +ports. + +knockd is a port-knock server. It listens to all traffic on an ethernet (or PPP) +interface, looking for special "knock" sequences of port-hits. A client makes +these port-hits by sending a TCP (or UDP) packet to a port on the server. + +This port need not be open -- since knockd listens at the link-layer level, +it sees all traffic even if it's destined for a closed port. When the server +detects a specific sequence of port-hits, it runs a command defined in its +configuration file. + +This can be used to open up holes in a firewall for quick access. +EOF |