summaryrefslogtreecommitdiffstats
path: root/security/knock/DETAILS
diff options
context:
space:
mode:
Diffstat (limited to 'security/knock/DETAILS')
-rwxr-xr-xsecurity/knock/DETAILS27
1 files changed, 27 insertions, 0 deletions
diff --git a/security/knock/DETAILS b/security/knock/DETAILS
new file mode 100755
index 0000000000..bf31d784ff
--- /dev/null
+++ b/security/knock/DETAILS
@@ -0,0 +1,27 @@
+ SPELL=knock
+ VERSION=0.5
+ PATCHLEVEL=1
+ SOURCE=$SPELL-$VERSION.tar.gz
+SOURCE_DIRECTORY="$BUILD_DIRECTORY/$SPELL-$VERSION"
+ SOURCE_URL[0]=http://www.zeroflux.org/proj/$SPELL/files/$SOURCE
+ WEB_SITE=http://www.zeroflux.org/projects/knock
+ ENTERED=20060529
+ SOURCE_HASH=sha512:c5f7f3320d4d9a41847dba0cda4d66852f983db419b23d3bf9c83d44a41ba437379bf6cee47a096c600841e321740849dac26d5c3afff9b3ae0178a2fcb6c35e
+ LICENSE[0]=GPL
+ GATHER_DOCS=off
+ SHORT="port-knocking server and client"
+cat << EOF
+Port knocking is a stealthy system for network authentication across closed
+ports.
+
+knockd is a port-knock server. It listens to all traffic on an ethernet (or PPP)
+interface, looking for special "knock" sequences of port-hits. A client makes
+these port-hits by sending a TCP (or UDP) packet to a port on the server.
+
+This port need not be open -- since knockd listens at the link-layer level,
+it sees all traffic even if it's destined for a closed port. When the server
+detects a specific sequence of port-hits, it runs a command defined in its
+configuration file.
+
+This can be used to open up holes in a firewall for quick access.
+EOF