you are here: home > security > tools > portknocking
Call trans opt: receveid. 9-18-99 14:32:31 REC:log>
WARNING: carrier anomaly
Trace program: running
> Welcome 38.103.63.58
04.07.2009 - 05:54 (03:54 GMT)
5orry, you have... NO MAIL.

Port Knocking: The Complete Toolsbox

  • This category contains 9 Tools
  • The last tool was added on 2007-02-12 (YYYY-MM-DD)
  • Use the Source Lucie!!! >:)

 barricade -v0.0.2

Published on 2004 - by Francesco Vannini, ©Francesco Vannini.

barricade, a simple implementation of the door knocking method aimed to open your network service or firewall only if a special icmp echo request packet is sniffed from the network interface. After the last valid packet received, barricade waits for a defined amount of time, then it closes your firewall or stops your services. There is a client included in the package called barricade_client that helps you to create special icmp packets containing the password

 bashportknocking -v0.0.1

Published on 2004 - by Samuel Johnson, ©Samuel Johnson.

Initial release of a bash implementation of a port knocking script. This release relies on cut, awk, iptables, bash and a significant amount of user customization required. It uses several scripts that work together to make the program run as a dameon and allow easier customization for different systems. It should be relatively easy to adapt for systems that don't use IP Tables but testing has not been done with it. Changes that should be made to future releases include moving to a config file format for all user customizations and creating options to disable or enable different features.

 Cryptknock -v1.0.1

Published on - by jw, ©jw.

Cryptknock is an encrypted port knocking tool. Unlike other port knockers which use TCP ports or other protocol information to signal the knock, an encrypted string is used as the knock. This makes it extremely difficult for an evesdropper to recover your knock (unlike other port knockers where tcpdump can be used to discover a port knock).

 Doorman -v0.8

Published on 2004-08-01 - by Bruce Ward, ©Bruce Ward.

The doorman is intended to run on systems which have their firewall rules turned down tightly enough as to be effectively invisible to the outside world. The doorman adds and removes extra rules in a carefully controlled manner.

 fwknop -v0.4.1

Published on 2004-11-26 - by Michael Rash, ©Michael Rash.

fwknop stands for "Firewall Knock Operator" and is an upcoming piece of software that will be released at the DEFCON 12 conference in July, 2004 in Las Vegas. fwknop implements network access controls (via iptables) based on a flexible port knocking mini-language, but with a twist; it combines port knocking and passive operating system fingerprinting to make it possible to do things like only allow, say, Linux-2.4/2.6 systems to connect to your SSH daemon. fwknop supports shared, multi-protocol port knock sequences along with both relative and absolute timeouts, and coded port knock sequences encrypted with the Rijndael block cipher.

 fwknopFE -v0.0.8

Published on 2004-09-27 - by Brian Snipes, ©Brian Snipes.

fwknopFE is an overlay program to the fwknop ( http://www.cipherdyne.org/fwknop/ ) port knocking system. The server and client piece are still required - this program simply provides a GUI interface for the fwknop client.

 knockd -v0.4

Published on 2005-01-11 - by Judd Vinet, ©Judd Vinet.

knockd is a port-knock server. It listens to all traffic on an ethernet (or PPP) interface, looking for special "knock" sequences of port-hits. A client makes these port-hits by sending a TCP (or UDP) packet to a port on the server. This port need not be open # since knockd listens at the link-layer level, it sees all traffic even if it's destined for a closed port. When the server detects a specific sequence of port-hits, it runs a command defined in its configuration file. This can be used to open up holes in a firewall for quick access.

 rrs - reverse remote shell -v1.70

Published on 2004-05-30 - by Michel Blomgren, ©Michel Blomgren.

rrs is a reverse (connecting) remote shell. Instead of listening for incoming connections it will connect out to a listener (rrs in listen mode). The listener will accept the connection and receive a shell from the remote host. rrs features full pseudo-tty support, full OpenSSL support (high encryption, client/server authentication, choice of cipher suites), Twofish encryption, a simple XOR cipher, plain-text (unencrypted) session, peer-side session monitoring (snooping), daemon option and reconnection features. rrs is Free Software distributed under the MIT License and is known to compile and run under Linux, FreeBSD, NetBSD, OpenBSD and QNX.

 tumbler -v0.1.0

Published on 2004-04-15 - by John Graham-Cumming, ©John Graham-Cumming.

tumbler is a protocol that enables a client piece of software to securely tell a server process on a remote machine to execute a predetermined command. tumbler is similar to port knocking and is designed so that a remote user can securly and steathily enable and disable server processes, or open and close firewall holes on a computer connected to the Internet.

Search:

Search:



This page is also available in the following languages:
| English |

Copyleft L0T3K, The Look of Love Research Alliance - 2001-2009
Fédération Anarchiste Interplanétaire --[ Collectif l'Histrion -- Groupe Carl Einstein ]

Emergency Contact: webmistress [AT&belle] l0t3k [CYPHERPUNK] org | Version: Alpha 0.5 "Angelique"

A Solaar System site dedicaced to Ada Byron King, Countess of Lovelace ; Edith Clarke ; Rosa Peter ; Grace Murray Hopper ; Alexandra Illmer Forsythe ; Evelyn Boyd Granville ; Margaret R. Fox ; Erna Schneider Hoover ; Kay McNulty Mauchly Antonelli ; Alice Burks ; Adele Goldstine ; Joan Margaret Winters...

L0T3K: Le Premier Féminin High-tech à vocation interplanétaire