Index index by Group index by Distribution index by Vendor index by creation date index by Name Mirrors Help Search

fwknop-2.6.11-2.fc41 RPM for x86_64

From Fedora Rawhide for x86_64 / f

Name: fwknop Distribution: Fedora Project
Version: 2.6.11 Vendor: Fedora Project
Release: 2.fc41 Build date: Thu Jul 18 01:54:55 2024
Group: Unspecified Build host: buildhw-x86-08.iad2.fedoraproject.org
Size: 490775 Source RPM: fwknop-2.6.11-2.fc41.src.rpm
Packager: Fedora Project
Url: http://www.cipherdyne.org/fwknop/
Summary: A Single Packet Authorization (SPA) implementation
fwknop implements an authorization scheme known as Single Packet
Authorization (SPA) that requires only a single encrypted packet to
communicate various pieces of information including desired access through an
iptables policy and/or specific commands to execute on the target system.
The main application of this program is to protect services such as SSH with
an additional layer of security in order to make the exploitation of
vulnerabilities (both 0-day and unpatched code) much more difficult.  The
authorization server passively monitors authorization packets via libpcap and
hence there is no "server" to which to connect in the traditional sense.  Any
service protected by fwknop is inaccessible (by using iptables to
intercept packets within the kernel) before authenticating; anyone scanning for
the service will not be able to detect that it is even listening.  This
authorization scheme offers many advantages over port knocking, include being
non-replayable, much more data can be communicated, and the scheme cannot be
broken by simply connecting to extraneous ports on the server in an effort to
break knock sequences.  The authorization packets can easily be spoofed as
well, and this makes it possible to make it appear as though, say,
www.yahoo.com is trying to authenticate to a target system but in reality the
actual connection will come from a seemingly unrelated IP. Although the
default data collection method is to use libpcap to sniff packets off the
wire, fwknop can also read packets out of a file that is written by the
iptables ulogd pcap writer or by a separate sniffer process.

Provides

Requires

License

GPLv2

Changelog

* Wed Jul 17 2024 Fedora Release Engineering <releng@fedoraproject.org> - 2.6.11-2
  - Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild
* Wed Feb 07 2024 Jakub Jelen <jjelen@redhat.com> - 2.6.11-1
  - New upstream release (#2263111)
* Wed Jan 24 2024 Fedora Release Engineering <releng@fedoraproject.org> - 2.6.10-15
  - Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
* Fri Jan 19 2024 Fedora Release Engineering <releng@fedoraproject.org> - 2.6.10-14
  - Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
* Wed Jul 19 2023 Fedora Release Engineering <releng@fedoraproject.org> - 2.6.10-13
  - Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild
* Thu Jan 19 2023 Fedora Release Engineering <releng@fedoraproject.org> - 2.6.10-12
  - Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild
* Thu Jul 21 2022 Fedora Release Engineering <releng@fedoraproject.org> - 2.6.10-11
  - Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild

Files

/etc/fwknop
/etc/fwknop/access.conf
/etc/fwknop/fwknopd.conf
/usr/bin/fwknop
/usr/lib/.build-id
/usr/lib/.build-id/44
/usr/lib/.build-id/44/29db68f349e0bad3b46fd4b6705ca730c8c425
/usr/lib/.build-id/57
/usr/lib/.build-id/57/2e41fb4daf1d602474daeaad4f35c0ff675778
/usr/lib/.build-id/d1
/usr/lib/.build-id/d1/c217b06226576de921a812b5384b3689ac9410
/usr/lib/systemd/system/fwknopd.service
/usr/lib64/libfko.so.3
/usr/lib64/libfko.so.3.0.0
/usr/sbin/fwknopd
/usr/share/doc/fwknop
/usr/share/doc/fwknop/CREDITS
/usr/share/doc/fwknop/ChangeLog
/usr/share/doc/fwknop/README
/usr/share/licenses/fwknop
/usr/share/licenses/fwknop/COPYING
/usr/share/man/man8/fwknop.8.gz
/usr/share/man/man8/fwknopd.8.gz


Generated by rpm2html 1.8.1

Fabrice Bellet, Tue Nov 5 02:05:27 2024