Perl prototype: v0.30
- pcaplib support added; daemon no longer requires firewall log file
2004-Nov-14 18:59 | ...more
new Net::Pcap support added to sniff packets directly ...more
I wrote a small Perl prototype of a port knocking system as companion code to the SysAdmin Magazine
article. Over time, I kept adding features to experiment with ways to use port knocking to secure systems.
The current version of the canonical Perl prototype is 0.30.
canonical perl prototype
Currently, there is an implementation of port knocking in Perl. This is a prototype and includes the bare minimum to get started. Do not use this for production environments. Encryption via Crypt::CBC is supported. You can configure the client/server to process any log file (e.g. IPTABLES or IPCHAINS) using a list of regular expressions.
The current implementation portknocking-0.30.tgz contains a client (knockclient) and a service daemon (knockdaemon). The client is responsible for constructing and communicating the knock and the daemon monitors the firewall log file, parses the knocks and manipulates the firewall rules. For debugging purposes, the client is capable of appending entries to a local firewall log file, instead of sending knocks over the network.
See the README for requirements and installation information.
last updated 2005-Jan-02 15:14