An extension for the iptables firewall application that implements port knock detection. #Iptables extension #Port knock detection #Firewall rules #Iptables #Firewall #Port
ipt_pkd is a free command-line software that provides an open-source iptables extension that has been designed from the ground up to implement a port knock detection system with SPA (Single Packet Authorization) functionality.
The project is divided in three important parts, the kernel module, a user space client knock program, and the iptables user space module, called libipt_pkd.so. ipt_pkd is capable of verifying a packet with SHA256, as well as to check the time window of a packet. However, it does not sends the shared key and has limited proc support.
ipt_pkd’s knock packet can be described as a SHA256 has of a small header, a timestamp, a shared key and some random bytes sent via the UDP (User Datagram Protocol) protocol. Both the random bytes and the timestamp are passed in the packet, in order for the server to create the SHA256 hash and do a results comparison. If they match, the pkd module will return true. If not, it will return false.
A simple example of using the ipt_pkd package is for protecting a SSH (Secure Shell) connection on port 22. Using the iptables rules displayed below, any new SSH connection attempt will be dropped, unless a valid knock packet is provided:
iptables -A INPUT -p udp -m pkd --key test --tag SSHK -m recent --set --name PKD iptables -A INPUT -p tcp --dport 22 -m state --state NEW -m recent --rcheck --name PKD --seconds 60 --hitcount 1 -j ACCEPT iptables -A INPUT -p tcp --dport 22 -m state --state NEW -j REJECT --reject-with tcp-reset
As mentioned, ipt_pkd is a command-line applications that runs on a console environment, using an X11 terminal emulator or directly from a text-mode session. It has only three options, one that sets a shared key, one that sets the time in seconds, and another one that sets the tag for the knock key.
ipt_pkd 1.13
add to watchlist add to download basket send us an update REPORT- runs on:
- Linux
- main category:
- Security
- developer:
- visit homepage
calibre 7.9.0
paint.net 5.0.13 (5.13.8830.42291)
Windows Sandbox Launcher 1.0.0
Microsoft Teams 24060.3102.2733.5911 Home / 1.7.00.7956 Work
Bitdefender Antivirus Free 27.0.35.146
7-Zip 23.01 / 24.04 Beta
IrfanView 4.67
ShareX 16.0.1
4k Video Downloader 1.5.3.0080 Plus / 4.30.0.5655
Zoom Client 6.0.2.37566
- ShareX
- 4k Video Downloader
- Zoom Client
- calibre
- paint.net
- Windows Sandbox Launcher
- Microsoft Teams
- Bitdefender Antivirus Free
- 7-Zip
- IrfanView