DeforaNetworks/fwknop
DeforaNetworks/fwknop
3
0
Fork 0
Code Releases Activity

minor README update

Browse Source
This commit is contained in:
Michael Rash 2014-01-01 13:42:13 -05:00
parent 227d0ab947
commit 3adb359932
1 changed files with 4 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
README
View File

@ -9,9 +9,10 @@ communicate desired access to a service that is hidden behind a firewall in a
default-drop filtering stance. The main application of SPA is to use a firewall default-drop filtering stance. The main application of SPA is to use a firewall
to drop all attempts to connect to services such as SSH in order to make the to drop all attempts to connect to services such as SSH in order to make the
exploitation of vulnerabilities (both 0-day and unpatched code) more difficult. exploitation of vulnerabilities (both 0-day and unpatched code) more difficult.
Any service that is concealed by SPA naturally cannot be scanned for with Nmap. Because there are no open ports, any service that is concealed by SPA naturally
The fwknop project supports three different firewalls: iptables on Linux cannot be scanned for with Nmap. The fwknop project supports three different
systems, pf on OpenBSD, and ipfw on FreeBSD and Mac OS X. firewalls: iptables on Linux systems, pf on OpenBSD, and ipfw on FreeBSD and
Mac OS X.
SPA is essentially next generation Port Knocking (PK), but solves many of the SPA is essentially next generation Port Knocking (PK), but solves many of the
limitations exhibited by PK while retaining its core benefits. PK limitations limitations exhibited by PK while retaining its core benefits. PK limitations