search for: fwknopd

...a quasi-knocking KISS solution that > sends an unencrypted secret via a single UDP packet. Server side is ^^^^^^^^^^^^^^^^^^^^^^^^^^^^ > realized entirely with nftables ... frankly, for that reason, I like fwknop (in my case, straight from OS repos) better ... I'd still have to see fwknopd exit unexpectedly, which is where a host-firewall-only mechanism on the server side would have an advantage ... http://www.cipherdyne.org/fwknop/ > ~# cd /etc/fwknop > fwknop# diff access.conf.orig access.conf | sed -e '/> .*KEY/s/\t.*/\t.../' > 204,206c204,211 > < SO...

I've seen pam_shield recommended several times for protecting against malicious login attempts; but I'm not quite clear if this requires one to be already running some pam-based software? Also, I'm running shorewall, and would prefer a shorewall based protection, but the advice I read on googling for this seemed excessively complicated. -- Timothy Murphy e-mail: gayleard /at/

...ROP instead, so that no-one knows if sshd is running or not) (this step is optional) #service iptables stop #joe /etc/sysconfig/iptables change -A RH-Firewall-1-INPUT -j REJECT --reject-with icmp-host-prohibited to -A RH-Firewall-1-INPUT -j DROP Restart the firewall #service iptables start Start fwknopd --debug Leave this debug window open, and you will see the rules that fwknop adds to the firewall. Setup the Client; Install fwknop (the same package contains server and client tools) #cd /tmp #wget http://www.cipherdyne.org/fwknop/download/fwknop-1.0.1-1.i386.rpm #rpm -i fwknop-1.0.1-1.i386....