PyKnock is born!

Pyknock is a Total Revolutionary Port Knocking System libpcap based.

PyKnock enrich the concept of Port Knocking (usually based on analyzing iptables logs in search of specific sequences of packets to make service/commands start) adding the use of pcap libraries to make a sniffer which checks packets on a specific port.

PyKnock was born some months ago between some college courses, from my mind and its project was enlarged helpfully with my friend Pasquale’s support.

PyKnock consist in two parts: Client and Daemon.
The Client can send through UDP packets messages or commands to Daemon, without really establish any type of connection or really communication.
The communication from client to daemon is totally passive.
The daemon will sniff packets on a specific set port on its configuration file, when packets will be sniffed, it will decompress and decrypt them to examine them, once if submitted command/message will match with the same stored on its configuration file, service (like ssh server) will start.

No problems for security and privacy, PyKnock uses asymmetric keypairs (GPG) to encrypt your command/message before to send it to daemon through udp packets.

The only limitation that pyknock introduce on using GPG is to avoid to exchange public key generated on server-side to third parts.

For now the daemon is iterative, this means that it can only serve one request at time, this is a big limitation that our team is trying to defeat adding threads’ support.

This is all for now,
Stay tuned and wait for updates!


Alessandro.

Posted by Alessandro at 3:19PM

About

  • Release: Nothing yet
  • Page Update: Jan 21, 2008