Hi all,
some of you might know a project called "Knock", which implements
a variant of port-knocking in the Linux kernel that can be used to
check the authenticity of arbitrary TCP connections and even can do
integrity checking of the TCP payload by using a pre-shared key.
We still hope that Knock will be eventually useful for adding an extra
layer of security to applications like SSH, VNC or Tor (think:
bridges), but could use your help to collect data to help convince the
Linux people to adopt the latest patch.
As Knock uses two fields in the TCP header in order to hide information
and we explicitly want to be compatible with machines sitting in
typical home networks, we need to make sure that this information
doesn't get corrupted by the majority of NAT boxes out there. We thus
created a program which tests if Knock would work in your environment.
It would be great if some of you were able to execute the program on
your machines in order to help us to get an estimation of if Knock one
day could be used in a larger scale.
You can find sources, binaries and a more elaborate description here:
https://gnunet.org/knock_nat_tester
Technical details about Knock and a (somewhat outdated) research paper
as well as kernel patches are provided here:
https://gnunet.org/knock
Best,
Julian & Christian
Komentarų nėra:
Rašyti komentarą