- init-system-helpers (>= 1.54~)
The FireWall KNock OPerator implements an authorization scheme called
Single Packet Authorization (SPA), based on Netfilter and libpcap.
.
Its main application is to protect services such as OpenSSH with
an additional layer of security in order to make the exploitation of
vulnerabilities (both 0-day and unpatched code) much more difficult.
.
The authorization server passively listens for authorization packets via
libpcap, thus preventing any connections from being processed on the
traditional port. Access to a protected service is only granted after a
valid encrypted and non-replayed packet is detected.
Installed Size: 256.0 kB
Architectures: amd64 arm64