I am glad to announce the availability of "Aldaba Suite 0.1.7". This release merges aldaba-client and aldaba-server into a single package. Hopefully this should improve code maintainability and reduce the number of headaches when copying files from one place to the other. Minor bugfixes and improvements are also included in this release. Check Changelog for details.

Please download it from Aldaba's project page in Sourceforge.

To install follow these installation instructions.

Please test it and report any bugs you find through the mailing list or using the trackers at Sourceforge.

CHANGELOG: ALDABA SUITE 0.1.7

- Client and Server have been merged into a single source package. This should improve maintainability. No more copy & paste from one side to the other.

- There has been a little adjustment in server's version number. This version should have been server's 0.1.5 but as from now on client and server will have the same version number, it has been "upgraded" to 0.1.7.

- Added additional instalation modes to Makefile

- Installation now makes a backup of configuration files and scripts before overwritting.

- Little improvements in data wiping functions.

- Updated Aldaba tutorial.

- Fixed some errors in man pages.

Some days ago Aldaba Client 0.1.6 was released. Now, it's turn for Aldaba Server. Version 0.1.4 is also a minor release. It fixes a bug in the config file parsing (Thanks to Joshua Caster) and adds a bit more functionality. Check changelog for details.

Please download it from Aldaba's project page in Sourceforge.

To install follow these installation instructions: [Server] [Client]

Please test it and report any bugs you find through the mailing list or using the trackers at Sourceforge.

CHANGELOG: ALDABA SERVER 0.1.4

- Fixed bug in config file parser. Reported and fixed by Joshua Caster.

- Added code to wipe sensitive data (encryption keys, etc) before exiting the application or when the SIGINT signal is delivered.

- Added code to test the correctness of crypto functions. Now, when the program starts, ciphers and hash functions are tested against known correct values.

I am glad to announce the release of Aldaba Knocking Client 0.1.6. I know it's been a while since the last release but lately I am very busy doing some academic research on PK and SPA and that doesn't leave me too much time to code. That will benefit Aldaba and, hopefully, nice features will be implemented in the next few months.

Please download it from Aldaba's project page in Sourceforge.

To install follow these installation instructions: [Server] [Client]

Please test it and report any bugs you find through the mailing list or using the trackers at Sourceforge.

CHANGELOG: ALDABA CLIENT 0.1.6

- Added code to wipe sensitive data (encryption keys, etc) before exiting the application or when the SIGINT signal is delivered.

- Added code to test the correctness of crypto functions. Now, when the program starts, ciphers and hash functions are tested against known correct values.

I am glad to announce the release of Aldaba Knocking Server 0.1.3 and version 0.1.5 of Aldaba Knocking Client.

Please download it from Aldaba's project page in Sourceforge.

To install follow these installation instructions: [Server] [Client]

Please test it and report any bugs you find through the mailing list or using the trackers at Sourceforge.

CHANGELOG: ALDABA CLIENT 0.1.5

- New checksum format. From now on, SPA packets will use SHA256 checksums as MD5 is not secure anymore.

- SPA "command" field has been reduced from 200 bytes to 184 due to the use of SHA256 checksums that take 16 bytes more than MD5.

- Added support for new encryption algorithms. Now, the following ciphers can be used to encrypt/decrypt SPA packets:
- Rijndael (AES contest winner)
- Twofish (AES contest third position)
- Serpent (AES contest second position)
- Blowfish

Note that IP-Id technique needs to use blowfish because it needs ciphers with a block size of 64bits or less.

CHANGELOG: ALDABA SERVER 0.1.3

- New checksum format. From now on, SPA packets will use SHA256 checksums as MD5 is not secure anymore.

- SPA "command" field has been reduced from 200 bytes to 184 due to the use of SHA256 checksums that take 16 bytes more than MD5.

- Added support for new encryption algorithms. Now, the following ciphers can be used to encrypt/decrypt SPA packets:
- Rijndael (AES contest winner)
- Twofish (AES contest third position)
- Serpent (AES contest second position)
- Blowfish

Note that IP-Id technique needs to use blowfish because it needs ciphers with a block size of 64bits or less.

- Fixed typo in --help output

I've recently bought a book titled "Linux Firewalls". I wouldn't be mentioning it here but the thing is that it has 2 chapters about Port Knocking and Single Packet Authorization. The book is written by Michael Rash, the author of fwknop, psad and fwsnort so, as you can imagine, its quality is outstanding.

Chapter 12 talks about Port Knocking versus Single Packet Authorization and Chapter 13 introduces fwknop, Rash's Port Knocking and SPA system. The rest of the book is also quite interesting. In general, it explains how to build an Intrusion Detection/Prevention system based on iptables and some other open source tools developed by the author. Have a look at its official web page if you want to know more.

I am glad to announce the release of Aldaba Knocking Server 0.1.2 and version 0.1.4 of Aldaba Knocking Client.

Please download it from Aldaba's project page in Sourceforge.

To install follow these installation instructions: [Server] [Client]

Please test it and report any bugs you find through the mailing list or using the trackers at Sourceforge.

CHANGELOG: ALDABA CLIENT 0.1.4

- Added option --dont-send. This option prevents Aldaba-client from actually sending any packet. It simulates it does but no information is sent to the network. Note that this option only disables Knock and SPA packets. DNS lookups and HTTP requests for option --resolve-IP will still be sent.

- Added support for new version of Aldaba SPA Protocol. Currently this protocol does the same as the previous one but it will support a lot of interesting features in future releases. These include support for one time passwords, challenge/response authentication, timestamp based authentication, remote command execution etc.

- Source files were completely reorganized.

- Minor bugfixes.

CHANGELOG: ALDABA SERVER 0.1.2

- Added basic support for other data-link types than Ethernet. Currently supported data-link types are: 802.3, 802.11, PPPoE, Loopback and FDDI.

- Fixed a possible buffer overflow while printing Ethernet headers.

- Added support for new version of Aldaba SPA Protocol. Currently this protocol does the same as the previous one but it will support a lot of interesting features in future releases. These include support for one time passwords, challenge/response authentication, timestamp based authentication, remote command execution etc.

- Source files were completely reorganized.

- Minor bugfixes.

It's time to say goodbye to good old CVS and move to a new version control system. From now on, Aldaba source will be managed with Subversion.

Of course, anyone can access the repository. Use the following command to get the latest development version.

svn co https://aldaba.svn.sourceforge.net/svnroot/aldaba/trunk aldaba

You can also browse the repository directly from the following URL:

http://aldaba.svn.sourceforge.net/viewvc/aldaba/trunk/

Manpages are usually OK for those that are already familiar with an application. For those that are new to the use of a tool, something more detailed is always a nice thing to have. For that reason I've created a small tutorial that covers installation and usage of both Aldaba-client and Aldaba-server.

The tutorial can be found here. Any feedback is appreciated.

I am glad to announce the release of Aldaba Client 0.1.3. It has a lot of new features like the possibility of sending noise packets or the use of decoys. Check the man page for more details.

Please download it from Aldaba's project page in Sourceforge. More information in section "Download".

To install follow these installation instructions: [Server] [Client]

Please test it and report any bugs you find through the mailing list or using the trackers at Sourceforge.

CHANGELOG: ALDABA CLIENT 0.1.3

-Fixed a bug in the parser for args --knock-IP and --source-IP.

-Added support for noise packets. This is, extra packets sent to prevent attackers with sniffing capabilities to guess the Knock sequence. A positive integer may be specified using the --noise param.

-Changed the format IP-Id packets are displayed to stdout. Now they are printed as rows of a table. Additional information is shown.

-Changed the way TCP/IP packets are crafted. Now there is a separate function to do it, including computing checksum.

-Random number generator implemented. It is based on current pid, current uid, current time and 4 random bytes read from /dev/random. This should be enough for a port knocking client.

-Added support for decoys (additional IPs to send fake knocks from). This adds some obscurity to the knocking process. This feature can be combined with noise for extra effect.

-Added support for an external IP resolver. Now, the internet-side IP address may be resolved using the service http://whatismyip.aldabaknocking.com. This is useful in NATed networks where the knocking information should not contain a local area network address but an external IP.

I am pleased to announce the release of Aldaba Knocking Server 0.1.1 and version 0.1.2 of Aldaba Knocking Client.

Please download it from Aldaba's project page in Sourceforge.

To install follow these installation instructions: [Server] [Client]

Please test it and report any bugs you find through the mailing list or using the trackers at Sourceforge.

Newbies should also check Aldaba Tutorial for detailed information about Aldaba installation and usage.

CHANGELOG: ALDABA CLIENT 0.1.2
Version 0.1.2 Oct 11, 2007.

- Some functions were moved to different source files. (Mainly because it did not make much sense to be where they used to.

- Output of --help changed. Now, instead of a big manpage a simple usage message is displayed.

- Added support for config files. Because of this, the argparser was rewritten to use separate functions to process each type of argument.Config files can be specified using the --config="" parameter.

- Minor change in the way encryption keys were being displayed in high verbosity modes. Now only first and last 2 bytes are displayed, enough to check for errors.

CHANGELOG: ALDABA SERVER 0.1.1
Version 0.1.1. Oct 11, 2007.

- Some functions were moved to different source files. (Mainly because it did not make much sense to be where they used to.

- Output of --help changed. Now, instead of a big manpage a simple usage message is displayed.

- Added support for configuration files. A config file parser was written using a template created by tool GNU gengetopt.

- Minor changes in the argument parsing process were made.

- The "UDP technique" was renamed to "SPA technique". Many functions and variable names were changed.

- Added option "start" that forces configuration to be read from file/etc/aldabad/aldaba.conf

- Changed argparser: Now case is ignored when parsing long arg names.

- Minor change in the way encryption keys were being displayed in high verbosity modes. Now only first and last 2 bytes are displayed, enough to check for errors.

I am pleased to announce first stable release of Aldaba Knocking Server and version 0.1.1 of Aldaba Knocking Client.

Please download it from Aldaba's project page in Sourceforge.

To install follow these installation instructions: [Server] [Client]

Please test it and report any bugs you find through the mailing list or using the trackers at Sourceforge.

CHANGELOG: ALDABA CLIENT 0.1.1
Version 0.1.1 Sep 30, 2007.

- Fixed a bug in the computation of IP, TCP and UDP checksums.

- Now when the parameter -t is supplied with only one port, the UDP technique is assumed automatically.

- Fixed a bug in the parsing of the -i parameter. Before, the user was being completely ignored and the interface "eth0" was being used in all cases.

- Fixed a bug in the manpage and the --help output. Info about parameter -t was missing.

- "Argparser rewritten. Added support for longer arg names like --source-IP.

- The way blowfish encryption keys were being used has changed. Now the encryption key is the MD5 hash of the user-supplied passphrase (salted with a 4-byte value).

CHANGELOG: ALDABA SERVER 0.1
Version 0.1. Sep 30, 2007.

- The way blowfish encryption keys were being used has changed. Now the encryption key is the MD5 hash of the user-supplied passphrase (salted with a 4-byte value).

- Added --debug switch. It sets maximum verbosity and disables daemon mode.

- Added --quiet switch. It sets verbosity and logging levels to zero.

- Argparser rewritten. Added support for longer arg names like --interface.

I am pleased to announce the release of the second beta version of Aldaba Knocking Server.

Please download it from Aldaba's project page in Sourceforge.

To install follow these installation instructions.

Please test it and report any bugs you find through the mailing list or using the trackers at Sourceforge.

CHANGELOG:

- Fixed a bug in the parsing of the -t parameter. The number of supplied ports was not being checked. Now exactly 4 ports must be supplied for the IP-Id technique and up to ten ports for the UDP technique.

- Now when the parameter -t is supplied with only one port, the UDP technique is assumed automatically.

- Changed Makefile. Now scripts are installed in mode 751 so regular users do not have permissions to read their contents.

- Fixed a bug in the manpage and the --help output. Info about parameter -t was missing.

- Fixed a bug in the execution of the open/close scripts. Now scripts are executed in the background. Otherwise they could hung the server if they do not return immediatly.

As you might know, Aldaba has its own project page at Sourceforge.net. In case you are not familiar with it, Sourceforge provides, at no cost, many tools that are of great help for any open source development.

This includes the following services:

- Bug tracking system.
- Patch tracking system.
- Feature request system.
- Support request system.
- Public forums.
- Mailing lists.
- SVN repository.

Anyone interested in getting involved in the development can (should) use this tools. Please refer to the "Join Development" section for more details.

I am pleased to announce the release of the first version of Aldaba Knocking Server.

I've tested it in Fedora Core 7, Ubuntu 7.04 and Debian Etch but it is still in beta stage so a lot more testing needs to be done. Please try it on your system. I'd appreciate any comments, suggestions, bug reports, feature requests and any feedback in general.

Aldaba Server 0.1 Beta1 can be downloaded from Aldaba's project page in Sourceforge.
 
INSTALLATION NOTES:

First, follow these installation instructions.

Different systems have different firewall configurations so instead of manipulating firewall rules directly, Aldaba Server lets the user specify what should be done after correct knocks are received.

Once Aldaba Server is installed, there are 2 files that should be customized:

/etc/aldabad/aldaba_open.sh
/etc/aldabad/aldaba_close.sh

These files are the scripts that are executed as a result of a correct knock. If the received knock specifies the action "open" then aldaba_open.sh will be executed. If it specifies the action "close", aldaba_close.sh will be used. Both scripts are executed with root privileges so special attention should be paid to them.

For more information check Aldaba Server man page (man aldabad).