Port Knocking and Single Packet Authorization Resources
This document lists all the information I have gathered about Port Knocking and Single Packet Authorization since I started the development of Aldaba. I've tried to classify them in different categories. They are ordered alphabetically so I've also tried to rate some of them in order to help you spot the best ones easily. Items are rated using stars, ranging from 0 to 4 stars.
Many of the following information was found at http://www.portknocking.org/.
If you are doing research on PK and SPA or have additional information that could be added to this list, please let me know.
Last Updated: Dec 1, 2010.
Contents:
1. Web Sites
2. High Quality Research Papers
3. Articles on the Web
4. Presentations
5. Implementations
6. Also mentioned in
Krzywinski, M. Port Knocking. http://www.portknocking.org/
Jeanquier, S. Security Generation. Single Packet Authorization . http://www.securitygeneration.com/single-packet-authorization/
Barham, P, Hand, S, Isaacs, R, Jardetzky, P, Mortier, R and Roscoe, T. (2002) Techniques for Lightweight Concealment and Authentication in IP Networks [online]. Intel Research Berkeley (IRB-TR-02-009)
http://www.intel-research.net/Publications/Berkeley/012720031106_111.pdf
deGraaf, R, Aycock, J, and Jacobson M (2004). Improved Port Knocking with Strong Authentication [online]. Department of Computer Science, University of Calgary. http://www.acsac.org/2005/papers/156.pdf
deGraaf, R (2007). Enhancing Firewalls: Conveying User and Application Identification to Network Firewalls [online]. Computer Science Master's Thesis, Department of Computer Science, University of Calgary.
http://recursos.aldabaknocking.com/thesis-degraaf.pdf
Doyle, M. (2004) University of Arkansas Department of Physics. Implementing a Port Knocking System in C. [online] University of Arkansas. http://portknocking.sourceforge.net/files/Implementing%20a%20Port%20Knoc...
Jeanquier, S. (2006) An Analysis of Port Knocking and Single Packet Authorization [online]. Information Security Group. Royal Holloway College, University of London.
http://www.securitygeneration.com/wp-content/uploads/2010/05/An-Analysis...
Khakpour, A.R. and Chaouchi, H. ESSTCP: Enhanced Spread-Spectrum TCP [online]. Institut National des Télécommunication (INT) Evry, France. http://www.cecs.uci.edu/~papers/ipdps07/pdfs/SSN-1569014437-paper-2.pdf
Vasserman, EY, Hopper, N, Laxon, J and Tyra, J. SILENTKNOCK: Practical, Provably Undetectable Authentication. [online]. University of Minnesota, Stanford University. United states.
http://www.cs.umn.edu/~hopper/silentknock_esorics.pdf
OTHER PAPERS AND MAGAZINE ARTICLES
Isabel D. (2005) Port Knocking: Beyond the Basics. [online]. SANS Institute. http://www.sans.org/reading_room/whitepapers/sysadmin/1634.php
Keong TC (2004). Remote Server Management Using Dynamic Port Knocking and Forwarding [online]. Special Interest Group in Security and Information Integrity. http://www.security.org.sg/code/sig2portknock.pdf
Krivis, S. (2004). Port knocking: helpful or harmful? An exploration of modern network threats [online]. SANS Institute. http://www.giac.org/certified_professionals/practicals/gsec/3838.php
Maddock, B. (2004). Port Knocking: An overview of Concepts, Issues and Implementations [online]. SANS Institute. http://www.giac.org/certified_professionals/practicals/gsec/4122.php
Maki, T. (2007) Explicit Mechanisms for Controlling NAT/Firewall Systems Dynamically. Helsinki University of Technology. http://www.tml.tkk.fi/Publications/C/23/papers/Maki_final.pdf
Manzanares, A, Torres, M, Estevez, JM and Hernández, JC. Attacks on Port Knocking Authentication Mechanism [Online - Restricted]. Universidad Carlos III de Madrid. http://www.springerlink.com/content/lrab9tf4ef199ajg/
Rash, M. (2004) Combining Port Knocking and Passive OS Fingerprinting with fwknop [online]. The USENIX Magazine, (29), pp.19-25 http://www.usenix.org/publications/login/2004-12/pdfs/fwknop.pdf
Rash, M. (2007). Linux Firewalls: Attack Detection and Response with iptables, psad, and fwsnort. Chapters 12 and 13. No Starch Press. ISBN: 978-1593271411
Rash, M. (2006). Single Packet Authorization with Fwknop [online]. The USENIX Magazine 02/06. https://db.usenix.org/publications/login/2006-02/pdfs/rash.pdf
Rash, M. (2007). Single Packet Authorization. Linux Journal. April 1, 2007. http://www.linuxjournal.com/article/9565
Rash, M. (2007). Protecting SSH Servers with Single Packet Authorization. Linux Journal. May 1, 2007.
http://www.linuxjournal.com/article/9621
Bradley, T. (2004) Port Knocking [online]. The New York Times, About, Inc. About.com. http://netsecurity.about.com/cs/generalsecurity/a/aa032004.htm
Conte, B. (2008). The Practicality of Port Knocking.
http://bradconte.com/security/the-practicality-of-port-knocking.php
Graham-Cumming, J. (2004) Practical Secure Port Knocking [online]. Dr. Dobb's Journal, (366), pp.51-53 http://www.ddj.com/184405890
Grimes, RA. (2006) Port knocking: A security idea whose time has come [online]. Infoworld. http://www.infoworld.com/article/06/03/17/76466_12OPsecadvise_1.html
Hatch, B. (2003) Sniffing with Net::Pcap to stealthily managing iptables rules remotely [online]. Hacking Linux Exposed. http://www.hackinglinuxexposed.com/articles/20030730.html
Knutee. (2008) Single Packet Authorization [online]. http://knutee.net/?p=11
Krzywinski, M. (2003) Port Knocking: Network Authentication Across Closed Ports [online]. SysAdmin Magazine, (12), pp.12-17. http://www.samag.com/documents/s=9366/sam0306b/0306b.htm
Krzywinski, M. (2006) Port Knocking From the Inside Out [online - Requires suscription]. Hakin9 Magazine (5). http://en.hakin9.org/products/articleInfo/47
Martin, K. (2004). Knock, Knock, Knock. Security Focus. http://www.securityfocus.com/columnists/221
Narayanan, A. (2004) A critique of port knocking [online]. Linux.com, Sourceforge Inc. http://www.linux.com/articles/37888
Yarden, J. (2005). Use port knocking to bypass firewall rules and keep security intact [online]. TechRepublic, CNET Networks. http://articles.techrepublic.com.com/5100-1009-5798871.html
Unknown Author. (2004) SolutionBase: Use port knocking for a more secure method of opening ports [online]. TechRepublic, CNET Networks. http://articles.techrepublic.com.com/5100-6350_11-5164533.html
Unknown Author. Port Knocking for SMTP [online]. Unlisting. http://unlisting.org/
(2004) Introduction to Cerberus: Port Knocking with covert packets to secretly open your firewall [online]. Scorpion Software. http://silverstr.ufies.org/blog/Cerberus.ppt
Aiello, M, Kalinskiy, S, Nurilov, S, and Smolenskiy, E. Port Knocking Project (for Windows) [online]. http://winportknocking.sourceforge.net/Port_Knocking_Project_Status.ppt
deGraaf, R, Aycock, J, and Jacobson M (2004). Improved Port Knocking with Strong Authentication [online]. Department of Computer Science, University of Calgary. http://pages.cpsc.ucalgary.ca/~degraaf/papers/portknocking-presentation.pdf
Doyle, M. (2004) University of Arkansas Department of Physics. Implementing a Port Knocking System in C. [online] University of Arkansas. http://portknocking.sourceforge.net/files/Implementing%20a%20Port%20Knoc...
Epp, D. (1999) Port Knocking with Cerberus. [online] http://silverstr.ufies.org/blog/Cerberus.ppt
Hou. JC. Port Knocking. [online] Department of Computer Science. University of Illinois. United States. http://lion.cs.uiuc.edu/cours.es/cs397hou/lectures/PortKnocking.ppt
Keong, T.C. and Meng, C.T. Remote Server Access using Dynamic Port Knocking and Forwarding [online]. Special Interest Group in Security and Information integrity. http://www.security.org.sg/webdocs/news/event30/SIG2_Portknock.ppt
Krzywinski, M. Port Knocking. Flexible security through authentication across closed ports [online]. Genome Sciences Centre. Vancouver, Canada. http://www.portknocking.org/docs/wcsf2003.ppt
Lum, K. (2004) Port Knocking r0x0rz j00 [online]. http://sfs.poly.edu/presentations/portknocking.pdf
Rash, M. (2004) Advanced Netfilter. Content Replacement (ala Snort_inline) and Port Knocking Based on p0f [online]. DEFCON 12. http://www.defcon.org/images/defcon-12/dc-12-presentations/Rash/dc-12-ra...
Rash, M, (2006). Advances In Single Packet Authorization [online]. http://www.cipherdyne.org/fwknop/docs/talks/shmoocon2006_fwknop_slides.pdf
Rash, M. (2007). ZeroDay Attack Prevention via Single Packet Authorization [online]. http://www.cipherdyne.org/talks/Michael_Rash_Techno_Security2007_SPA.pdf
Rathaus, N. Beyond Security: Presentation on Port Knocking [online] Beyond Security Ltd. http://www.cs.tau.ac.il/tausec/lectures/port_knocking.ppt
SPA: Single Packet Authentication [online]. MadHat Unspecific. Simple Nomad. Nomad mobile research centre. http://www.nmrc.org/dc13/bh2005-mh-sn-spa.ppt
Volpato, GL and Grimm, C. Dynamic Firewalls and Service Deployment Models for Grid Environments [online]. RRZN – Leibniz Universität Hannover. http://www.cyfronet.pl/cgw06/presentations/c4-4.ppt
Worth, D. (2004). COK: Cryptographic Port Knocking [online]. Black Hat USA 2004. http://www.blackhat.com/presentations/bh-usa-04/bh-us-04-worth-up.pdf
Bello, L. CWKPF Cuasi-Web Knocking para Packet Filter. http://www.lucianobello.com.ar/webknocking/index_en.html
Bidou, R. Multi-purpose port knocker.(Source: http://www.iv2-technologies.com/~rbidou/apk-1.0.tar.gz) (Documentation: http://www.iv2-technologies.com/~rbidou/apk.README.html)
Boyce, M. Bash IPTables Port Knocking. http://www.phantomcode.com/bashiptableportknocking/
Drizzt. Helldoor. http://utenti.gufi.org/~drizzt/codes/helldoor/
FX. Cdoor. 2000. http://www.phenoelit-us.org/stuff/cd00rdescr.html
Ingles, R. Ostiary. 2006. http://ingles.homeunix.org/software/ost/index.html
Keong, T and Capella. SIG^2 Port Knocking. 2004.http://www.security.org.sg/code/portknock1.html
Krzywinski, M. Port Knocking. http://www.portknocking.org/
Lebelt, S. Webknocking. 2006. http://www.webknocking.de/semaphor.php?item=webknocking_en
MartinGarcia, L. Aldaba PK/SPA Security Suite. 2010. http://www.aldabaknocking.com/
Meehan, J. Pasmal. 2005. http://sourceforge.net/projects/pasmal/
Nyberg, CM. SAdoor. http://cmn.listprojects.darklab.org/
OldW0lf. Toc Toc. 2004. http://3w.0ldw0lf.atrix-team.org/
Outdot, L. Wknock. 2005. http://www.rstack.org/oudot/wknock/
Prinz, R. It's ME. 2006. http://www.min.at/prinz/software/port/
Rash, M. Fwknop. 2007. http://www.cipherdyne.org/fwknop/
Shemesh, S. Temprules. 2004. http://sourceforge.net/projects/temprules/
Si0ux. 2006. Coarse Knocking. http://sourceforge.net/projects/coarseknocking/
Snell, J. Combo. 2002. http://www.e-normous.com/nerd/combo.c
Tumbler. Cumming, JG. 2004. http://tumbler.sourceforge.net/
Vanini, F. Barricade. 2004. http://www.lightning.eu.org/barricade/
Vasserman, EY et al. Silent Knock. 2007. http://www-users.cs.umn.edu/~eyv/knock/
Vinet, J. knockd. 2005. http://www.zeroflux.org/cgi-bin/cvstrac.cgi/knock/wiki
Walko, J. (2004) A simple encrypted port knocker [online]. http://cryptknock.sourceforge.net/
Walko, J. Cryptknock. 2004. http://sourceforge.net/projects/cryptknock
Ward, JB. Doorman. 2005. http://doorman.sourceforge.net/
Windows Port Knockning. 2004. http://sourceforge.net/projects/winportknocking
Коротков Евгений. Bash Script. 2003. http://www.opennet.ru/base/sec/port_knocking.txt.html
Gibson, S. and LaPorte, L. (2007) Security Now Podcast. Episode 80. Listener Feedback Q&A #16 [Podcast - online]. http://media.grc.com/sn/SN-080.mp3
Green, ML, Gallo, SM and Miller, R. (2004) Grid-Enabled Virtual Organization Based Dynamic Firewall [online]. Center for Computational Research SUNY-Buffalo. New York. United States. http://ieeexplore.ieee.org/iel5/9495/30134/01382833.pdf
Slashdot.(2004). Port Knocking" For Added Security. [online] Open Source Technology Group. http://slashdot.org/it/04/02/05/1834228.shtml?tid=126&tid=172
Slashdot. (2004). Port Knocking in Action [online]. http://it.slashdot.org/article.pl?sid=04/04/14/1832222
Slashdot. (2004). Going Beyond Port Knocking; Single Packet Access [online]. http://it.slashdot.org/article.pl?sid=05/05/30/1128209&tid=172&tid=106
StankDawg and Rax (2004) Binary Revolution Radio. Episode 32 - Port Knocking. [Podcast - online]. http://www.binrev.com/radio/archive/binrev032.mp3
Asadoorian, P. and Jeanquier, S. (2010). Pauldotcom Security Weekly. Episode 221. November 23, 2010. [Podcast - online]. http://traffic.libsyn.com/pauldotcom/pauldotcom-SW-episode221.mp3
