Join GitHub today
GitHub is home to over 20 million developers working together to host and review code, manage projects, and build software together.
Fetching latest commit…
Cannot retrieve the latest commit at this time.
|Failed to load latest commit information.|
nodeKnock 0.2 by freddyb for nodeJS 0.2.5 FAQ Q: What is nodeKnock, what does it do? A: nodeKnock is going to be (i.e. it IS NOT YET) a port knocking tool written with nodeJS - just for fun. Its protocol is designed under the assumption that the port is known to client and server beforehand, i.e. the port is not and should never be transmitted over the wire. Apart from the port, both partys already have to share a common secret. The current state (0.2) only implements the authentication between client and server and a simple iptables-based reaction. It is not completely decided whether nodeKnock should handle the transmission to the protected port by itself (like a proxy) or if the successful will still trigger only an iptables-command (or maybe something customizable?). Q: What is the secret? A: The secret is to be defined a priori in nodeKnock.cfg. It's a string of arbitrary length. It is never transmitted in the clear. Still, you shouldn't set your config file world-readable. Q: How long does an authorization last? A: User-defined amount of seconds in config['duration'] (nodeKnock.cfg). If no duration is specified the default value of 3600 is used. Q: Why do I have to set my own IP for the client? A: Because the user usually knows best ;) Protocol (abstract): - One-Way Protocol - Client sends header, timestamp, sha1(client_ip + secret + timestamp) - Server decides whether timestamp is not too old and builds his own hash based on the timestamp provided and the client-ip extracted from the IP header. When both hashes match, the server adds client_ip to the list of authorized IPs. Protocol (detailed): - The protocol is underlying ICMP Echo Requests. Usually Echo Requests leave room for a few custom bytes of our own. We use them to send messages to the server. The first three bytes are (probably subject to change for future nodeKnock versions) 0x786875. After that, the client will send a 4 Byte timestamp (the highest byte first) followed by 9 bytes of the sha1 sum of: client-ip, secret, timestamp. all inputs are transformed into strings on beforehand. e.g. sha1('127.0.0.1'+'foobar'+'1234567').