Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Browse files

minor README update

  • Loading branch information...
commit 3adb3599323ae4b1abc7e4a1537e753addf1d99c 1 parent 227d0ab
@mrash authored
Showing with 4 additions and 3 deletions.
  1. +4 −3 README
View
7 README
@@ -9,9 +9,10 @@ communicate desired access to a service that is hidden behind a firewall in a
default-drop filtering stance. The main application of SPA is to use a firewall
to drop all attempts to connect to services such as SSH in order to make the
exploitation of vulnerabilities (both 0-day and unpatched code) more difficult.
-Any service that is concealed by SPA naturally cannot be scanned for with Nmap.
-The fwknop project supports three different firewalls: iptables on Linux
-systems, pf on OpenBSD, and ipfw on FreeBSD and Mac OS X.
+Because there are no open ports, any service that is concealed by SPA naturally
+cannot be scanned for with Nmap. The fwknop project supports three different
+firewalls: iptables on Linux systems, pf on OpenBSD, and ipfw on FreeBSD and
+Mac OS X.
SPA is essentially next generation Port Knocking (PK), but solves many of the
limitations exhibited by PK while retaining its core benefits. PK limitations
Please sign in to comment.
Something went wrong with that request. Please try again.