09 June, 2007

Techno Security 2007
conference is over, and I gave a
entitled "
Zero-day Attack Prevention via Single Packet Authorization".
The major emphasis of this talk was to demonstrate some of the new capabilities
offered by the 1.8 release of
fwknop, including the ability
to run the fwknop client on a Windows 2000 system under
Cygwin and authenticate to a Linux system running the fwknopd server. This
demonstration was accomplished from a single Ubuntu Linux system with a Windows 2000
instance under Vmware to execute the fwknop client. New capabilities in fwknop that
I did not have time to demonstrate are the ability to run the fwknopd server on systems
that use the ipfw firewall (such as FreeBSD and Mac OS X), and the usage of
(part of the GnuPG project) to acquire passwords associated with GnuPG keys. At some point
it might be interesting to devote more time to giving a lengthy demonstration of various
fwknop authentication modes and features. One additional note is that I have released
fwknop-1.8.1 after the conference talk to address an issue with the usage of the ipfw
"keep-state" option when fwknopd creates new rules to accept connections from valid fwknop
client systems; here is the
You can download a PDF of my presentation slides