[go: up one dir, main page]
Skip to content
/ aldaba-suite Public

An open source Single Packet Authorization and Port Knocking authentication system for GNU/Linux.

License

View license
8 stars 1 fork Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

luismartingarcia/aldaba-suite

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

66 Commits
aldaba-priv
aldaba-priv
 
 
conf
conf
 
 
docs
docs
 
 
scripts
scripts
 
 
.dep.inc
.dep.inc
 
 
AUTHORS
AUTHORS
 
 
AddressResolver.cc
AddressResolver.cc
 
 
AddressResolver.h
AddressResolver.h
 
 
ApplicationLayerElement.h
ApplicationLayerElement.h
 
 
ArgParser.cc
ArgParser.cc
 
 
ArgParser.h
ArgParser.h
 
 
ArgParserClient.cc
ArgParserClient.cc
 
 
ArgParserClient.h
ArgParserClient.h
 
 
ArgParserServer.cc
ArgParserServer.cc
 
 
ArgParserServer.h
ArgParserServer.h
 
 
AuthRecord.cc
AuthRecord.cc
 
 
AuthRecord.h
AuthRecord.h
 
 
CHANGELOG
CHANGELOG
 
 
ClientOps.cc
ClientOps.cc
 
 
ClientOps.h
ClientOps.h
 
 
Crypto.cc
Crypto.cc
 
 
Crypto.h
Crypto.h
 
 
DataLinkLayerElement.h
DataLinkLayerElement.h
 
 
EthernetHeader.cc
EthernetHeader.cc
 
 
EthernetHeader.h
EthernetHeader.h
 
 
GeneralOps.cc
GeneralOps.cc
 
 
GeneralOps.h
GeneralOps.h
 
 
HTTPHeader.cc
HTTPHeader.cc
 
 
HTTPHeader.h
HTTPHeader.h
 
 
ICMPv4Header.cc
ICMPv4Header.cc
 
 
ICMPv4Header.h
ICMPv4Header.h
 
 
INSTALL
INSTALL
 
 
IPAddress.cc
IPAddress.cc
 
 
IPAddress.h
IPAddress.h
 
 
IPv4Header.cc
IPv4Header.cc
 
 
IPv4Header.h
IPv4Header.h
 
 
IPv6Header.cc
IPv6Header.cc
 
 
IPv6Header.h
IPv6Header.h
 
 
LICENSE.txt
LICENSE.txt
 
 
Makefile.in
Makefile.in
 
 
NetworkLayerElement.cc
NetworkLayerElement.cc
 
 
NetworkLayerElement.h
NetworkLayerElement.h
 
 
PKAuthAttempt.cc
PKAuthAttempt.cc
 
 
PKAuthAttempt.h
PKAuthAttempt.h
 
 
PKClient.cc
PKClient.cc
 
 
PKClient.h
PKClient.h
 
 
PKDataLight4.cc
PKDataLight4.cc
 
 
PKDataLight4.h
PKDataLight4.h
 
 
PKDataLight6.cc
PKDataLight6.cc
 
 
PKDataLight6.h
PKDataLight6.h
 
 
PKDataStrong4.cc
PKDataStrong4.cc
 
 
PKDataStrong4.h
PKDataStrong4.h
 
 
PKDataStrong6.cc
PKDataStrong6.cc
 
 
PKDataStrong6.h
PKDataStrong6.h
 
 
PKServer.cc
PKServer.cc
 
 
PKServer.h
PKServer.h
 
 
PacketElement.cc
PacketElement.cc
 
 
PacketElement.h
PacketElement.h
 
 
README.md
README.md
 
 
Random.cc
Random.cc
 
 
Random.h
Random.h
 
 
RawData.cc
RawData.cc
 
 
RawData.h
RawData.h
 
 
SPAClient.cc
SPAClient.cc
 
 
SPAClient.h
SPAClient.h
 
 
SPAHeader.cc
SPAHeader.cc
 
 
SPAHeader.h
SPAHeader.h
 
 
SPAServer.cc
SPAServer.cc
 
 
SPAServer.h
SPAServer.h
 
 
Server.cc
Server.cc
 
 
Server.h
Server.h
 
 
ServerOps.cc
ServerOps.cc
 
 
ServerOps.h
ServerOps.h
 
 
TCPHeader.cc
TCPHeader.cc
 
 
TCPHeader.h
TCPHeader.h
 
 
TODO
TODO
 
 
TransportLayerElement.cc
TransportLayerElement.cc
 
 
TransportLayerElement.h
TransportLayerElement.h
 
 
UDPHeader.cc
UDPHeader.cc
 
 
UDPHeader.h
UDPHeader.h
 
 
aldaba.h
aldaba.h
 
 
aldaba_config.h.in
aldaba_config.h.in
 
 
blowfish.cc
blowfish.cc
 
 
blowfish.h
blowfish.h
 
 
client.cc
client.cc
 
 
client.h
client.h
 
 
config.guess
config.guess
 
 
config.sub
config.sub
 
 
configure
configure
 
 
configure.ac
configure.ac
 
 
crypto_pbkdf2.cc
crypto_pbkdf2.cc
 
 
crypto_pbkdf2.h
crypto_pbkdf2.h
 
 
hmac_sha256.cc
hmac_sha256.cc
 
 
hmac_sha256.h
hmac_sha256.h
 
 
md5.cc
md5.cc
 
 
md5.h
md5.h
 
 
output.cc
output.cc
 
 
output.h
output.h
 
 
post_auth.cc
post_auth.cc
 
 
post_auth.h
post_auth.h
 
 

Repository files navigation

aldaba-suite

An open source Single Packet Authorization and Port Knocking authentication system for GNU/Linux.

http://www.aldabaknocking.com

Nowadays system administrators cannot rely on the security provided by software manufacturers to protect services that run on their network servers. 0-day exploits are serious threats for critical systems that can't afford security breaches. Port Knocking and Single Packet Authorization are two different techniques that provide a mechanism to have all ports of a server closed and open them on request, to clients that have the appropriate authentication credentials. Aldaba is a command-line tool for Linux systems that implements a complete PK and SPA authentication service that is both effective and easy to use.

Current Features

  • Support for two authentication protocols: Port Knocking and Single Packet Authorization.
  • Fast authentication processing.
  • IPv6 capable.
  • Not vulnerable to replay attacks.
  • Encryption using any of: AES/Rijndael, Twofish, Blowfish and Serpent.
  • Authentication through HMAC-SHA256.
  • PBKDF2-based key derivation.
  • Support for custom command execution upon successful client authentication.
  • Sensitive data wiping on exit.
  • Support for decoys and noise packets.
  • Logging capabilities.
  • External IP address resolution.
  • Highly commented source code.
  • Doxygen based documentation.
  • Free and Open Source.

About

An open source Single Packet Authorization and Port Knocking authentication system for GNU/Linux.

Resources

Readme

License

View license
Activity

Stars

8 stars

Watchers

1 watching

Forks

1 fork
Report repository

Releases

No releases published

Packages

No packages published

Languages