cipherdyne.org

Michael Rash, Security Researcher



Software Release - fwknop-0.9.2

The 0.9.2 release of fwknop is ready for download. Here is an excerpt from the ChangeLog:
  • Added FILE_PCAP data collection method when running in server mode. This is a more general way of getting packets than the ULOG_PCAP mode since then a normal ethernet sniffer can be used to build the file.
  • Added the ability to re-open a pcap file if its size shrinks (i.e. it gets rotated out or something).
  • Bugfix for multiple rules with the same timestamp not being timed out by knoptm.
  • Integrated spoofing capability directly within fwknop (instead of using the knopspoof command) through the use of "require Net::RawIP".
  • Better multi-protocol support in server mode. Tcp and icmp packets are properly decoded now.