Hi all,
fwknop-2.6.4 has been released:
https://www.cipherdyne.org/fwknop/download/
Or you can grab the tarball directly from the tag in github:
https://github.com/mrash/fwknop/archive/2.6.4.tar.gz
Here are the highlights:
- Added a new optional UDP listener mode that can be used to remove libpcap
as a dependency for fwknopd altogether (use --enable-udp-server on the
configure command line). Of course, this implies needing to open the
firewall for UDP packets to port 62201 or whatever port you choose. But,
fwknopd never sends anything back to a client, so from the perspective of a
scanner/attacker fwknopd remains passive and undiscoverable.
- For systems where execvpe() is available, replaced all system() and
popen() calls so that the shell is never invoked and the environment is not
used. execvpe() appears to typically be available on Linux and OpenBSD.
- Added support for the 'American Fuzzy Lop' fuzzer from Michal Zalewski.
No crashes or hangs discovered so far.
- Gerry Reno contributed support for the 'firewalld' firewall on recent
Fedora, RHEL, and Centos systems.
As usual, fwknop has a Coverity Scan score of zero, and the code coverage
report generated by the test suite is available here:
http://www.cipherdyne.org/fwknop/2.6.4-lcov-results/
Please let me know if there are any issues.
Thanks,
--Mike
------------------------------------------------------------------------------
Download BIRT iHub F-Type - The Free Enterprise-Grade BIRT Server
from Actuate! Instantly Supercharge Your Business Reports and Dashboards
with Interactivity, Sharing, Native Excel Exports, App Integration & more
Get technology previously reserved for billion-dollar corporations, FREE
http://pubads.g.doubleclick.net/gampad/clk?id=157005751&iu=/4140/ostg.clktrk
_______________________________________________
Fwknop-discuss mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/fwknop-discuss
