Become a fan of Slashdot on Facebook


Forgot your password?
DEAL: For $25 - Add A Second Phone Number To Your Smartphone for life! Use promo code SLASHDOT25. Also, Slashdot's Facebook page has a chat bot now. Message it for stories and more. Check out the new SourceForge HTML5 internet speed test! ×

Submission + - Fwknop on OpenWrt and Android

Jonathan P. Bennett writes: Fwknop is a great way to maintain remote access into a network without leaving ports open, and now there are tools that make it much easier to use. We've put together a demonstration of how the newly released android client, fwknop2 (also on F-droid), can import encryption and HMAC keys using QR codes via the phone's camera, and provide nat access back into other devices on the internal network.
More information can be found on the Cipherdyne site or in my blog post on the matter.

Submission + - Trending Low-Volume Google Searches - Introducing (

michaelrash writes: "The Google Trends project provides some visibility into how popular search terms like "Myspace" or "2008 Election" change over time and points out relevant news articles that create jumps in search volume. This is a handy tool, but there are many search terms that Google Trends does not display any results for. Such terms (such as "Linux Firewalls" — with the quotes) have insufficient search volumes to display graphs according to the error message that Google Trends generates. Fair enough. Google sets an internal threshold on search volume, and this threshold could be set for reasons that range anywhere from Google Trends is still experimental to Google not wanting to provide data on how it builds its massive search index for emerging search terms. Either way, I would like a way to see search term trends that Google doesn't currently make available to me. So, I've released an open source project called "Gootrude" to do just this. For the past year Gootrude has collected a set of low-volume search terms and interfaced with Gnuplot to visualize them."

Submission + - Port Forwarding via Single Packet Authorization (

michaelrash writes: "Most port knocking or Single Packet Authorization implementations offer the ability to passively authenticate clients for access only to a locally running server (such as SSHD). That is, the daemon that monitors a firewall log or that sniffs the wire for port knock sequences or SPA packets can only reconfigure a local firewall to allow the client to access a local socket. For local servers, this works well enough, but suppose that you are on travel and that you ultimately want to access an SSH daemon that is running on an internal system with a non-routable IP? If the SPA software is deployed on a Linux gateway that is protecting a non-routable internal network and has a routable external IP address, it is inconvenient to first have to login to the gateway and then login to the internal system. The latest release of fwknop supports the automatic creation of iptables NAT rules to allow temporary access directly to internal systems by forwarding a connection on through the gateway system directly to an internal server. Such access is granted only after a valid SPA packet (i.e. non-replayed and encrypted either via a shared Rijndael key or via GnuPG) is passively sniffed off the wire. It is no longer necessary to login to the gateway system first and use it as a jump point for access to internal systems."

Slashdot Top Deals

The only perfect science is hind-sight.