SaaSHub helps you find the best software and product alternatives Learn more →
Knockknock Alternatives
Similar projects and alternatives to knockknock
-
InfluxDB
Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
-
tosh
Imagine your SSH server only listens on an IPv6 address, and where the last 6 digits are changing every 30 seconds as a TOTP code...
knockknock reviews and mentions
-
Xzbot: Notes, honeypot, and exploit demo for the xz backdoor (CVE-2024-3094)
It's old and there are probably friendlier options out there now, but
https://github.com/moxie0/knockknock/blob/master/INSTALL
- Ssh brute force attack with fail2ban.
-
SSH server that changes listen address every 30 seconds based on TOTP
> Or is completely firewalled off from the world, and only accessible once you've authenticated yourself to your VPN. Or only reachable once you first authenticate (public/private keys, two factor crypto key auth, etc) to a bastion host, and then reach the system from the bastion.
There's a lot of attack surface in there. Port-knocking is supposed to be a way to reduce attack surface. It's a belt-and-suspenders approach to the reality that even fully patched openssh has exploitable bugs.
Using this tool, a MITM with an openssh 0day can just follow you in. KnockKnock [0] and tools like it do not suffer from this defect. This tool is conceptually similar to KnockKnock, using OTP instead of a monotonic counter. Using OTP opens it up to replay attacks.
https://github.com/moxie0/knockknock
-
A note from our sponsor - SaaSHub
www.saashub.com | 1 May 2024
Stats
moxie0/knockknock is an open source project licensed under GNU General Public License v3.0 only which is an OSI approved license.
The primary programming language of knockknock is Python.
Sponsored