Michael Rash, Security Researcher Article on fwknop

At Bob Currier has written a featured article on fwknop. He gives a good overview of how Single Packet Authorization (SPA) is different from port knocking, and illustrates how to use fwknop to harden SSH communications. Here is a quote from the article:

   Single packet authorization distills the essence of the port knocking concept down to a single packet. Rather than sending a series of packets to predefined ports, single packet authorization encodes the "knock" within the payload of one packet. Once a proper key has been received, SPA applications modify firewall rules to allow access to the authenticated host. We'll examine how this is accomplished by installing and testing the Firewall KNock Operator, better known as fwknop.

There are several comments attached to the article from interested users, and additional discussion of both port knocking and SPA topics can be found at Sebastien Jeanquier's online forum.