How to Install and Uninstall fwknop.x86_64 Package on CentOS 8 / RHEL 8

Last updated: November 15,2024

1. Install "fwknop.x86_64" package

Please follow the guidance below to install fwknop.x86_64 on CentOS 8 / RHEL 8

$ sudo dnf update $ sudo dnf install fwknop.x86_64

2. Uninstall "fwknop.x86_64" package

In this section, we are going to explain the necessary steps to uninstall fwknop.x86_64 on CentOS 8 / RHEL 8:

$ sudo dnf remove fwknop.x86_64 $ sudo dnf autoremove

3. Information about the fwknop.x86_64 package on CentOS 8 / RHEL 8

Last metadata expiration check: 1 day, 4:27:24 ago on Sun May 9 13:03:46 2021.
Available Packages
Name : fwknop
Version : 2.6.10
Release : 6.el8
Architecture : x86_64
Size : 201 k
Source : fwknop-2.6.10-6.el8.src.rpm
Repository : epel
Summary : A Single Packet Authorization (SPA) implementation
URL : http://www.cipherdyne.org/fwknop/
License : GPLv2
Description : fwknop implements an authorization scheme known as Single Packet
: Authorization (SPA) that requires only a single encrypted packet to
: communicate various pieces of information including desired access through an
: iptables policy and/or specific commands to execute on the target system.
: The main application of this program is to protect services such as SSH with
: an additional layer of security in order to make the exploitation of
: vulnerabilities (both 0-day and unpatched code) much more difficult. The
: authorization server passively monitors authorization packets via libpcap and
: hence there is no "server" to which to connect in the traditional sense. Any
: service protected by fwknop is inaccessible (by using iptables to
: intercept packets within the kernel) before authenticating; anyone scanning for
: the service will not be able to detect that it is even listening. This
: authorization scheme offers many advantages over port knocking, include being
: non-replayable, much more data can be communicated, and the scheme cannot be
: broken by simply connecting to extraneous ports on the server in an effort to
: break knock sequences. The authorization packets can easily be spoofed as
: well, and this makes it possible to make it appear as though, say,
: www.yahoo.com is trying to authenticate to a target system but in reality the
: actual connection will come from a seemingly unrelated IP. Although the
: default data collection method is to use libpcap to sniff packets off the
: wire, fwknop can also read packets out of a file that is written by the
: iptables ulogd pcap writer or by a separate sniffer process.