Steven Polley steven

0 Followers · 0 Following

• Canada
• https://stevenpolley.net

• Aspiring to become a goose farmer at some point

• Joined on 2019-01-05

Repositories

35

Projects Packages Public Activity Starred Repositories

1

steven commented on issue steven/hyp#7 2024-04-14 03:26:11 +00:00

Eliminate CGO dependency

Switched from libpcap to ebpf-go. Can now compile with CGO_ENABLED=0 and no dependency on libpcap.

0ad3e2b0d4914bc0670f0acaad799839ae7726f3

steven closed issue steven/hyp#7 2024-04-14 03:26:11 +00:00

Eliminate CGO dependency

steven pushed to main at steven/hyp 2024-04-14 03:22:29 +00:00

0ad3e2b0d4 enter eBPF, libpcap and CGO = bloat

steven created branch main in steven/ebpf-playground 2024-04-14 00:48:05 +00:00

steven pushed to main at steven/ebpf-playground 2024-04-14 00:48:05 +00:00

edd8ada1ea initial commit - and it works!

steven created repository steven/ebpf-playground 2024-04-14 00:40:31 +00:00

steven commented on issue steven/hyp#7 2024-04-12 03:04:56 +00:00

Eliminate CGO dependency

Removing libpcap will also remove a lot of network types, so we will likely be contstrained to supporting just ethernet, IPv4/IPv6, and UDP.

This looks interesting: https://pkg.go.dev/golang.o…

steven pushed to main at steven/hyp 2024-04-12 00:36:24 +00:00

3ae568639e add flag to specify alternative filepath to secret

ead7578544 change pcap snaplen to 126 bytes

Compare 2 commits »

steven opened issue steven/hyp#7 2024-04-12 00:36:02 +00:00

Eliminate CGO dependency

steven commented on issue steven/hyp#2 2024-04-11 21:31:24 +00:00

Support for Multiple Servers

3ae568639e67420177a0e3bf70e2551113c01514

steven closed issue steven/hyp#2 2024-04-11 21:31:24 +00:00

Support for Multiple Servers

steven commented on issue steven/hyp#5 2024-04-11 04:02:34 +00:00

BPF Filter Limitations - Prevent Sweeping Attacks

Need to get some benchmarks with wide open filter compared to constraining to just the ports required for the authentic knock sequence.

I can only test this on a 1Gbps line.

Also, in the…

steven commented on issue steven/hyp#2 2024-04-11 04:00:14 +00:00

Support for Multiple Servers

Just need to add a flag for -secret=~/.hyp/myOtherServer.secret

steven commented on issue steven/hyp#1 2024-04-11 03:59:13 +00:00

Support for Multiple Clients

Multiple keys should be able to be generated and loaded by hypd.

./hypd generate secret >/etc/hyp/secrets.d/client1.secret
./hypd generate secret >/etc/hyp/secrets.d/client2.secret
./…

steven commented on issue steven/hyp#3 2024-04-11 03:57:44 +00:00

hypd Configuration File

Configuration Items

• (Directory) path for the pre-shared key(s)?
• client timeout
• knock success action
• knock timeout action

steven pushed to main at steven/hyp 2024-04-11 03:51:04 +00:00

3ff47dfa19 use cobra args, not os.Args

steven pushed to main at steven/hyp 2024-04-11 03:42:43 +00:00

291cbaabd4 BREAKING: changes to CLI interface, moved to cobra CLI

steven pushed to main at steven/hyp 2024-04-10 12:10:42 +00:00

cca8310dd1 Change license from GPLv3 to BSD3

steven commented on issue steven/hyp#6 2024-04-10 03:52:47 +00:00

Close Ports When Done

I also need to work out how much information about the key is leaked during each knock sequence transmission to ensure this frequency is sane. Only 64 bits of the sha1hmac are used for the…

steven opened issue steven/hyp#6 2024-04-10 03:49:55 +00:00

Close Ports When Done