pyknock alternatives

Looking for an alternative tool to replace pyknock? During the review of pyknock we looked at other open source tools. Based on their category, tags, and text, these are the ones that have the best match.

Top 3

  1. Knock (port knocking tool)
  2. Anti-DDOS (configuration tool to reduce impact of DDoS)
  3. Assimilator (firewall orchestration tool)

These tools are ranked as the best alternatives to pyknock.

Alternatives (by score)

63

Knock

Introduction

Knock implements the principle of port knocking. It does so by using libpcap to sniff network traffic on interfaces and then use that to see if it matches a predefined sequence of steps.

Project details

Knock is written in C.

Strengths and weaknesses

  • + Project is mature (10+ years)
  • - No updates for a while

Knock review

60

Anti-DDOS

Introduction

This script could be useful for system and network administrators that want to learn about better defending the network against lots of network packets. The Linux kernel has a default configuration that is optimized for performance. To further secure it, changes need to be made to these kernel settings. The Anti-DDoS tool will help with setting up the configuration.

Project details

Anti-DDOS is written in shell script.

Strengths and weaknesses

  • + Very low number of dependencies
  • + The source code of this software is available
  • - No releases on GitHub available

Typical usage

  • DDoS protection
  • Network traffic filtering

Anti-DDOS review

60

Assimilator

Introduction

A tool like Assimilator can be of great help to 'normalize' all firewall rules into one place. Especially when a company uses different firewalls, each with their own syntax and specifics. Assimilator will then simplify the way firewall rules are created and managed.

Project details

Assimilator is written in Python.

Strengths and weaknesses

  • + The source code of this software is available

    Typical usage

    • Network traffic filtering

    Assimilator review

    81

    Douane

    Introduction

    Douane is an application firewall that blocks unknown or unwanted traffic. It provides a more fine-grained filtering as it looks at the combination of application and used network ports. This is useful when allowing common browse traffic on port 80 and 443. Instead of all applications being able to use this port, only the ones that are granted access will be able to do so. When a new connection is not trusted yet, Douane will ask to allow or deny the traffic stream.

    Project details

    Douane is written in C, C++, GTK+.

    Strengths and weaknesses

    • + The source code of this software is available

      Typical usage

      • Network traffic filtering

      Douane review

      67

      iptables

      Introduction

      The iptables tool is the userspace command line program part of the netfilter project. Since Linux 2.4 it is the standard packet filtering engine. Among standard traffic filtering, it can be used for Network Address Translation (NAT).

      Project details

      iptables is written in C.

      Strengths and weaknesses

      • + The source code of this software is available
      • + Well-known tool

        Typical usage

        • Network traffic filtering

        iptables review

        Some relevant tool missing as an alternative to pyknock? Please contact us with your suggestion.