pasmal (packet auth. sniffer - mal) / News: Recent posts

pasmal2.0 - informations on this rel.

pasmal 1.9 <= were having a little bug into the non encrypted port knocking engine that could have been a security issue, this bug is corrected in 2.0.

Also pasmal 2.0 is now having in its intrusion detection engine predefined macros to drop/log with iptables attackers, to store important files during an attack (, passwd, modules lists), also to log network connections, processes information/tree/memory details, and many others!)... read more

Posted by Meehan James 2005-06-02

pasmal 1.7 - port knocking and intrusion detection engine

pasmal 1.7 is a TCP/IP packet authentication system.

The trend is port knocking, pasmal 1.7 is a port knocking daemon :

When it receives a sequence of ICMP or TCP packets to any port (open/closed), it will issue a command on the server. It uses a "smokescreen frame" that features encrypted authentication packets for avoiding sniffers, as well as a TCP/UDP key for remotely activating the system. ... read more

Posted by Meehan James 2004-12-26

pasmal 1.2 - the knocking/auth daemon, has a webmin now!

pasmal 1.2b has been released on the 20 May 2004, and has added for people asking it a webmin (based on php) to help you configuring your knocking sequences and pasmal itself. As well with the configuration options, pasmal webmin 0.2-1.2 has a packet analysis and a process check (checking integrity of pasmal) features!

Screenshots and online demo can be found on pasmal homepage (

Posted by Meehan James 2004-05-21

pasmal - authentification new security feature

pasmal - packet authentification sniffer(sequence) has now a smokescreen frame feature, that hides the authentification sequence into a one-time alive frame, to make sniffers less useable against pasmal. Optionally, pasmal can still be used normally.

Posted by Meehan James 2004-05-04

pasmal 0.8 new features - packet authentification sniffer

pasmal is a TCP/IP packet authentication system.
When it receives a sequence of ICMP or TCP packets to any port (open/closed),
it will issue a command on the server.

pasmal 0.8 is out , including now man pages for all its binaries :
pasmal(1), pasmal.client(1), pasmal.log(1), pasmal.check(1), pasmal.config(1)
Also, pasmal.conf has been updated with 3 working authentification/execution scripts
such as a script to run sshd on tcp/udp/icmp demand.
A few bugfixes has been done on pasmal0.8, mainly on the server ip address autodetection.
Also now we have our website, where you can find updated and
working authentification/execution scripts for pasmal.

Posted by Meehan James 2004-03-17

packet auth sniffer (mal) rel 0.6

pasmal is a packet authentification sniffer (mal), which is designed for sysadmins that wants from basic ip packets make an action on their server. Now pasmal is supporting tcp,udp and icmp, and has its linux client included : pasmal.client

Posted by Meehan James 2004-02-21