LockSmith

Busy with running from location to location? Always traveling, never knowing what your IP address will be? Can’t gain access to your company servers because of TCP wrappers or firewalls? LockSmith was designed to eliminate these problems while still maintaining a solid security architecture.

Theory of Operation
LockSmith works on the same principal as a safe. Align the tumblers, by turning the dial to the correct numerals and the safe opens. In LockSmith’s case, telnet to certain ports in the right order and LockSmith adds your IP to the hosts.allow.  Hit the ports in the wrong order, the LockSmith adds a line to the hosts.allow denying your IP.
Of course with any lock, it can be broken. NETWORKTAP, INC has taken many precautions to make the product secure.
 

• LockSmith can be configured to use any number of tumblers. The more tumblers (ports) used, the tougher it becomes to crack. 

• LockSmith also can notify you of its actions. For example, if the tumblers are reset, aligned, or misaligned, LockSmith will send a message to any email account or pager.

• Upon failing, LockSmith adds the failed IP to the hosts.allow, not hosts.deny.  Since TCP wrappers read the hosts.allow and THEN the hosts.deny, it is possible for a hacker to keep trying until he gets the correct ports and order.

• Since the TCP wrappers also read from the top of the files down, it adds its statements at the end of the hosts.allow file. This has two benefits. First, if the hacker is denied, he has no chance of ever getting in from that IP. Since the deny statement is above the allow (if they finally guess correctly) the preceding line (the deny) takes precedence. Second, it could be possible for a hacker to spoof incoming connections in an attempt to deny admin addresses from gaining access. Since LockSmith appends to the end of the file, the preceding entries take precedence, preventing a DoS.

LockSmith is written in Perl, so it is easy to adapt to for any number of tasks. For example, it could be modified in minutes to perform tasks suck as server shutdowns or ip chains modifications.