SAS – the “Simple Authentication Server”

SAS from netEstate is a variant of Portknocking and enables you to make an Internet service accessible to a closed user group for a fraction of the cost of a VPN.

It is suitable if targeted attacks on the service are not expected – making a VPN unwarranted. Usually, such services are connected to the Internet unprotected – making them a target for hackers not interested in specific servers.

With SAS, the service is blocked by a packet filter by default. SAS is a maximally simple implementation of a Web server asking a password from the user. If a correct password is supplied, the services associated with the password will temporarily be made accessible for the IP address of the user. The code used to enable the service can be bookmarked for efficient work.

The Web server consists of a few lines of code filtering malicious inputs and forwarding the supplied password to an external script. Due to the lightweight nature, the Web server can easily be checked for bugs and presents no security problem.

We have put the server under a free open source licence. You can download it here and use it immediately.