Query result

Key	Value
FileName	./usr/sbin/knockd
FileSize	47472
MD5	EBBD4C18F7C16357531E7C2401BEC8A5
SHA-1	80D5779536B2287EE819DBA85954107DBBFAC4EF
SHA-256	034B781EB7C51B827296ECDC4CFF6376C9DEBCBC86B3E1C4D9DAF59004EE6371
SSDEEP	384:xGFJ7+RwioXj+N+1Qvsj9HtBsGiexu2eo9OiyvymeaDuedaPv6uJ9/3RktFjS+iq:Xo9yvQtFxu3fImvueda6aBsliMRxhAy
TLSH	T13123078B9A30D4AAC4B07332926F4ABB9B775970BBC959183BBCF70C1D727405A25770
hashlookup:parent-total	1
hashlookup:trust	55

Network graph view

The searched file hash is included in 1 parent files which include package known and seen by metalookup. A sample is included below:

Key	Value
MD5	A647EF790E2E1CFBA0333A0481A09869
PackageArch	s390x
PackageDescription	It listens to all traffic on an ethernet (or PPP) interface, looking for special "knock" sequences of port-hits. A client (package knock) makes these port-hits by sending a TCP (or UDP) packet to a port on the server. This port need not be open -- since knockd listens at the link-layer level, it sees all traffic even if it's destined for a closed port. When the server detects a specific sequence of port-hits, it runs a command defined in its configuration file. This can be used to open up holes in a firewall for quick access.
PackageMaintainer	https://bugs.opensuse.org
PackageName	knockd
PackageRelease	bp156.3.8
PackageVersion	0.8
SHA-1	BBFA7C589B701A5282A215AFBC0EF45BFA4A6DAC
SHA-256	67D4D9B77819C6A91C5227EBE62D09C411F404729138D03C3BE0A4D84F693216