The kopkop daemon listens for encrypted, signed,
and fully random-looking command packets. Only the
fields essential for the packets' travel trough
the Internet are filled with "sane" data. Upon
reception and after a preset timeout, the daemon
executes user-defined commands. This can be used
to open firewalls, so you can reduce your system's
attack surface by hiding certain services until
you need to use them. The kopkop client creates
and sends the encrypted packets, and is included.
The communication is strictly unidirectional and
quite minimal between the client and the server.
Replay attacks are forestalled by storing and
comparing monotonically increasing packet IDs on
both sides.
