Query result

Key	Value
FileName	./usr/sbin/knockd
FileSize	44104
MD5	9AC61D409EB3E7E9F35D35724FF30C52
SHA-1	1211ED86E8FC3F54AE9EFE211E18D37B7D6E1BA6
SHA-256	0548951CA2B091D66010EA2E0303016AC30ADBAEE37DA4288354A157C33AF13D
SSDEEP	384:fmUDVSlrfzDSh5KVwFh40+wg3frv+5+odmXP7kpk4nbt9QwZtJ+3Qe/M3FBS2i2M:a1Da5KuFD+wg3fd/7kpku9QwZtJjX
TLSH	T1C013090BB7E348FDC095C37086ABAA696E3074547722672F36947B742E02F69471E933
hashlookup:parent-total	1
hashlookup:trust	55

Network graph view

The searched file hash is included in 1 parent files which include package known and seen by metalookup. A sample is included below:

Key	Value
MD5	6FD76ECD76538D19B1C5B43612FF0C7C
PackageArch	x86_64
PackageDescription	It listens to all traffic on an ethernet (or PPP) interface, looking for special "knock" sequences of port-hits. A client (package knock) makes these port-hits by sending a TCP (or UDP) packet to a port on the server. This port need not be open -- since knockd listens at the link-layer level, it sees all traffic even if it's destined for a closed port. When the server detects a specific sequence of port-hits, it runs a command defined in its configuration file. This can be used to open up holes in a firewall for quick access.
PackageMaintainer	https://bugs.opensuse.org
PackageName	knockd
PackageRelease	lp152.3.5
PackageVersion	0.7
SHA-1	4BFB59181E43AD0C3067C973638148A4CB583385
SHA-256	1AE0F94CB20A1C1BE88DE5FB3DC8E9FD1F296DEFA052269203AF8AD934C69CCD