A method for secure single-packet remote authorization using a single packet authorization (SPA) server on a host system that passively monitors the network for connection attempts and anonymously accept or rejects said attempts depending on whether a valid SPA packet is detected, an SPA client on a client system that is responsible for generating the appropriately encrypted SPA packet in order to gain access to services on the host, and a particular packet format sent from the client to the host to gain access. The packet format is encrypted and non-replayable by virtue of 16 bytes of random data in every message, and an MD5 sum that is a hash function of the random data (made via any known hashing function). The SPA server stores the MD5 sum of every valid SPA packet that it monitors and flags any duplicate access attempts using the same MD5 hash as a previously monitored packet, in which case the SPA server treats the packet as being generated by a malicious attempt to replay the original packet.