Yuliang Zheng, Josef Pieprzyk, and Jennifer Seberry. The number of rounds can
be 3, 4, or 5, while the hash length can be 128, 160, 192, 224, or 256 bits.
Thus, there are a total of 15 different outputs. For better security, however,
this module implements the 5-round, 256-bit output.
WWW: http://search.cpan.org/dist/Digest-Haval256
PR: ports/90534
Submitted by: Gabor Kovesdan
This is a fake IKE daemon supporting just enough of the standards and Cisco
extensions to attack commonly found insecure Cisco PSK+XAUTH VPN setups.
If you know the pre-shared key, also known as shared secret or group password,
you can impersonate the VPN gateway in IKE phase 1, and learn XAUTH user
credentials in phase 2.
PR: 90372
Submitted by: Daniel Roethlisberger <daniel@roe.ch>
This port contains a script for generating portaudit reports
for jails running on a FreeBSD system.
Jailaudit runs in the Host-system and uses portaudit to
create reports for every jail currently running.
It can also be used to send specific report-mails to the
owner of a jail by running it as a cronjob.
/etc/crontab example:
0 4 * * * * root /usr/local/bin/jailaudit mail admin@foo.bar "foo.example.com bar.example.com"
Sends reports-mails of the jails with the hostnames
foo.example.com and bar.example.com to the mailaddr.
admin@example.com.
WWW: http://outpost.h3q.org/software/jailaudit/
PR: ports/87581
Submitted by: Philipp Wuensche <cryx-ports@h3q.com>
KlamAV - Clam Anti-Virus on the KDE Desktop
KlamAV is a KDE 3 front-end to Clam Anti-Virus. It includes
the following features:
- 'On Access' Scanning
- Manual Scanning
- Quarantine Management
- Downloading Updates
- Mail Scanning (KMail/Evolution)
PR: ports/84342
Submitted by: Anderson S. Ferreira <anderson@cnpm.embrapa.br>
special (and customizable) privileges in a nosuid environment. It is based on a
client/server model and on the ability to pass file descriptors between
processes.
PR: ports/88354
Submitted by: Vaida Bogdan <vaidab@phenix.rootshell.be>
Webfwlog is a web-based firewall log analysis and reporting
tool, and supports ipfilter and ipfw log file formats. It
is interactive and allow the user to "drill-down" from a
summary report to packet details logged. It also has great
flexibility in the format of the output and which logged
records are included. Sample report definitions are included
and are saved in a database (MySQL or PostgreSQL) and can
be modified by the user.
More info at: http://www.webfwlog.net
PR: ports/80352
Submitted by: Bob Hockney <zeus@ix.netcom.com>
The Authen::CyrusSASL module provides a simple class that allows you
to send request to the cyrus-sasl's authen daemon.
This module is based on the Authen::Radius module with the similar interface.
PR: 86943
Submitted by: Attila Nagy <bra@fsn.hu>
Approved by: pav (mentor)
system login. The primary reason for doing this is to allow users'
home-directories to be located on a SFS server.
PR: ports/86095
Submitted by: David Thiel <lx@redundancy.redundancy.org>
console window to allow commands to be interactively run on multiple
servers over an ssh connection.
PR: ports/84970
Submitted by: David Thiel <lx@redundancy.redundancy.org>
signing-party is a collection for all kinds of PGP/GnuPG related things,
including signing scripts, party preparation scripts, etc.
* caff: CA - Fire and Forget signs and mails a key
* pgp-clean: removes all non-self signatures from key
* pgp-fixkey: removes broken packets from keys
* gpg-mailkeys: simply mail out a signed key to its owner
* gpg-key2ps: generate PostScript file with fingerprint paper strips
* gpglist: show who signed which of your UIDs
* gpgsigs: annotates list of GnuPG keys with already done signatures
* keylookup: ncurses wrapper around gpg --search
WWW: http://pgp-tools.alioth.debian.org/
PR: ports/86077
Submitted by: Johan van Selst <johans@stack.nl>
is the only one which is maintained and have lots of new features.
PR: 85544
Submitted by: VANHULLEBUS Yvan <vanhu@netasq.com>
Approved by: perky (mentor)
listed in 'ethers' file. If it recieves one with MAC/IP pair, which is
not listed in 'ethers' file, it will send ARP reply with configured
fake address. This will prevent not permitted host to work properly
in this ethernet segment. Especially Windows(TM) hosts.
PR: ports/84627, ports/85671
Submitted by: SeaD <sead@mail.ru>
OpenID is a decentralized identity system, but one that's actually
decentralized and doesn't entirely crumble if one company turns evil
or goes out of business.
An OpenID identity is just a URL. You can have multiple identities in
the same way you can have multiple URLs. All OpenID does is provide a
way to prove that you own a URL (identity).
Anybody can run their own site using OpenID, and anybody can be an
OpenID server, and they all work with each other without having to
register with or pay anybody to "get started". An owner of a URL can
pick which OpenID server to use.
WWW: http://www.openid.net
PR: ports/85284
Submitted by: Alex Kapranoff <kappa@rambler-co.ru>
Data::Password checks potential passwords for crackability. It checks that the
password has the appropriate length, that it has enough character groups, that
it does not contain the same characters repeatedly, that it does not contain
ascending or descending characters, or characters close to each other on the
keyboard. It also searches for the password in the ispell word file.
WWW: http://search.cpan.org/~razinf/Data-Password/
PR: ports/84513
Submitted by: ports@c0decafe.net
devised by Eli Biham and Paul Kocher.
This program applies a known plaintext attack to an encrypted file.
A known-plaintext-attack recovers a password using the encrypted file and
(part of) the unencrypted file.
Please note that cryptographers use the word 'plaintext' for any kind of
unencrypted data - not necessarily readable ASCII text.
Before you ask why somebody may want to know the password when he already knows
the plaintext think of the following situations:
- Usually there's a large number of files in a ZIP-archive. Usually all these
files are encrypted using the same password. So if you know one of the files,
you can recover the password and decrypt the other files.
- You need to know only a part of the plaintext (at least 13 bytes). Many files
have commonly known headers, like DOS .EXE-files. Knowing a reasonably long
header you can recover the password and decrypt the entire file.
WWW: http://www.unix-ag.uni-kl.de/~conrad/krypto/pkcrack.html
PR: ports/84192
Submitted by: Emanuel Haupt <ehaupt@critical.ch>
use your favourite FTP client with any TLS/SSL-enabled FTP server.
WWW: http://tlswrap.sunsite.dk/
PR: ports/84028
Submitted by: Daniel J. O'Connor <darius@dons.net.au>
Thanks to: novel
Features:
- create SFV files, verify downloaded single files or whole releases
- add banners to your SFV files
- very flexible and compatible with all other SFV tools currently known,
including SFVNIX compatibility mode concerning SFV files created
- easy to console application
- plug & play support for glFTPd and other demons including
count-missing-files feature for race scripts
WWW: http://bsdsfv.sourceforge.net/
PR: ports/84108
Submitted by: Emanuel Haupt <ehaupt@critical.ch>
Approved by: flz (mentor)
strength. To achieve this noble aim it uses the well known cracklib toolkit,
hence the name.
PR: ports/83603
Submitted by: Vsevolod Stakhov <vsevolod@highsecure.ru>
through a database, which provides a much more flexible PKI than with OpenSSL,
such as seeking a certificate with a search engine.
CA implementation.
PR: ports/83387
Submitted by: Vsevolod Stakhov <vsevolod@highsecure.ru>
