CRITs is a web-based tool which combines an analytic engine with a cyber threat
database that not only serves as a repository for attack data and malware, but
also provides analysts with a powerful platform for conducting malware
analyses, correlating malware, and for targeting data. These analyses and
correlations can also be saved and exploited within CRITs. CRITs employs a
simple but very useful hierarchy to structure cyber threat information. This
structure gives analysts the power to 'pivot' on metadata to discover
previously unknown related content.
Approved by: mat (mentor)
hitch is a network proxy that terminates TLS/SSL connections and forwards
the unencrypted traffic to some backend. It's designed to handle 10s of
thousands of connections efficiently on multicore machines.
WWW: https://github.com/varnish/hitch/
KeePass is a free open source password manager, which helps you to manage your
passwords in a secure way. You can put all your passwords in one database, which
is locked with one master key or a key file. So you only have to remember one
single master password or select the key file to unlock the whole database. The
databases are encrypted using the best and most secure encryption algorithms
currently known (AES and Twofish).
This is the official KeePass application, which was originally only available
for Windows, but has now been re-written with .Net and able to be run on BSD,
Linux and Mac OS X with Mono.
WWW: http://keepass.info/
PR: 200062
Submitted by: Ben Woods
A tool to collect DNS records passively to aid Incident handling, Network
Security Monitoring (NSM) and general digital forensics.
PassiveDNS sniffs traffic from an interface or reads a pcap-file and outputs
the DNS-server answers to a log file. PassiveDNS can cache/aggregate duplicate
DNS answers in-memory, limiting the amount of data in the logfile without
losing the essense in the DNS answer.
WWW: https://github.com/gamelinux/passivedns
PR: 198499
Submitted by: shadowbq@gmail.com
The Advanced Forensics File format 4 was originally designed and published in
"Extending the advanced forensic format to accommodate multiple data sources,
logical evidence, arbitrary information and forensic workflow" M.I. Cohen,
Simson Garfinkel and Bradley Schatz, digital investigation 6 (2009) S57-S68.
The format is an open source format used for the storage of digital evidence and
data.
WWW: http://www.aff4.org/
tests in tests/sys/opencrypto to validate parts of the OpenCrypto
subsystem...
Sponsored by: The FreeBSD Foundation
Approved by: mat (mentor)
Differential Revision: https://reviews.freebsd.org/D2064
hash sums of files. It is based on the same code as existing Perl wrapper,
`security/p5-Crypt-RHash' port.
Also, properly sort `security/Makefile' while here.
The modules in this distribution implement the Salted Challenge Response
Authentication Mechanism (SCRAM) from RFC 5802.
WWW: http://search.cpan.org/dist/Authen-SCRAM/
PBKDF2::Tiny provides an RFC 2898 compliant PBKDF2 implementation using
HMAC-SHA1 or HMAC-SHA2 in under 100 lines of code.
WWW: http://search.cpan.org/dist/PBKDF2-Tiny/
Authen::SASL::SASLprep implements the SASLprep specification, which describes
how to prepare Unicode strings representing user names and passwords for
comparison. SASLprep is a profile of the stringprep algorithm.
WWW: http://search.cpan.org/dist/Authen-SASL-SASLprep/
reop is a simple, semi-modern wannabe PGP clone.
Supported operations include signing -S and verifying -V messages, plus
a variety of options for encrypting messages (-D -E). It does everything
you'd expect a PGP program to do. More accurately, it does everything I
expect you to expect a PGP program to do.
WWW: https://github.com/tedu/reop
This library is used to gain direct access to the functions exposed by
Daniel J. Bernstein's nacl library via libsodium or tweetnacl. It has
been constructed to maintain extensive documentation on how to use nacl
as well as being tely portable. The file in libnacl/__init__.py can be
pulled out and placed directly in any project to give a single file
binding to all of nacl.
WWW: https://libnacl.readthedocs.org
k5start is a modified version of kinit that can use keytabs to authenticate,
can run as a daemon and wake up periodically to refresh a ticket, and can run
single commands with their own authentication credentials and refresh those
credentials until the command exits.
It is commonly used to maintain Kerberos tickets for services that need to
authenticate to minimize the amount of Kerberos-related logic that must be
in the service itself.
WWW: http://www.eyrie.org/~eagle/software/kstart/
2015-01-31 audio/py-eyed3-06: In audio/abcde dependency has been changed to audio/py-eyed3
2015-01-31 mail/postfix210: Use mail/postfix instead.
2015-01-31 net-im/venom: No more support from the project
2015-02-01 security/openssh-portable66: security/openssh-portable now has all patches working. This port is obsolete.
2015-01-31 www/p5-WWW-Scraper-ISBN-Driver: Merged to www/p5-WWW-Scraper-ISBN by upstream
2015-01-31 www/p5-WWW-Scraper-ISBN-Record: Merged to www/p5-WWW-Scraper-ISBN by upstream
Asignify tool is heavily inspired by signify used in OpenBSD. However, the main
goal of this project is to define high level API for signing files, validating
signatures and encrypting using public keys cryptography. Asignify is designed
to be portable and self-contained with zero external dependencies. It uses
blake2b as the hash function and ed25519 implementation from tweetnacl.
Key features:
- Zero dependencies (libc and C compiler are likely required though), so it
could be easily used in embedded systems.
- Modern cryptography primitives (ed25519, blake2 and sha512 namely).
- Ability to encrypt files with the same keys using curve25519 based cryptobox.
- Protecting secret keys by passwords using PBKDF2-BLAKE2 routine.
- Asignify can convert ssh ed25519 private keys to the native format and verify
signatures using just ssh ed25519 public keys (without intermediate
conversions).
- Asignify provides high level API for application developers for signing,
verifying, encrypting and keys generation.
- All keys, signatures and encrypted files contain version information allowing
to change cryptographical primitives in the future without loosing of
backward compatibility.
- Plugins are no longer available separately so remove security/qca-* and
replace them with options in devel/qca
- Adjust all ports that depended on security/qca-*
- This also fixes the build of the OpenSSL plugin when OpenSSL doesn't
support SSLv2
Approved by: kde (rakuco)
2015-01-01 biology/boinc-simap: Project shutting down, see http://boincsimap.org/boincsimap/forum_thread.php?id=88
2015-01-01 security/openssh-portable-base: Overwrite-base option/port/pkg will be removed. There is no real need for foot-shooting.
2015-01-01 devel/cedet: Fails to build, use Emacs' builtin cedet package instead
2015-01-01 devel/ecb: does not work with newer Emacs versions, use the elpa package instead
- Resolve mutual conflict for security/pinentry-* ports
- Add new port security/pinentry-tty for pure console version of pinentry
- Convert security/pinentry to meta-alike port that depends on pinentry-tty by
default and installs commons files (documentation). Mark it architecture
independent.
Add new ports needed by this version:
security/rubygem-metasploit-concern
security/rubygem-metasploit-credential
security/rubygem-metasploit-model
security/rubygem-meterpreter_bins
security/rubygem-recog
