are used for a website. It can detect content management systems
(CMS), blogging platforms, stats/analytics packages, javascript
libraries, servers, etc..
WWW: http://www.morningstarsecurity.com/research/whatweb
Approved by: itetcu (mentor)
developers the flexibility to implement OTR encryption for
their python-based Instant Messaging clients.
WWW: http://python-otr.pentabarf.de/
Submitted by: Frank Steinborn <steinex at nognu.de>
security testing tool. It features a single-threaded multiplexing
HTTP stack, heuristic detection of obscure Web frameworks, and
advanced, differential security checks capable of detecting blind
injection vulnerabilities, stored XSS, and so forth.
PR: ports/144942
Submitted by: Ryan Steinmetz <rpsfa@rit.edu>
Approved by: itetcu (mentor)
WWW: http://code.google.com/p/skipfish/
and update the third-party ClamAV signature databases provided by
Sanesecurity, SecuriteInfo, MalwarePatrol, OITC, INetMsg and ScamNailer.
PR: ports/144509
Submitted by: Marko Njezic <sf at maxempire.com>
NOTE that the port is more of a development snapshot than it used to be,
so it should be used SOLELY for testing and development, NOT IN PRODUCTION.
PR: ports/144115
Approved by: mandree@ (previous maintainer)
Approved by: garga@ (mentor)
Feature safe: yes
nmap interface for Users, in order to management all options of this powerful
security net scanner!
WWW: http://www.nmapsi4.org
PR: ports/142118
Submitted by: Gvozdikov Veniamin <g.veniamin at googlemail.com>
2010-01-08 x11-fm/velocity: has been broken for 7 months
2010-01-08 x11-drivers/xf86-video-nsc: has been broken for 5 months
2010-01-08 www/rubygem-merb: has been broken for 5 months
2010-01-08 security/shibboleth-sp: has been broken for 3 months
limits, as a random UID, and with limited access to the X server
WWW: http://code.google.com/p/isolate/
PR: ports/142350
Submitted by: Steve Wills <steve@mouf.net>
file. This is a simple automation of the things normally done by
the user when having an "offending key" in his/her known_hosts file
caused by a changing host key of the destination.
WWW: http://unssh.sourceforge.net/
PR: ports/137254
Submitted by: Dax Labrador <semprix at bsdmail.org>
functions, according to NIST FIPS 180-2 (with the SHA-224 addendum), as
well as the SHA-based HMAC routines. The functions have been tested
against most of the NIST and RFC test vectors for the various functions.
While some attention has been paid to performance, these do not
presently reach the speed of well-tuned libraries, like OpenSSL.
WWW: http://hackage.haskell.org/package/SHA
Update security/openvpn20 to 2.0.9, revising pkg-message.
Move security/openvpn-devel to security/openvpn and
update security/openvpn to 2.1.1.
Remove security/openvpn-devel, adding a MOVED entry.
Update security/Makefile to remove openvpn-devel and add openvpn20 to
SUBDIRS.
Add a UPDATING entry for this shuffle. Currently without upgrade
instructions since neither portupgrade nor portmaster are up to the
task (because of the CONFLICTS).
Approved by: garga@ (mentor)
through a PKCS #11 interface. You can use it to explore PKCS #11
without having a Hardware Security Module. It is being developed
as a part of the OpenDNSSEC project. SoftHSM uses Botan for its
cryptographic operations.
WWW: http://www.opendnssec.org/
PR: ports/141932
Submitted by: Jaap Akkerhuis <jaap at NLnetLabs.nl
security/freebsd-update||2009-12-24|Incorporated into base system long ago
sysutils/est||2009-12-24|Incorporated into base system long ago
sysutils/estctrl||2009-12-24|Incorporated into base system long ago
sysutils/freebsd-sha1||2009-12-24|Incorporated into base system long ago
sysutils/freebsd-sha256||2009-12-24|Incorporated into base system long ago
written in C. PolarSSL is written with embedded systems in mind and has
been ported on a number of architectures, including ARM, PowerPC, MIPS
and Motorola 68000.
Features include:
* Small memory footprint
* Clean and simple API for integration
* Loose coupling of cryptographic code.
* Symmetric encryption algorithms: AES, Triple-DES, DES, ARC4, Camellia, XTEA
* Hash algorithms: MD2, MD4, MD5, SHA-1, SHA-224, SHA-256, SHA-384, SHA-512
* HAVEGE random number generator
* RSA with PKCS#1 v1.5 padding
* SSL version 3 and TLS version 1 client support
* X.509 certificate and CRL reading from memory or disk in PEM and DER formats
* Over 900 regression and code coverage tests
* Example applications
LICENSE: GPL2
WWW: http://polarssl.org/
functionality into their applications and devices.
Features
SSL version 3 and TLS versions 1, 1.1 and 1.2 (client and server)
Minimum size of 60-100kb, depending on build options
Runtime memory usage between 5-50kb
DTLS support (client and server)
OpenSSL compatibility layer
zlib compression support
integration in MySQL, stunnel, Lighttpd availible.
MD2, MD4, MD5, SHA-1, RIPEMD, HMAC, DES, 3DES, AES, ARC4, TWOFISH, BLOWFISH,
RSA, DSS, DH, and PKCS#5 PBKDF2
ia32 assembly for AES, 3DES, BLOWFISH, TWOFISH, ARC4, MD5, SHA, and RIPEMD
SSE2 instructions for Large Integers
Simple API
Interchangeable crypto and certificate libraries
PEM and DER certificate support
Very fast
LICENSE: GPL2 with FOSS extension
WWW: http://www.yassl.com/
to use nettle 2.0, and there is no longer any reason to keep
separate ports for nettle versions 1.x and 2.x.
PR: 139482 139484
Submitted by: Charlie Kester <corky1951@comcast.net> (maintainer)
PAM is a system of libraries that handle the authentication tasks of
applications and services. The library provides a stable API for
applications to defer to for authentication tasks.
WWW: http://pecl.php.net/package/PAM/
release can be found at http://library.gnome.org/misc/release-notes/2.28/ .
Officially, this is mostly a polishing release in preparation for GNOME 3.0
due in about a year.
On the FreeBSD front, though, a lot went into this release. Major thanks
goes to kwm and avl who did a lot of the porting work for this release.
In particular, kwm brought in Evolution MAPI support for better Microsoft
Exchange integration. Avl made sure that the new gobject introspection
repository ports were nicely compartmentalized so that large dependencies
aren't brought in wholesale.
But, every GNOME team member (ahze, avl, bland, kwm, mezz, and myself)
contributed to this release.
Other major improvements include an updated HAL with better volume
probing code, ufsid integration, and support for volume names containing
spaces (big thanks to J.R. Oldroyd); a new WebKit; updated AbiWord;
an updated Gimp; and a preview of the new GNOME Shell project (thanks to
Pawel Worach).
The FreeBSD GNOME Team would like to that the following additional
contributors to this release whose patches and testing really helped
make it a success:
Andrius Morkunas
Dominique Goncalves
Eric L. Chen
J.R. Oldroyd
Joseph S. Atkinson
Li
Pawel Worach
Romain Tartière
Thomas Vogt
Yasuda Keisuke
Rui Paulo
Martin Wilke
(and an extra shout out to miwi and pav for pointyhat runs)
We would like to send this release out to Alexander Loginov (avl) in
hopes that he feels better soon.
PR: 136676
136967
138872 (obsolete with new epiphany-webkit)
139160
134737
139941
140097
140838
140929
servers suitable for non-standard scenarios where authentication
needs to consider multiple factors. The RADIUS responses may be
created by arbitrarily complex rules that process the request packet
as well as any external data accessible to Perl.
WWW: http://search.cpan.org/dist/Net-Radius-Server/
PR: ports/138164
Submitted by: Gea-Suan Lin <gslin@gslin.org>
Feature safe: yes
processing and on-forwarding to a variety of output plugins. Unfortunately
it has not seen an updated in over 4 years and is not going to be maintained
by the original developers. With the new version of the unified format
(ie. unified2) arriving we need something to bridge this gap.
The SXL team love barnyard. So much so that we want it to stay and have been
tinkering around with the code to give it a breath of new life. Here is what
we have achieved to far for this reinvigorated code base:
* Parsing of the new unified2 log files.
* Maintaining majority of the command syntax of barnyard.
* Addressed all associated bug reports and feature requests arising since
barnyard-0.2.0.
* Completely rewritten code based on the GPLv2 Snort making it entirely
GPLv2.
This is an effort to fuse the awesome work of Snort and the original concept
of barnyard giving it a fresh update along the way. We've come a long way so
far and have a very stable build that we've integrated into our NSMnow
framework. If you have any feature requests, bugs or gripes then send them
our way.
WWW: http://www.securixlive.com/barnyard2/
PR: 138326
Submitted by: Paul Schmehl <pauls@utdallas.edu>
service from Python. It can be used in any application that needs safe password
storage. It supports OSX, KDE, Gnome and Windows's native password storing
services. Besides this, it is shipped with kinds of Python implemented keyring
for the left environments.
WWW: http://pypi.python.org/pypi/keyring
PR: ports/138513
Submitted by: Douglas Thrift
quarantine. Users can view their own quarantine, release/delete messages
or request the release of messages. MailZu is written in PHP and requires
Amavisd-new version greater than 2.3.0.
WWW: http://sourceforge.net/projects/mailzu/
PR: ports/137197
Submitted by: Sahil Tandon <sahil at tandon.net>
security/trans-proxy-tor: trans-proxy-tor is rendered obsolete by Tor\'s TransPort option (currently only available in tor-devel)
Approved by: maintainer
System (CAS). Only a basic Perl library is provided with CAS whereas
AuthCAS is a full object-oriented library.
WWW: http://cpan.uwinnipeg.ca/dist/AuthCAS
PR: ports/136956
Submitted by: Frank Wall <fw at moov.de>
version delegates to LuaSocket the TCP connection establishment between the
client and server. Then LuaSec uses this connection to start a secure TLS/SSL
session.
WWW: http://www.inf.puc-rio.br/~brunoos/luasec/
PR: ports/136266
Submitted by: Andrew Lewis <dru at silenceisdefeat.net>
