Ports Search

fwlogwatch is a packet filter and firewall log analyzer General features: - Can detect and process log entries in the following formats: - Linux ipchains, Linux netfilter/iptables, Solaris/BSD/Irix/HP-UX ipfilter, BSD ipfw, Cisco IOS, Cisco PIX / FWSM, NetScreen, Windows XP firewall, Elsa Lancom router, Snort IDS - Entries can be parsed from single, multiple and combined log files, the parsers to be used can be selected. - Gzip-compressed logs are supported transparently. - Can separate recent from old entries and detects timewarps in log files. - Can recognize 'last message repeated' entries concerning the firewall. - Integrated resolver for protocols, services and host names. - Can do lookups in the whois database. - Own DNS and whois information cache for faster lookups. - Hosts, networks, ports, chains and branches (targets) can be selected or excluded as needed. - Support for internationalization (available in english, german, portuguese, simplified and traditional chinese, swedish and japanese).

ModSecurity is an embeddable web application firewall. It provides protection from a range of attacks against web applications and allows for HTTP traffic monitoring and real-time analysis with no changes to existing infrastructure. It is also an open source project that aims to make the web application firewall technology available to everyone.

Default security policy for Zope3.

AccessControl provides a general security framework for use in Zope2.

Simple Authentication and Security Layer (RFC 4422)

TESLA builds on our experiences developing the TrustedBSD MAC Framework and Capsicum: our most critical security properties are frequently safety (temporal) properties rather than static invariants. Current tools for testing temporal properties are largely static, and unable to work effectively on extremely large C-language software bases, such as multi-million lines-of-code operating system kernels and web browsers. TESLA borrows ideas from model checking, applying them in a dynamic context using compiler-assisted instrumentation to continuously validate temporal security assertions during software execution. We have implemented a prototype of TESLA based on clang/LLVM AST transforms, which is able to test both explicit automata against C implementations (such as protocol state machines in the kernel and OpenSSL) and inline assertions checking for missing access control checks in OS logic.

This is RATS, a rough auditing tool for security, developed by Secure Software Solutions. It is a tool for scanning source code (C, C++, Perl, and Python) and flagging common security related programming errors such as buffer overflows and TOCTOU (Time Of Check, Time Of Use) race conditions. As its name implies, the tool performs only a rough analysis of source code. It will not find every error and will also find things that are not errors. Manual inspection of your code is still necessary, but greatly aided with this tool.

See the description for ports/security/nessus.

Local Persistent Permissions for zope.security.

XML Security Library is the latest stable of a C library based on LibXML2 and OpenSSL. The library was created with a goal to support major XML security standards: - XML Signature - XML Encryption - Canonical XML (was included in libxml2) - Exclusive Canonical XML (was included in libxml2)