Razorback is a framework for an intelligence driven security solution.
It consists of a Dispatcher at the core of the system, surrounded by
Nuggets of varying types.
The Yara nugget allows modified Yara rules to dictate which flags are
set when they alert.
Shishi is a free implementation of the Kerberos 5 network security system.
The goals of this project are:
* Full standards compliance.
* Thread safe library.
* Internationalization, both for client messages but also for non-ASCII
username and passwords.
* Integrate with existing password management systems (/etc/passwd, PAM,
SASL).
* Clean room implementation with clear copyright and license.
SoftHSM is an implementation of a cryptographic store accessible
through a PKCS #11 interface. You can use it to explore PKCS #11
without having a Hardware Security Module. It is being developed
as a part of the OpenDNSSEC project. SoftHSM Version 2 is using
openssl for its cryptographic operations.
Razorback is a framework for an intelligence driven security solution.
It consists of a Dispatcher at the core of the system, surrounded by
Nuggets of varying types.
The scripting nugget uses XML across named pipes to pass registration,
alerting and logging information back to the system. This allows the
use of any scripting (or even compiled) language that can pass XML out
STDOUT with Razorback.
Razorback is a framework for an intelligence driven security solution.
It consists of a Dispatcher at the core of the system, surrounded by
Nuggets of varying types.
SWF Nugget is a Razorback Detection Nugget that scans Flash files
collected by Razorback Collector Nuggets. SWF Nugget decompresses
(as necessary) and parses Flash files to detect attacks exploiting
known vulnerabilities.
The scan results are sent back to Razorback Dispatcher to correlate
with other Razorback Nuggets.
BFBTester will perform checks of single and multiple argument command
line overflows and environment variable overflows. BFBTester will also
watch for tempfile creation activity to alert the user of any programs
using unsafe tempfile names.
Tripwire is a tool that aids system administrators and
users in monitoring a designated set of files for any changes.
Used with system files on a regular (e.g., daily) basis, Tripwire
can notify system administrators of corrupted or tampered files,
so damage control measures can be taken in a timely manner.
If "TRIPWIRE_FLOPPY" is set to "YES" in the environment or on the
"make" command line, this port will write the tripwire database to
a floppy disk, which should then be write-protected and used as a
reference for future runs. The diskette should be formatted and
present in the "A" drive before starting the "make install" step.
Joe Greco <jgreco@ns.sol.net>
Tripwire is a tool that aids system administrators and
users in monitoring a designated set of files for any changes.
Used with system files on a regular (e.g., daily) basis, Tripwire
can notify system administrators of corrupted or tampered files,
so damage control measures can be taken in a timely manner.
If "TRIPWIRE_FLOPPY" is set to "YES" in the environment or on the
"make" command line, this port will write the tripwire database to
a floppy disk, which should then be write-protected and used as a
reference for future runs. The diskette should be formatted and
present in the "A" drive before starting the "make install" step.
Joe Greco <jgreco@ns.sol.net>
Tripwire is a tool that aids system administrators and
users in monitoring a designated set of files for any changes.
Used with system files on a regular (e.g., daily) basis, Tripwire
can notify system administrators of corrupted or tampered files,
so damage control measures can be taken in a timely manner.
OpenBSM is an open source implementation of Sun's Basic Security Module (BSM)
Audit API and file format. BSM, the de facto industry standard for Audit,
describes a set of system call and library interfaces for managing audit
records, as well as a token stream file format that permits extensible and
generalized audit trail processing. OpenBSM extends the BSM API and file
format in a number of ways to support features present in the Mac OS X and
FreeBSD operating systems, such as Mach task interfaces, sendfile(), and
Linux system calls present in the FreeBSD Linux emulation layer.