Cops is a set of programs to check how secure your system is. It
checks file and directory privileges, SUID programs, etc. It has
support for checking passwords, but this port doesn't include it
as it is DES based. This port installs cops in a single directory
area. The directory has no non-user privileges and cops is meant
to be run locally to that directory. The perl version of cops is
also included in a subdirectory.
Native Haskell TLS and SSL protocol implementation for server and
client. This provides a high-level implementation of a sensitive
security protocol, eliminating a common set of security issues through
the use of the advanced type system, high level constructions and common
Haskell features. Currently implement the SSL3.0, TLS1.0, TLS1.1 and
TLS1.2 protocol, and support RSA and Ephemeral (Elliptic curve and
regular) Diffie Hellman key exchanges, and many extensions.
ipfmeta is used to simplify the maintenance of your IPfilter ruleset.
It does this through the use of 'objects'. A matching object gets
replaced by its values at runtime. This is similar to what a macro
processor like m4 does.
ipfmeta is specifically geared towards IPfilter. It is line oriented:
if an object has multiple values, the line with the object is
duplicated and substituted for each value. It is also recursive: an
object may have another object as a value.
k5start is a modified version of kinit that can use keytabs to authenticate,
can run as a daemon and wake up periodically to refresh a ticket, and can run
single commands with their own authentication credentials and refresh those
credentials until the command exits.
It is commonly used to maintain Kerberos tickets for services that need to
authenticate to minimize the amount of Kerberos-related logic that must be
in the service itself.
Authen::Captcha provides an object oriented interface to captcha file
creations. Captcha stands for Compl etely Automated Public Turning test
to tell Computers and Humans Apart. A Captcha is a program that can
generate and grade tests that:
- most humans can pass
- current computer programs can't pass
The most common form is an image file containing distorted text, which
humans are adept at reading, and co mputers (generally) do a poor job.
This module currently implements that method.
autossh 程序,启动一个 ssh 副本并监视它,必要的时候重启它,比如它死了
或者停止通信了。
最初的想法和机制来自 rstunnel(可靠的 SSH 隧道)。这个版本的方法有所
改变:autossh 使用 ssh 来构建 ssh 转发环路(一个从本地到远程,一个从
远程到本地),然后发送测试数据并期待其返回。(这个想法得感谢泰伦斯·马丁。)
Chaosreader is a perl script that parses snoop or tcpdump logs
and extracts sessions for a number of different appplications:
ssh, telnet, smtp, irc, ftp, etc. The data are formatted into
an html file and can be used to replay some sessions.
Sshkeydata is a perl script that attempts to recreate ssh
sessions extracted by chaosreader by estimating what commands
may have been typed.
Both scripts are installed in ${PREFIX}/bin
From the aescrypt README.html:
This is a program for encrypting/decrypting streams of data using
Rijndael and Cipher Block Feedback mode (CFB-128).
...
5. This program was deliberately kept extremely simple. It is not
intended to be a full encryption solution, it is intended to be
used within scripts as part of a complete solution. Keychain
management, public key signatures, etc. are all expected to be
done external to this program.
Digest::SHA::PurePerl is a complete implementation of the NIST
Secure Hash Standard. It gives Perl programmers a convenient way
to calculate SHA-1, SHA-224, SHA-256, SHA-384, and SHA-512 message
digests. The module can handle all types of input, including
partial-byte data.
Digest::SHA::PurePerl is written entirely in Perl. If your platform
has a C compiler, you should install the functionally-equivalent
(but much faster) Digest::SHA module.
The Digest::MD5 module allows you to use the RSA Data Security Inc.
MD5 Message Digest algorithm from within Perl programs. The algorithm
takes as input a message of arbitrary length and produces as output
a 128-bit "fingerprint" or "message digest" of the input.
The Digest::MD5 module provide a procedural interface for simple
use, as well as an object oriented interface that can handle messages
of arbitrary length and which can read files directly.
Further documentation is embedded in the individual modules.