This port contains the Shrew Soft IKE daemon and client tools. The
software supports IKE V1 communications with an emphasis on client
functionality. It was originally designed to complement a gateway
running the ipsec-tools racoon daemon. The latest version offers a
high level of compatibility with Cisco, Juniper, Zywall, Fortigate
and many other commercial IPsec VPN gateways.
For more information please visit ...
ipfcount reads ipf(8) logs and extracts the following fields:
iface group rule action shost sport dhost dport proto flags type dir
You can then print lists like 'top <n> blocked ports', 'top <n> blocked hosts',
or 'incoming connections sorted by interface and protocol'.
For more sophisticated lists, you can filter the entries using Perl expressions.
This perl script is an official DShield client who's purpose is to
read your FreeBSD ipfilter firewall ipmon log file and convert the
log records to the standard DShield reporting record format, and
imbed the converted log records into the body of an email that gets
sent to DShield for automatic addition to their database and abuse
reporting to the offenders ISP if you are an subscribed DShield member.
Script contains user customable defaults which can be overridden with
command line flags. (visit http://www.dshield.org for details).
Script is installed into /usr/local/sbin where you can edit the
defaults to meet your requirements. Issue rehash command to enable.
Joe Barbish
fbsd_user@a1poweruser.com
Fragrouter is a program for routing network traffic in such a way as
to elude most network intrusion detection systems.
The attacks implemented correspond to those listed in the Secure
Networks ``Insertion, Evasion, and Denial of Service: Eluding Network
Intrusion Detection'' paper of January, 1998.
OpenSCEP is an open source implementation of the SCEP protocol used by Cisco
routers for certificate enrollment to build VPNs. It implements most of the
draft specification.
OpenSCEP includes a client and a server implementation, as well as some CGI
programs to simplify certificate and revocation list management.
ipfwcount reads ipfw(8) logs and extracts the following fields:
rule action proto type shost sport dhost dport dir iface
You can then print lists like 'top <n> blocked ports', 'top <n> blocked hosts',
or 'incoming connections sorted by interface and protocol'.
For more sophisticated lists, you can filter the entries using Perl expressions.
Fuzz is a tool for testing other software. It does this by bombarding
the program being evaluated with random data.
ipguard listens network for ARP packets. All permitted MAC-IP pairs
listed in 'ethers' file. If it recieves one with MAC-IP pair, which is
not listed in 'ethers' file, it will send ARP reply with configured
fake address. This will prevent not permitted host to work properly in
local ethernet segment.
This is isakmpd, a BSD-licensed ISAKMP/Oakley (a.k.a. IKE)
implementation. It's written by Niklas Hallqvist and Niels Provos,
funded by Ericsson Radio Systems AB.
-- ISNprober / Tom Vandepoel (Tom.Vandepoel@ubizen.com) --
ISNprober is a tool that samples TCP Initial Sequence Numbers or IP ID's
and can use that information to determine if a set of IP addresses belong
to the same TCP/IP stack (machine) or not.