EtherPEG was a program that sniffed for JPEGs passing by on the AirPort
networks at MacHack, and showed them on the huge screen to shame people
into a) turning the 802.11 encryption on, or b) reducing amount of pr0n
they download at weirdo Mac conventions. DRIFTNET can do the same for
*your* office, and make an attractive desktop accessory to boot. The
program promiscuously sniffs and decodes any JPEG downloaded by anyone
on your LAN, displaying it in an attractive, ever changing mosaic of
fluffy kittens, oversized navigation buttons, and blurred images of Big
Brother Elizabeth fiddling. It's UNIX only. Your sysadmin is undoubtedly
running it already. So stop that. Now.
Cryptcat is the standard netcat enhanced with twofish encryption.
Twofish is courtesy of counterpane, and cryptix. We started with the
Java version of twofish from cryptix, converted it to C++ (don't ask why),
and enhanced it by adding CBC mode and the ciphertext stealing technique
from Applied Cryptography (pg. 196)
How do you use it?
Machine A: cryptcat -l -p 1234 < testfile
Machine B: cryptcat <machine A IP> 1234
This is identical to the normal netcat options for doing exactly the
same thing. However, in this case the data transferred is encrypted.
For more information about netcat see net/netcat port.
This is a utility which locks a terminal so it can only be unlocked with the
user's password (or the root password). It uses PAM authentication by default.
File::Flat implements a flat filesystem. A flat filesystem is a
filesystem in which directories do not exist. It provides an
abstraction over any normal filesystem which makes it appear as if
directories do not exist. In effect, it will automatically create
directories as needed. This is create for things like install scripts
and such, as you never need to worry about the existence of directories,
just write to a file, no matter where it is.
Sloth allows you to slow down a specified application by specifying (in
miliseconds) the delay on the process. It slows down the process by sending
SIGSTOP & SIGCONT signals to the process over a very fast period of time,
giving the appearance of a slower application.
In order for Catalyst::Plugin::Session to work the session ID needs to
be stored on the client, and the session data needs to be stored on the
server.
This plugin stores the session ID on the client using the cookie
mechanism.
mod_dosevasive is an evasive maneuvers module for Apache to provide evasive
action in the event of an HTTP DoS or DDoS attack or brute force attack.
It is also designed to be a detection and network management tool, and can be
easily configured to talk to ipchains, firewalls, routers, and etcetera.
mod_dosevasive presently reports abuses via email and syslog facilities.
Detection is performed by creating an internal dynamic hash table of IP
Addresses and URIs, and denying any single IP address from any of the
following:
* Requesting the same page more than a few times per second
* Making more than 50 concurrent requests on the same child per second
* Making any requests while temporarily blacklisted (on a blocking list)
This method has worked well in both single-server script attacks as well as
distributed attacks, but just like other evasive tools, is only as useful to
the point of bandwidth and processor consumption (e.g. the amount of bandwidth
and processor required to receive/process/respond to invalid requests), which
is why it's a good idea to integrate this with your firewalls and routers for
maximum protection.
This module instantiates for each listener individually, and therefore has a
built-in cleanup mechanism and scaling capabilities. Because of this per-child
design, legitimate requests are never compromised (even from proxies and NAT
addresses) but only scripted attacks. Even a user repeatedly clicking on
'reload' should not be affected unless they do it maliciously. mod_dosevasive
is fully tweakable through the Apache configuration file, easy to incorporate
into your web server, and easy to use.
This module implements a trie data structure. The term "trie" comes from the
word retrieval, but is generally pronounced like "try". A trie is a tree
structure (or directed acyclic graph), the nodes of which represent letters
in a word. For example, the final lookup for the word 'bob' would look
something like $ref->{'b'}{'o'}{'b'}{'00'} (the 00 being an end marker).
Only nodes which would represent words in the trie exist, making the structure
slightly smaller than a hash of the same data set.
The advantages of the trie over other data storage methods is that lookup times
are O(1) WRT the size of the index. For sparse data sets, it is probably not as
efficient as performing a binary search on a sorted list, and for small files,
it has a lot of overhead. The main advantage (at least from my perspective) is
that it provides a relatively cheap method for finding a list of words in a
large, dense data set which begin with a certain string.
This module provides a WebDAV server. WebDAV stands for "Web-based
Distributed Authoring and Versioning". It is a set of extensions to
the HTTP protocol which allows users to collaboratively edit and
manage files on remote web servers.
Net::DAV::Server provides a WebDAV server and exports a filesystem for
you using the Filesys::Virtual suite of modules. If you simply want to
export a local filesystem, use Filesys::Virtual::Plain as above.
This module doesn't currently provide a full WebDAV implementation.
However, I am working through the WebDAV server protocol compliance
test suite (litmus, see http://www.webdav.org/neon/litmus/) and will
provide more compliance in future. The important thing is that it
supports cadaver and the Mac OS X Finder as clients.
Algorithm::Numerical::Shuffle
=============================
Shuffle is a perl module which performs a one pass, fair shuffle on a
list. If the list is passed as a reference to an array, the shuffle
is done in situ.
The running time of the algorithm is linear in the size of the list.
For an in situ shuffle, the memory overhead is constant; otherwise,
linear extra memory is used.
The algorithm used is discussed by Knuth [3]. It was first published
by Fisher and Yates [2], and later by Durstenfeld [1].