Kerberos V5 is an authentication system developed at MIT.
Abridged from the User Guide:
Under Kerberos, a client sends a request for a ticket to the
Key Distribution Center (KDC). The KDC creates a ticket-granting
ticket (TGT) for the client, encrypts it using the client's
password as the key, and sends the encrypted TGT back to the
client. The client then attempts to decrypt the TGT, using
its password. If the client successfully decrypts the TGT, it
keeps the decrypted TGT, which indicates proof of the client's
identity. The TGT permits the client to obtain additional tickets,
which give permission for specific services.
Since Kerberos negotiates authenticated, and optionally encrypted,
communications between two points anywhere on the internet, it
provides a layer of security that is not dependent on which side of a
firewall either client is on.
The Kerberos V5 package is designed to be easy to use. Most of the
commands are nearly identical to UNIX network programs you are already
used to. Kerberos V5 is a single-sign-on system, which means that you
have to type your password only once per session, and Kerberos does
the authenticating and encrypting transparently.
Jacques Vidrine <n@nectar.com>
Kerberos V5 is an authentication system developed at MIT.
Abridged from the User Guide:
Under Kerberos, a client sends a request for a ticket to the
Key Distribution Center (KDC). The KDC creates a ticket-granting
ticket (TGT) for the client, encrypts it using the client's
password as the key, and sends the encrypted TGT back to the
client. The client then attempts to decrypt the TGT, using
its password. If the client successfully decrypts the TGT, it
keeps the decrypted TGT, which indicates proof of the client's
identity. The TGT permits the client to obtain additional tickets,
which give permission for specific services.
Since Kerberos negotiates authenticated, and optionally encrypted,
communications between two points anywhere on the internet, it
provides a layer of security that is not dependent on which side of a
firewall either client is on.
The Kerberos V5 package is designed to be easy to use. Most of the
commands are nearly identical to UNIX network programs you are already
used to. Kerberos V5 is a single-sign-on system, which means that you
have to type your password only once per session, and Kerberos does
the authenticating and encrypting transparently.
Jacques Vidrine <n@nectar.com>
John the Ripper is a fast password cracker, currently available for many
flavors of Unix (eleven are officially supported, not counting different
architectures), DOS, Win32, BeOS, and OpenVMS. Its primary purpose is to
detect weak Unix passwords. Besides several crypt(3) password hash types
most commonly found on various Unix flavors, supported out of the box are
Kerberos AFS and Windows NT/2000/XP/2003 LM hashes, plus several more with
contributed patches (over 40 of additional hash and cipher types).
This is a Perl module for interfacing with GnuPG.
This is a PAM module for authenticating with MySQL.
Bruteblock allows system administrators to block various bruteforce
attacks on UNIX services. The program analyzes system logs and adds
attacker's IP address into ipfw2 table effectively blocking them.
Addresses are automatically removed from the table after specified
amount of time. Bruteblock uses regular expressions to parse logs,
which provides flexibility allowing it to be used with almost any
network service. Bruteblock is written in pure C, doesn't use any
external programs and work with ipfw2 tables via raw sockets API.
OpenConnect is a client for Cisco's AnyConnect SSL VPN. Beyond
Cisco's official client, OpenConnect supports multiple platforms,
NetworkManager integration, and the ability to run as a user.
pdfcrack is a simple tool for recovering passwords (both owner and
user ones) from pdf-documents. It should be able to handle all
pdfs that uses the standard security handler but the pdf-parsing
routines are a bit of a quick hack so you might stumble across some
pdfs where the parser needs to be fixed to handle.
libPJL- Printer Job Language library
A library and a command-line tool to use PJL- HP Printer Job Language
cryptography is a package designed to expose cryptographic recipes and
primitives to Python developers. Our goal is for it to be your "cryptographic
standard library". It supports Python 2.6-2.7, Python 3.2+, and PyPy.
cryptography includes both high level recipes, and low level interfaces to
common cryptographic algorithms such as symmetric ciphers, message digests
and key derivation functions.