Authentication system developed at MIT, successor to Kerberos IV
Kerberos V5 is an authentication system developed at MIT. Abridged from the User Guide: Under Kerberos, a client sends a request for a ticket to the Key Distribution Center (KDC). The KDC creates a ticket-granting ticket (TGT) for the client, encrypts it using the client's password as the key, and sends the encrypted TGT back to the client. The client then attempts to decrypt the TGT, using its password. If the client successfully decrypts the TGT, it keeps the decrypted TGT, which indicates proof of the client's identity. The TGT permits the client to obtain additional tickets, which give permission for specific services. Since Kerberos negotiates authenticated, and optionally encrypted, communications between two points anywhere on the internet, it provides a layer of security that is not dependent on which side of a firewall either client is on. The Kerberos V5 package is designed to be easy to use. Most of the commands are nearly identical to UNIX network programs you are already used to. Kerberos V5 is a single-sign-on system, which means that you have to type your password only once per session, and Kerberos does the authenticating and encrypting transparently. Jacques Vidrine <n@nectar.com>
Authentication system developed at MIT, successor to Kerberos IV
Kerberos V5 is an authentication system developed at MIT. This package/port contains the applications which used to be in the MIT Kerberos distribution. Abridged from the User Guide: Under Kerberos, a client sends a request for a ticket to the Key Distribution Center (KDC). The KDC creates a ticket-granting ticket (TGT) for the client, encrypts it using the client's password as the key, and sends the encrypted TGT back to the client. The client then attempts to decrypt the TGT, using its password. If the client successfully decrypts the TGT, it keeps the decrypted TGT, which indicates proof of the client's identity. The TGT permits the client to obtain additional tickets, which give permission for specific services. Since Kerberos negotiates authenticated, and optionally encrypted, communications between two points anywhere on the internet, it provides a layer of security that is not dependent on which side of a firewall either client is on. The Kerberos V5 package is designed to be easy to use. Most of the commands are nearly identical to UNIX network programs you are already used to. Kerberos V5 is a single-sign-on system, which means that you have to type your password only once per session, and Kerberos does the authenticating and encrypting transparently. Jacques Vidrine <n@nectar.com>
RSA public-key cryptosystem
Crypt::RSA is a pure-perl, cleanroom implementation of the RSA public-key cryptosystem. It uses Math::Pari(3), a perl interface to the blazingly fast PARI library, for big integer arithmetic and number theoretic computations. Crypt::RSA provides arbitrary size key-pair generation, plaintext-aware encryption (OAEP) and digital signatures with appendix (PSS). For compatibility with SSLv3, RSAREF2, PGP and other applications that follow the PKCS #1 v1.5 standard, it also provides PKCS #1 v1.5 encryption and signatures. Crypt::RSA is structured as bundle of modules that encapsulate different parts of the RSA cryptosystem. The RSA algorithm is implemented in Crypt::RSA::Primitives(3). Encryption schemes, located under Crypt::RSA::ES, and signature schemes, located under Crypt::RSA::SS, use the RSA algorithm to build encryption/signature schemes that employ secure padding. (See the note on Security of Padding Schemes.) The key generation engine and other functions that work on both components of the key-pair are encapsulated in Crypt::RSA::Key(3). Crypt::RSA::Key::Public(3) & Crypt::RSA::Key::Private(3) provide mechanisms for storage & retrival of keys from disk, decoding & encoding of keys in certain formats, and secure representation of keys in memory. Finally, the Crypt::RSA module provides a convenient, DWIM wrapper around the rest of the modules in the bundle.
Authentication system developed at MIT, successor to Kerberos IV
Kerberos V5 is an authentication system developed at MIT. Abridged from the User Guide: Under Kerberos, a client sends a request for a ticket to the Key Distribution Center (KDC). The KDC creates a ticket-granting ticket (TGT) for the client, encrypts it using the client's password as the key, and sends the encrypted TGT back to the client. The client then attempts to decrypt the TGT, using its password. If the client successfully decrypts the TGT, it keeps the decrypted TGT, which indicates proof of the client's identity. The TGT permits the client to obtain additional tickets, which give permission for specific services. Since Kerberos negotiates authenticated, and optionally encrypted, communications between two points anywhere on the internet, it provides a layer of security that is not dependent on which side of a firewall either client is on. The Kerberos V5 package is designed to be easy to use. Most of the commands are nearly identical to UNIX network programs you are already used to. Kerberos V5 is a single-sign-on system, which means that you have to type your password only once per session, and Kerberos does the authenticating and encrypting transparently. Jacques Vidrine <n@nectar.com>
Authentication system developed at MIT, successor to Kerberos IV
Kerberos V5 is an authentication system developed at MIT. Abridged from the User Guide: Under Kerberos, a client sends a request for a ticket to the Key Distribution Center (KDC). The KDC creates a ticket-granting ticket (TGT) for the client, encrypts it using the client's password as the key, and sends the encrypted TGT back to the client. The client then attempts to decrypt the TGT, using its password. If the client successfully decrypts the TGT, it keeps the decrypted TGT, which indicates proof of the client's identity. The TGT permits the client to obtain additional tickets, which give permission for specific services. Since Kerberos negotiates authenticated, and optionally encrypted, communications between two points anywhere on the internet, it provides a layer of security that is not dependent on which side of a firewall either client is on. The Kerberos V5 package is designed to be easy to use. Most of the commands are nearly identical to UNIX network programs you are already used to. Kerberos V5 is a single-sign-on system, which means that you have to type your password only once per session, and Kerberos does the authenticating and encrypting transparently. Jacques Vidrine <n@nectar.com>
Tools to analyze security characteristics of MS OLE2 files
Python tools to analyze security characteristics of MS OLE2 files (also called Structured Storage, Compound File Binary Format or Compound Document File Format), such as Microsoft Office documents, for Malware Analysis and Incident Response.
Tool for finding common security issues in Python code
Bandit is a tool for finding common security issues in Python code. To do this Bandit processes each file, builds an AST from it, and runs appropriate plugins against the AST nodes. Once Bandit has finished scanning all the files it generates a report.
Tool for statically checking sourcecode for security vulnerabilities
Splint is a tool for statically checking C programs for security vulnerabilities and coding mistakes. With minimal effort, Splint can be used as a better lint. If additional effort is invested adding annotations to programs, Splint can perform stronger checking than can be done by any standard lint.
This plugin will automatically turn on SSL security during login
This is a simple plugin to automatically turn on SSL security during login if it hasn't already been requested by the referring hyperlink or bookmark. Primarily this utility is intended to prevent plain text passwords and email contents being transmitted over the internet after people manually enter their server URL without including https://...
Multi-System Archiver with open keys PGP-based security
The hpack Multi-System Archiver is an archiver that was written to allow the transfer of archived data to differ- ent systems. In the past archivers have traditionally been available for single systems only, for example PKZIP and LHARC for the IBM PC, Larc for the Amiga, StuffIt and Compactor for the Macintosh, and tar and compress for UNIX systems (while these archivers are available on other systems, their use is not widespread). Open-keys security included.