SASL LDAPDB auxprop plugin
saslauthd is a daemon process that handles plaintext authentication
requests on behalf of the SASL library.
The server fulfills two roles: it isolates all code requiring
superuser privileges into a single process, and it can be used to
provide proxy authentication services to clients that do not
understand SASL based authentication.
SASL SRP authentication plugin
Libassuan is a small library implementing the so-called Assuan
protocol. This protocol is used for IPC between most newer GnuPG
components.
This little utility dumps MSRPC endpoint information from Windows
systems. Similar to the rpcdump program from Microsoft, but does not
need a DCE stack and so runs on Unixes. dcetest can be very useful
once inside a DMZ to fingerprint Windows machines on the network.
dcetest operates over TCP port 135. (Think of it as rpcinfo -p against
Windows)
"dds" is a program to scan for a limited set of distributed denial of
service (ddos) agents.
At present, it scans for active instances of "trinoo", "Tribe Flood
Network" ("TFN") and "stacheldraht" agents, which were compiled
using the default values in known source distributions, such as those
found at:
http://packetstorm.securify.com/distributed/
It will *not* detect TFN2K agents.
For analyses of the three distributed denial of service attack
tools it scans for, and the methods being used by dds to identify
them, see:
http://staff.washington.edu/dittrich/misc/trinoo.analysis
http://staff.washington.edu/dittrich/misc/tfn.analysis
http://staff.washington.edu/dittrich/misc/stacheldraht.analysis
Asignify tool is heavily inspired by signify used in OpenBSD. However, the main
goal of this project is to define high level API for signing files, validating
signatures and encrypting using public keys cryptography. Asignify is designed
to be portable and self-contained with zero external dependencies. It uses
blake2b as the hash function and ed25519 implementation from tweetnacl.
Key features:
- Zero dependencies (libc and C compiler are likely required though), so it
could be easily used in embedded systems.
- Modern cryptography primitives (ed25519, blake2 and sha512 namely).
- Ability to encrypt files with the same keys using curve25519 based cryptobox.
- Protecting secret keys by passwords using PBKDF2-BLAKE2 routine.
- Asignify can convert ssh ed25519 private keys to the native format and verify
signatures using just ssh ed25519 public keys (without intermediate
conversions).
- Asignify provides high level API for application developers for signing,
verifying, encrypting and keys generation.
- All keys, signatures and encrypted files contain version information allowing
to change cryptographical primitives in the future without loosing of
backward compatibility.
DenyHosts is a script intended to be run by *ix system administrators to
help thwart ssh server attacks.
If you've ever looked at your ssh log (/var/log/auth.log ) you may be alarmed
to see how many hackers attempted to gain access to your server.
Denyhosts helps you:
- Parses /var/log/auth.log to find all login attempts
- Can be run from the command line, cron or as a daemon (new in 0.9)
- Records all failed login attempts for the user and offending host
- For each host that exceeds a threshold count, records the evil host
- Keeps track of each non-existent user (eg. sdada) when a login attempt failed.
- Keeps track of each existing user (eg. root) when a login attempt failed.
- Keeps track of each offending host (hosts can be purged )
- Keeps track of suspicious logins
- Keeps track of the file offset, so that you can reparse the same file
- When the log file is rotated, the script will detect it
- Appends /etc/hosts.allow
- Optionally sends an email of newly banned hosts and suspicious logins.
- Resolves IP addresses to hostnames, if you want
The digest utility is a wrapper for the md5, sha1, sha256, sha384,
sha512, rmd160, tiger and whirlpool message digest algorithms (also
known as hashes, checksums or "fingerprints").
Dirmngr is a client for managing and downloading certificate
revocation lists (CRLs) for X509 certificates and for downloading the
certificates themselves. Dirmngr is usually invoked by gpgsm and in
general not used directly.