Ports Search

Sancp is a network security tool designed to collect statistical information regarding network traffic, as well as, collect the traffic itself in pcap format, all for the purpose of: auditing, historical analysis, and network activity discovery. Rules can be used to distinguish normal from abnormal traffic and support tagging connections with: rule id, node id, and status id. From an intrusion detection standpoint, every connection is an event that must be validated through some means. Sancp uses rules to identify, record, and tag traffic of interest. 'Tagging' a connection is a new feature since v1.4.0 Connections ('stats') can be loaded into a database for further analysis.

The seccure toolset implements a selection of asymmetric algorithms based on elliptic curve cryptography (ECC). In particular it offers public key encryption / decryption, signature generation / verification and key establishment. ECC schemes offer a much better key size to security ratio than classical systems (RSA, DSA). Keys are short enough to make direct specification of keys on the command line possible (sometimes this is more convenient than the management of PGP-like key rings). seccure builds on this feature and therefore is the tool of choice whenever lightweight asymmetric cryptography -- independent of key servers, revocation certificates, the Web of Trust or even configuration files -- is required.

Tcpcrypt is a protocol that attempts to encrypt (almost) all of your network traffic. Unlike other security mechanisms, Tcpcrypt works out of the box: it requires no configuration, no changes to applications, and your network connections will continue to work even if the remote end does not support Tcpcrypt, in which case connections will gracefully fall back to standard clear-text TCP. Install Tcpcrypt and you'll feel no difference in your every day user experience, but yet your traffic will be more secure and you'll have made life much harder for hackers.

Tor: an anonymizing overlay network for TCP Tor is a connection-based low-latency anonymous communication system which addresses many flaws in the original onion routing design. Tor is a toolset for a wide range of organizations and people that want to improve their safety and security on the Internet. Using Tor can help you anonymize web browsing and publishing, instant messaging, IRC, SSH, and more. Tor also provides a platform on which software developers can build new applications with built-in anonymity, safety, and privacy features. Remember that this is development code -- DON'T RELY ON THE CURRENT TOR NETWORK FOR ANONYMITY!

Allow users to only see tickets they are associated with. There are three new permissions for this plugin: TICKET_VIEW_REPORTER, TICKET_VIEW_CC, and TICKET_VIEW_OWNER. TICKET_VIEW_SELF is an alias for all three of these. With each permission, users will only be able to see tickets where they are the person mentioned in the permission. So if a user has TICKET_VIEW_REPORTER, they can only see tickets they reported. For TICKET_VIEW_CC, they just have to be included in the CC list.

ccrypt is a utility for encrypting and decrypting files and streams. It was designed to replace the standard Unix crypt utility, which is notorious for using a very weak encryption algorithm. ccrypt is based on the Rijndael cipher, which is the U.S. government's chosen candidate for the Advanced Encryption Standard (AES, see http://www.nist.gov/aes/). This cipher is believed to provide very strong security. Unlike Unix crypt, the algorithm provided by ccrypt is not symmetric, i.e., one must specify whether to encrypt or decrypt. The most common way to invoke ccrypt is via the commands ccencrypt and ccdecrypt. There is also a ccat command for decrypting a file directly to the terminal, thus reducing the likelihood of leaving temporary plaintext files around. In addition, there is a compatibility mode for decrypting legacy Unix crypt files. Encryption and decryption depends on a keyword (or key phrase) supplied by the user. By default, the user is prompted to enter a keyword from the terminal. Keywords can consist of any number of characters, and all characters are significant (although ccrypt internally hashes the key to 256 bits). Longer keywords provide better security than short ones, since they are less likely to be discovered by exhaustive search.

This is Encrypted MAC (EMAC), formerly known as Double MAC (DMAC). Unlike HMAC, which reuses an existing one-way hash function, such as MD5, SHA-1 or RIPEMD-160, EMAC reuses an existing block cipher to produce a secure message authentication code (MAC). Using the block cipher, a message is encrypted in CBC mode. The last block is taken as the MAC of the message. For fixed-length messages, this method is provably secure. In reality, however, messages have arbitrary lengths, and this method is not secure. To make secure MACs for variable length messages, the last block is encrypted once again with a different key. The security of this construction has been proved in the paper, ``CBC MAC for Real-Time Data Sources'' by Erez Petrank and Charles Rackoff. The security can be proved on the assumption that the underlying block cipher is pseudo-random. The performance and key-agility of EMAC are reasonable. EMAC is preferable for short messages because the block length is smaller compared to the schemes based on a hash function. EMAC is also chosen as one of the NESSIE winners for Message Authentication Codes, along with UMAC, TTMAC and HMAC. The current NESSIE specification chooses the AES as block cipher.

This is Encrypted MAC (EMAC), formerly known as Double MAC (DMAC). Unlike HMAC, which reuses an existing one-way hash function, such as MD5, SHA-1 or RIPEMD-160, EMAC reuses an existing block cipher to produce a secure message authentication code (MAC). Using the block cipher, a message is encrypted in CBC mode. The last block is taken as the MAC of the message. For fixed-length messages, this method is provably secure. In reality, however, messages have arbitrary lengths, and this method is not secure. To make secure MACs for variable length messages, the last block is encrypted once again with a different key. The security of this construction has been proved in the paper, ``CBC MAC for Real-Time Data Sources'' by Erez Petrank and Charles Rackoff. The security can be proved on the assumption that the underlying block cipher is pseudo-random. The performance and key-agility of EMAC are reasonable. EMAC is preferable for short messages because the block length is smaller compared to the schemes based on a hash function. EMAC is also chosen as one of the NESSIE winners for Message Authentication Codes, along with UMAC, TTMAC and HMAC. The current NESSIE specification chooses the AES as block cipher.

arp-scan is a command-line tool that uses the ARP protocol to discover and fingerprint IP hosts on the local network. It is available for Linux and BSD under the GPL licence.

Gringotts is an application to store sensitive data like passwords, pincodes, credit card numbers, etc. Features: * Fast, light GTK2 interface. * Good integration with GNOME, as well as all the other window managers. * High stress on safety & security. * Not only "normal" string passwords can be used, but any file can be the password to your data. * 8 encryption algorythms are available through the mcrypt library: RIJNDAEL-128 (AES), RIJNDAEL-256, SERPENT, TWOFISH, CAST 256, SAFER+, LOKI97, 3DES. * 2 160-bit hash algorythms, used to generate the key: SHA1, RIPEMD160. * 2 compression types, with 4 compression levels each: ZLib, BZip2. * Complete & easy management of entries' order. * Complete Search function. * Very intuitive usability, you won't need any manual. * It comes with a thread-safe C library, libGringotts, that can be used in any other project to save data in files in a simple and safe way.