Ports Search

After examining Tripwire and deciding that it was *way* overkill for my own purposes... ...L5 simply walks down Unix or DOS filesystems, sort of like "ls -R" or "find" would, generating listings of anything it finds there. It tells you everything it can about a file's status, and adds on an MD5 hash of it. Its output is rather "numeric", but it is a very simple format and is designed to be post-treated by scripts that call L5... ...Unlike Tripwire itself, this is NOT a complete toolkit -- one is expected to use it as a small, reliable part of a larger system... _H* Andrew McNaughton <andrew@scoop.co.nz>

BASE is the Basic Analysis and Security Engine. It is based on the code from the ACID project. This application provides a PHP-based web front-end to query and analyze the alerts coming from a Snort IDS system. BASE is a web interface to perform analysis of intrusions that Snort has detected on your network. It uses a user authentication and role-base system, so that you as the security admin can decide what and how much information each user can see. It also has a simple to use, web-based setup program for people not comfortable with editing files directly.

OpenID is a decentralized identity system, but one that's actually decentralized and doesn't entirely crumble if one company turns evil or goes out of business. An OpenID identity is just a URL. You can have multiple identities in the same way you can have multiple URLs. All OpenID does is provide a way to prove that you own a URL (identity). Anybody can run their own site using OpenID, and anybody can be an OpenID server, and they all work with each other without having to register with or pay anybody to "get started". An owner of a URL can pick which OpenID server to use.

OpenID is a decentralized identity system, but one that's actually decentralized and doesn't entirely crumble if one company turns evil or goes out of business. An OpenID identity is just a URL. You can have multiple identities in the same way you can have multiple URLs. All OpenID does is provide a way to prove that you own a URL (identity). Anybody can run their own site using OpenID, and anybody can be an OpenID server, and they all work with each other without having to register with or pay anybody to "get started". An owner of a URL can pick which OpenID server to use.

CRITs is a web-based tool which combines an analytic engine with a cyber threat database that not only serves as a repository for attack data and malware, but also provides analysts with a powerful platform for conducting malware analyses, correlating malware, and for targeting data. These analyses and correlations can also be saved and exploited within CRITs. CRITs employs a simple but very useful hierarchy to structure cyber threat information. This structure gives analysts the power to 'pivot' on metadata to discover previously unknown related content.

### WHAT IS PHPSECINFO? PHPSecInfo is a PHP environment security auditing tool modeled after the phpsecinfo() function. From a single function call, PHPSecInfo runs a series of tests on your PHP environment to identify potential security issues and offer suggestions. It can be useful as part of a multilayered security approach. #### WHAT IS PHPSECINFO NOT? * It is not a replacement for secure coding practices * It does not audit PHP code * It is not comprehensive test for either your hosting environment or your web application * It is not the "final word." PHPSecInfo identifies *potential* problems and offers suggestions for improvement. Your environment may _require_ certain settings that trigger cautions or warnings.

libpwstor is a library implementing a password storage format for C programmers. This format provides a reasonable level of security by utilizing SHA-256 in addition to a random salt to mitigate dictionary and rainbow table attacks. In addition to the core functionality, libpwstor also offers some additional functions such as Base64 encoding and decoding. All functionality is implemented and designed in such a way as to be easy to use for C programmers of varying skill levels, while preserving reasonable security in the underlying storage format.

The OATH Toolkit contains a shared library, command line tool and a PAM module that makes it possible to build one-time password authentication systems. Supported technologies include the event-based HOTP algorithm and the time-based TOTP algorithm. OATH is the Open AuTHentication organization which specify the algorithms. The components included in the package is: - liboath: A shared and static C library for OATH handling. - oathtool: A command line tool for generating and validating OTPs. - pam_oath: A PAM module for pluggable login authentication for OATH.

Sudoscript provides an audited shell using sudo(8) and script(1). The front end script, sudoshell(1) contacts the daemon, sudoscriptd(8). They agree on the location of a FIFO, which the daemon opens for read. Sudoshell then runs script(1) with the FIFO as a typescript. The daemon stamps each line of the script(1) output with a session id, then passes the data over to another daemon. This daemon timestamps the data and stores it in a log file which is /var/log/sudoscript. This daemon also keeps an eye on the size of log files, and forks a rotator/compressor when it exceeds 2 MBytes.

wpa_supplicant is a client (supplicant) with support for WPA and WPA2 (IEEE 802.11i / RSN). It is suitable for both desktop/laptop computers and embedded systems. Supplicant is the IEEE 802.1X/WPA component that is used in the client stations. It implements key negotiation with a WPA Authenticator and it controls the roaming and IEEE 802.11 authentication/ association of the wlan driver. wpa_supplicant is designed to be a "daemon" program that runs in the background and acts as the backend component controlling the wireless connection. wpa_supplicant supports separate frontend programs and a text-based frontend (wpa_cli) and a GUI (wpa_gui) are included with wpa_supplicant.