ipfmeta is used to simplify the maintenance of your IPfilter ruleset.
It does this through the use of 'objects'. A matching object gets
replaced by its values at runtime. This is similar to what a macro
processor like m4 does.
ipfmeta is specifically geared towards IPfilter. It is line oriented:
if an object has multiple values, the line with the object is
duplicated and substituted for each value. It is also recursive: an
object may have another object as a value.
k5start is a modified version of kinit that can use keytabs to authenticate,
can run as a daemon and wake up periodically to refresh a ticket, and can run
single commands with their own authentication credentials and refresh those
credentials until the command exits.
It is commonly used to maintain Kerberos tickets for services that need to
authenticate to minimize the amount of Kerberos-related logic that must be
in the service itself.
Authen::Captcha provides an object oriented interface to captcha file
creations. Captcha stands for Compl etely Automated Public Turning test
to tell Computers and Humans Apart. A Captcha is a program that can
generate and grade tests that:
- most humans can pass
- current computer programs can't pass
The most common form is an image file containing distorted text, which
humans are adept at reading, and co mputers (generally) do a poor job.
This module currently implements that method.
autossh is a program to start a copy of ssh and monitor it, restarting
it as necessary should it die or stop passing traffic.
The original idea and the mechanism were from rstunnel (Reliable SSH
Tunnel). With this version the method changes: autossh uses ssh to
construct a loop of ssh forwardings (one from local to remote, one
from remote to local), and then sends test data that it expects to
get back. (The idea is thanks to Terrence Martin.)
Chaosreader is a perl script that parses snoop or tcpdump logs
and extracts sessions for a number of different appplications:
ssh, telnet, smtp, irc, ftp, etc. The data are formatted into
an html file and can be used to replay some sessions.
Sshkeydata is a perl script that attempts to recreate ssh
sessions extracted by chaosreader by estimating what commands
may have been typed.
Both scripts are installed in ${PREFIX}/bin
From the aescrypt README.html:
This is a program for encrypting/decrypting streams of data using
Rijndael and Cipher Block Feedback mode (CFB-128).
...
5. This program was deliberately kept extremely simple. It is not
intended to be a full encryption solution, it is intended to be
used within scripts as part of a complete solution. Keychain
management, public key signatures, etc. are all expected to be
done external to this program.
Digest::SHA::PurePerl is a complete implementation of the NIST
Secure Hash Standard. It gives Perl programmers a convenient way
to calculate SHA-1, SHA-224, SHA-256, SHA-384, and SHA-512 message
digests. The module can handle all types of input, including
partial-byte data.
Digest::SHA::PurePerl is written entirely in Perl. If your platform
has a C compiler, you should install the functionally-equivalent
(but much faster) Digest::SHA module.
The Digest::MD5 module allows you to use the RSA Data Security Inc.
MD5 Message Digest algorithm from within Perl programs. The algorithm
takes as input a message of arbitrary length and produces as output
a 128-bit "fingerprint" or "message digest" of the input.
The Digest::MD5 module provide a procedural interface for simple
use, as well as an object oriented interface that can handle messages
of arbitrary length and which can read files directly.
Further documentation is embedded in the individual modules.
pamtester is a tiny utility program to test the pluggable authentication
modules (PAM) facility, which is a de facto standard of unified authentication
management mechanism in many unices and similar OSes including Solaris, HP-UX,
*BSD, MacOSX and Linux.
While specifically designed to help PAM module authors to test their modules,
that might also be handy for system administrators interested in building a
centralised authentication system using common standards such as NIS, SASL and
LDAP.
A tool to collect DNS records passively to aid Incident handling, Network
Security Monitoring (NSM) and general digital forensics.
PassiveDNS sniffs traffic from an interface or reads a pcap-file and outputs
the DNS-server answers to a log file. PassiveDNS can cache/aggregate duplicate
DNS answers in-memory, limiting the amount of data in the logfile without
losing the essense in the DNS answer.