hlfl stands for "High Level Firewall Language". It permits writing
firewalling rules using a high level language, and transforms them into
rules for real software, like ipfilter, ipchains or cisco rules.
You could make contact with the developers by subscribing to
<hlfl@hlfl.org>. There is also an announce ML at <hlfl-announce@hlfl.org>.
These lists are managed by majordomo (write to <majordomo@hlfl.org> with
"help" in the body of your mail).
Flawfinder searches through source code looking for potential security
flaws. Flawfinder uses an internal database called the ``ruleset''; the
ruleset identifies functions that are common causes of security flaws.
Every potential security flaw found in a given source code file (matching
an entry in the ruleset) is called a ``hit,'' and the set of hits found
during any particular run is called the ``hitlist.''
Libntlm is a library that implement Microsoft's NTLM authentication.
Google's Certificate Transparency project is an open framework for monitoring
and auditing SSL certificates in nearly real time. It makes it possible
to detect SSL certificates that have been mistakenly issued by a certificate
authority or maliciously acquired from an otherwise unimpeachable certificate
authority. It also makes it possible to identify certificate authorities
that have gone rogue and are maliciously issuing certificates.
Cops is a set of programs to check how secure your system is. It
checks file and directory privileges, SUID programs, etc. It has
support for checking passwords, but this port doesn't include it
as it is DES based. This port installs cops in a single directory
area. The directory has no non-user privileges and cops is meant
to be run locally to that directory. The perl version of cops is
also included in a subdirectory.
The anonymizing relay monitor (arm) is a terminal status monitor for Tor,
intended for command-line aficionados, ssh connections, and anyone with a tty
terminal. This works much like top does for system usage, providing real time
statistics for:
* bandwidth, cpu, and memory usage
* relay's current configuration
* logged events
* connection details (ip, hostname, fingerprint, and consensus data)
* ... etc
KSBA = rot13(digit_to_letter(x509)) to be pronounced as Kasbah
KSBA is a library to make X.509 certificates as
well as the CMS easily accessible by other applications. Both
specifications are building blocks of S/MIME and TLS.
Prelude is a Universal "Security Information & Event Management" (SIEM)
system. Prelude collects, normalizes, sorts, aggregates, correlates and
reports all security-related events.
As well as being capable of recovering any type of log (system logs, syslog,
flat files, etc.), Prelude benefits from a native support with a number of
systems dedicated to enriching information even further (snort, samhain,
ossec, auditd, etc.).
This library provides functionality for sensors (connection with a manager,
handling sensor-exported options,...).
Prelude is a Universal "Security Information & Event Management" (SIEM)
system. Prelude collects, normalizes, sorts, aggregates, correlates and
reports all security-related events.
As well as being capable of recovering any type of log (system logs, syslog,
flat files, etc.), Prelude benefits from a native support with a number of
systems dedicated to enriching information even further (snort, samhain,
ossec, auditd, etc.).
This library provides a framework for easy access to the Prelude database.
This is a Java SSH Client, which has a whole bunch of features,
but supports SSH Protocol 1 connections only.
This version does not depend on the Java Development Kit, since
it is the binary version, which runs out-of-the-box in
webbrowsers that support Java. A minimal sample HTML page
is installed as well.
If you want to use the client from shell, you have to install
the JDK first (${PORTSDIR}/java/jdk/).
A commercial version for SSH-2 is available here:
(This version is no longer supported)