Results 4,101–4,110 of 6,332 for /net-p2p/.(0.02 seconds)
Protect hosts from brute force attacks against ssh and other services
Sshguard monitors services from their logging activity. It reacts to messages
about dangerous activity by blocking the source address with the local firewall.
Sshguard employs a clever parser that can recognize several logging formats at
once transparently (syslog, syslog-ng, metalog, multilog, raw messages), and
detects attacks for many services out of the box, including SSH, FreeBSD's
ftpd and dovecot. It can operate all the major firewalling systems, including
PF, netfilter/iptables, and IPFIREWALL/ipfw.
Sshguard has several relevant features like support for IPv6, whitelisting,
suspension, log message authentication. It is reliable, easy to set up and
demands very few resources to the system.
Advanced AES file encryption tool
NCrypt is intended to give you security in an insecure environment.
If you are wanting to encrypt files (particularly on a multi-user
system where you don't have root), wishing to hide your activites
from prying eyes, and want to "cover your tracks", then NCrypt is
for you. It is a symmetrical file encryptor/decryptor that gives
you the choice of the top three candidates for AES as the encryption
algorithm (Rijndael, Serpent, Twofish), tries to minimize exposure
of the plaintext password in memory, and can safely erase the
plaintext version from the hard drive. It compiles without any extra
crypto libraries, making it ideal for systems where you just have
a compiler and basic libraries (such as an ISP's shell server).
Help you update your snort rules after each update
Oinkmaster is simple Perl script released under the BSD license to help you
update your Snort 1.9+ rules and comment out the unwanted ones after each
update. It will tell you exactly what had changed since the last update,
hence giving you good control of your rules.
Ident server that supports user-defined ident strings
From the README:
"oidentd is an ident (rfc1413 compliant) daemon that runs on Linux,
FreeBSD, OpenBSD and Solaris. oidentd can handle IP masqueraded/NAT connections
on Linux, FreeBSD (ipf only) and OpenBSD. oidentd has a flexible mechanism for
specifying ident responses. Users can be granted permission to specify their
own ident responses. Responses can be specified according to host and port
pairs."
FreeBSD's inetd has a built-in ident service which can also generate
bogus responses.
Please see the TODO file for more information on why only ipf is
supported under FreeBSD.
Mark Laws
mdl@60hz.org
Security tool to monitor and check logs and intrusions
OSSEC is an Open Source Host-based Intrusion Detection System.
It performs log analysis, integrity checking, Windows registry
monitoring, rootkit detection, time-based alerting and active
response.
SSL/TLS client/server library implementation
The axTLS project is an SSL client/server library using the TLSv1
protocol. It is designed to be small and fast, and is suited to
embedded projects. A web server is included.
Basic Analysis and Security Engine - analyzing Snort alerts
BASE is the Basic Analysis and Security Engine. It is based on the code
from the ACID project. This application provides a PHP-based web front-end
to query and analyze the alerts coming from a Snort IDS system.
BASE is a web interface to perform analysis of intrusions that Snort has
detected on your network. It uses a user authentication and role-base
system, so that you as the security admin can decide what and how much
information each user can see. It also has a simple to use, web-based
setup program for people not comfortable with editing files directly.
Command-line utility for encrypting and decrypting files and streams
ccrypt is a utility for encrypting and decrypting files and streams. It was
designed to replace the standard Unix crypt utility, which is notorious for
using a very weak encryption algorithm. ccrypt is based on the Rijndael
cipher, which is the U.S. government's chosen candidate for the Advanced
Encryption Standard (AES, see http://www.nist.gov/aes/). This cipher is
believed to provide very strong security.
Unlike Unix crypt, the algorithm provided by ccrypt is not symmetric, i.e.,
one must specify whether to encrypt or decrypt. The most common way to invoke
ccrypt is via the commands ccencrypt and ccdecrypt. There is also a ccat
command for decrypting a file directly to the terminal, thus reducing the
likelihood of leaving temporary plaintext files around. In addition, there
is a compatibility mode for decrypting legacy Unix crypt files.
Encryption and decryption depends on a keyword (or key phrase) supplied by
the user. By default, the user is prompted to enter a keyword from the
terminal. Keywords can consist of any number of characters, and all characters
are significant (although ccrypt internally hashes the key to 256 bits).
Longer keywords provide better security than short ones, since they are less
likely to be discovered by exhaustive search.
Is a tool that searches for credit card numbers (PAN) and track data
ccsrch is a tool that searches for and identifies unencrypted and
contiguous credit card numbers (PAN) and track data on Windows and
UNIX operating systems. It will also identify the location of the
PAN data in the files and record MAC times.
Ncurses based password database client
An ncurses based password database client that is compatible
with KeePass 1.x format databases.