Ports 搜索

Secure rm (srm) is a command-line utility compatible with rm(1) which destroys file contents before unlinking. The goal is to provide drop-in security for users who wish to prevent command-line recovery of deleted information, even if the machine is compromised.

ssh-multiadd adds multiple ssh keys to the ssh authentication agent. These may use the same passphrase. When run without arguments, it adds $HOME/.ssh/identity and $HOME/.ssh/id_dsa. Alternative file names can be given on the command line or in the configuration file. It uses ssh-askpass if necessary. Unlike ssh-add, if any of the keys use the same passphrase, you will only need to enter each unique passphrase once, and keys that are already added will not be prompted for again.

PAM module which permits authentication for arbitrary services via ssh-agent. Written with sudo in mind, but like any auth PAM module, can be used for many purposes.

pecl-pam provides PAM (Pluggable Authentication Modules) integration. PAM is a system of libraries that handle the authentication tasks of applications and services. The library provides a stable API for applications to defer to for authentication tasks.

safesh is an authentication manager for OpenSSH. By automatically creating keys and starting ssh-agents, it makes it (fairly) convenient to use one key for each host pair (authenticator and authenticatee), it avoids the use of authentication theft with SSH.

This is a tool that uses ARP poisoning to have a scenario like this: we have a LAN and we want offer connectivity to every- one coming here with his laptop for example. It could happen that our customer has his network parameters already configured to work correctly in his own LAN, but not working here. We can have then this scenario: Customer's host (10.0.0.2/8 and default gateway set to 10.0.0.1) Our LAN (192.168.0.0/24 with real gateway 192.168.0.254). All that we want is that our customer plugs his laptop and joins the internet without changing nothing of his network parameters. Here comes this tool installed in my real gw(192.168.0.254) It's a sort of sniffer, because it sniffs broadcast ARP requests for the gateway and answers that the gateway is itself In our example our customer's laptop sends this request: arp who-has 10.0.0.1 tell 10.0.0.2 Now our gateway does the following: 1) Sends back this reply to 10.0.0.2: arp reply 10.0.0.1 is-at his_mac_address 2)Create the alias 10.0.0.254 (ARP is not routable so we need one alias for each subnet that is not our one) 3)Sends itself an ARP reply to refresh his ARP cache It is different from proxy arp for two reasons: first it runs in user space, then in this case we can plug machines belonging to whatever subnet, while proxy arp is used in the case of only two different ones.

ScanSSH supports scanning a list of addresses and networks for open proxies, SSH protocol servers, Web and SMTP servers. Where possible ScanSSH, displays the version number of the running services. ScanSSH protocol scanner supports random selection of IP addresses from large network ranges and is useful for gathering statistics on the deployment of SSH protocol servers in a company or the Internet as whole.

This is the sectok tool from citi.umich.edu. Originally targeted for OpenBSD. This is a quick port of the basic application; it relies upon the libsectok library for ISO 7816 Smart Card device communication.

sig2dot can be used to generate a graph of all of the signature relationships in a GPG/PGP keyring. It converts the output of "gpg --list-sigs" to a .dot file, which is a graph definition that can be rendered by springgraph or graphviz.

The Open Vulnerability Assessment System (OpenVAS) is a framework of several services and tools offering a comprehensive and powerful vulnerability scanning and vulnerability management solution. This package contains core libraries.