Open Source OpenBSD Security Software - Page 2

Fileprivacy is a small tool which easily encrypts and decrypts files with common algorithms like AES, Blowfish, Triple DES and RSA. You can either use passwords or keyfiles. Since Fileprivacy is coded in Java it should run on all popular operating systems. #######BETA 2####### Bugfix - Beta 1 stopped working if filename was too short or long - added .exe file ####### NOTE ####### This is an early beta implying there are some issues left. The Keygenerator stops working if you change the algorithm after setting the keylength. It has to be restarted for further use. Because there are no start scripts, yet, you have to start Fileprivacy from console by typing: java -jar Fileprivacy-1.0_<version>.jar ####### ALSO NOTE ####### The author of this software is not responsible for the safety of your data. There is no guarantee that one or more of the implemented algorithms cannot be compromised.

Protect your company's email and browsing with your GoodCrypto private server. * Protects email metadata and resists traffic analysis * Automatic encryption, decryption, and key management * All private keys stay on *your* server * Users don't change their email or browser software * Blocks web malware * Runs on your private server * Completely decentralized

KISS is a kernel-side host-oriented security tool, which may bring you file integrity checking, file and process hiding and actions handling on special internal events (using a tiny scripting language).

The Neighbor Discovery Protocol Monitor (NDPMon) is used by Internet Protocol version 6 network administrators for monitoring ICMPv6 packets. NDPMon observes the local network for anomalies in the function of nodes using Neighbor Discovery Protocol (NDP) messages, especially during the Stateless Address Autoconfiguration. When an NDP message is flagged, it notifies the administrator by writing to the syslog or by sending an email report. It may also execute a user-defined script. For IPv6, NDPMon is an equivalent of Arpwatch for IPv4, and has similar basic features with added attacks detection. NDPMon also maintains up-to-date a list of neighbors on the link and watches all advertisements and changes. It permits to track the usage of cryptographically generated interface identifiers or temporary global addresses when Privacy extensions are enable (default behavior in Ubuntu and Windows for example).

Authpfng is a new authentication back-end to allow people to sign in to the network administrated by an OpenBSD pf-firewall. Login can be done by ssh, web-based and smb. You can assign traffic quotas and QoS per-user or after a certain bandwidth usage.

Nmap Log Stripper is a Bash script intended to be a way to condense all, or some, of the IPs of a "random" (-iR) nmap scan into a file for later usage.

Small cryptographic command line tool for LINUX and OpenBSD (x86) completely in 32-Bit Assembly Language. ORDO encrypt/decrypt files (max. size 2 GB) with AES-128-Algorithm (Rijndael) in CBC-Mode (Cipher-Block-Chaining). No libs are included, only system-calls are used. ORDO is under BSD License.

OpenInfreno is an open source root wars toolkit & engine designed to score attackers accessing a network of victims. This project consists of a score server and several tools, as well as documentation and implementation information.

OpenUTM is an open source Unified Threat Management software framework to be used to combine together other open source projects to build an easily managed UTM firewall appliance.

OpenVPN is a robust and highly flexible tunneling application that uses all of the encryption, authentication, and certification features of the OpenSSL library to securely tunnel IP networks over a single TCP/UDP port. Discussion forums and project wiki can be found here: https://forums.openvpn.net/ http://community.openvpn.net/openvpn

PGP Individual UID Signer makes signing all the UIDs on all of the keys at a PGP Keysigning party much simpler. It prompts for verification fingerprints, and then signs each UID on each key separately and PGP/Mime encrypt-emails them to their recipient. NOTE: Developement now happens at GitHub: http://github.com/jaymzh/pius

Pace-ICMP is a utility that can allow X amount of ICMP (ping, etc) packets travel to the host, once X is exceeded, all ICMP traffic is blocked. This allows ping and traceroute functionality, while still protecting you against ICMP attacks.

PortFusion is a minimalistic, cross-platform, transport-layer distributed reverse / forward proxy for TCP written in Haskell + LLVM and released under GPLv3. A single package that makes the most of each platform by tapping into their unique capabilities, combining this power with an intuitive interface, beautiful design and Haskell's excellent support for unprecedented levels of concurrency and parallelism. It strives for the smallest source code size (< 500 lines) while delivering maximum throughput with near zero overhead.

Remote Packet Filter Control Daemon allows remote control and monitoring of OpenBSD's packet filter. It communicates with clients using RPFC protocol running on top of SSL (Secure Socket Layer).

Reveal Rootkit detects processes hidden by rootkits. It is intended to run out of cron or similar services on a regular base and avoids verbose output as long as nothing was found. It's fast and shouldn't produce false positives. Reveal RootKit is tested mainly on Linux but should work on other POSIX systems with a /proc filesystem, too.

SIDEN is a distributed network discovery tool used for intrusion detection research purposes. It simulates coordinated/distributed network probes against a network. The traffic generated can then be analyzed to improve Intrusion Detection Systems.

SMPPS Project already in its Beta version to 0.9.9 almost in the final version be in the documentation and material help that missing as well as the necessary translations of such material. However, with great joy that I come to the dicer SMPPS this now rather towards what the expectations of the project believed that he would be able: Capture and log packages generate the following protocols without using libpcap, but just using BSD Sockets. protocols: IP TCP UDP ICMP IGMP Inside the ethernet network

The Security Workflow Analysis Tool (SWAT) is a platform for modelling and analyzing workflows. It comes with ananlysis approaches to search for data leaks in workflows.

SYPPS - small yet powerful php shell is another PHP shell for pentesting

Protection by an optimized hosts file. Over 29300 DNS entires against Tracking, Adware, Spyware, Viruses, Popups and Redirecting. For more security and privacy. Points the insecure domains to the localhost that they don't get resolved by DNS Servers

SecurityFusion is an open source network intrusion detection and prevention system based in Hogwash, capable of performing real-time traffic analysis and packet logging on IP networks.

Sonate is a java GUI for OpenBSD pf packet filtering. Optional code can be compiled to OpenBSD host to transfer generated configuration using SSL

SpamCheetah is an OpenBSD greylisting based spam filter. It is a liveCD that can run on any machine and it does not modify your hard disk or anything else. It is a network level spam filter and you have to run a separate mail server with it.

Introduction Sudoscriptd/sudoshell are a pair of Perl scripts that provide an audited shell using sudo(8) and script(1).

Syscheck monitors the reliability/integrity of critical system files (config files and binaries) by identifying changes made to them. It does this through an "automated verification regimen run at regular intervals" against a local or remote database