fakes
Sponsored Links
Sponsored Links
Secleted [ 0 ] software to compare
Results 1 - 15 of about 81
fakedbfs 2.0.0
fakedbfs is a suite of tools and a library for cataloguing files. more>>
fakedbfs is a suite of tools and a main library for cataloguing files. Anything that is a file can be catalogued along with metadata. The metadata is then searchable by various querying facilities. fakedbfs project uses SQLite to store and search data.
It is called "fakedbfs" (fake database filesystem) because its not a real DBFS such as the upcoming WinFS, or other OS-tied FSes that live in the kernel. Instead, it is completely in userland.
It was inspired by BFS (which doesnt do content indexing, only metadata). It is written completely in portable, ANSI C (barring the various bindings and other such utilities, or stuff using FTS and the stat(2) syscall [I plan on porting FTS as a built-in feature for platforms that dont support it]). If SQLite and a C compiler run on the platform, fakedbfs should be able to as well. In theory. Ish.
It was primarily developed on FreeBSD.
The main library can be used by any application; full API docs should be coming soon (when I find the time). Applications are virtually unlimited: desktop music/photo indexing, server content indexing, etc.
The core fakedbfs distribution consists of the following:
libfakedbfs - the main library with all querying, indexing, and specfile functions. Has all SQLite bindings
fquery - a commandline utility to query the database.
findex - a commandline utility to index files and directories. This can be either run manually or from a cron job.
fcreatedb - the initial database creation and specfile adding utility.
feditdb - a utility to edit the database (not in 1.0, should be in 1.1)
Various default specfiles, defining what metadata the catalogue contains
Indexing consists of a couple parts. Theres the indexer itself, which does cataloguing of each file, and then there are the metadata plugins.
These plugins, designed specifically for certain specfiles, know how to extract metadata from the files themselves (for example ID3/EXIF tags, filename formats). findex can also ask the user for manual input for each field.
Enhancements:
- This release incorporates many new features and changes, such as a completely revamped API in libfakedbfs, the beginnings of support for ficl plugins, numerous bugfixes, the addition of a working fedit utility, database layout changes, and improvements to the querying subsystem.
<<lessIt is called "fakedbfs" (fake database filesystem) because its not a real DBFS such as the upcoming WinFS, or other OS-tied FSes that live in the kernel. Instead, it is completely in userland.
It was inspired by BFS (which doesnt do content indexing, only metadata). It is written completely in portable, ANSI C (barring the various bindings and other such utilities, or stuff using FTS and the stat(2) syscall [I plan on porting FTS as a built-in feature for platforms that dont support it]). If SQLite and a C compiler run on the platform, fakedbfs should be able to as well. In theory. Ish.
It was primarily developed on FreeBSD.
The main library can be used by any application; full API docs should be coming soon (when I find the time). Applications are virtually unlimited: desktop music/photo indexing, server content indexing, etc.
The core fakedbfs distribution consists of the following:
libfakedbfs - the main library with all querying, indexing, and specfile functions. Has all SQLite bindings
fquery - a commandline utility to query the database.
findex - a commandline utility to index files and directories. This can be either run manually or from a cron job.
fcreatedb - the initial database creation and specfile adding utility.
feditdb - a utility to edit the database (not in 1.0, should be in 1.1)
Various default specfiles, defining what metadata the catalogue contains
Indexing consists of a couple parts. Theres the indexer itself, which does cataloguing of each file, and then there are the metadata plugins.
These plugins, designed specifically for certain specfiles, know how to extract metadata from the files themselves (for example ID3/EXIF tags, filename formats). findex can also ask the user for manual input for each field.
Enhancements:
- This release incorporates many new features and changes, such as a completely revamped API in libfakedbfs, the beginnings of support for ficl plugins, numerous bugfixes, the addition of a working fedit utility, database layout changes, and improvements to the querying subsystem.
Download (0.077MB)
Added: 2006-04-20 License: BSD License Price:
1282 downloads
fakehermes 0.95
fakehermes is a companion program to hermes that implements a fake (and very simple) SMTP server. more>>
fakehermes project is a companion program to hermes that implements a fake (and very simple) SMTP server.
Why would I want to run a fake SMTP server?
The main use of fakehermes is to configure it as a secondary MX server. Some spammers will try to send spam directly to your least prefered SMTP server, because some secondary SMTP servers are badly configured and will relay spam to the main SMTP server without any check.
Placing fakehermes as a secondary SMTP server will receive (but not proccess) those spammers connections. Legitimate connections will retry sooner or later on the main SMTP server.
fakehermes will also log all attempts to send email through it with a very detailed log that will log not only who sent the email but also what tricks did they try to send it.
fakehermes does NOT implement a full SMTP server. It will NOT deliver ANY mail, so DO NOT try to use it as your main SMTP server.
<<lessWhy would I want to run a fake SMTP server?
The main use of fakehermes is to configure it as a secondary MX server. Some spammers will try to send spam directly to your least prefered SMTP server, because some secondary SMTP servers are badly configured and will relay spam to the main SMTP server without any check.
Placing fakehermes as a secondary SMTP server will receive (but not proccess) those spammers connections. Legitimate connections will retry sooner or later on the main SMTP server.
fakehermes will also log all attempts to send email through it with a very detailed log that will log not only who sent the email but also what tricks did they try to send it.
fakehermes does NOT implement a full SMTP server. It will NOT deliver ANY mail, so DO NOT try to use it as your main SMTP server.
Download (0.009MB)
Added: 2007-04-25 License: GPL (GNU General Public License) Price:
914 downloads
FakeBO 0.4.1
FakeBO is a program which fakes trojan server responses and logs incoming requests. more>>
FakeBO is a program which fakes trojan server responses and logs incoming requests.
FakeBO fakes trojan server responses (Back Orifice, NetBus, etc.) and logs every attempt to a logfile, stdout/stderr or syslog.
It is able to send fake pings and replies back to the client which is trying to access your system.
Main features:
- Added -V command line option
- Added one more log level for logreceived (4=hexdump of packet)
- Pontential buffer overflow fixed
- Some bugs in RealBO fixed
- Fixed problem when compiling on libc5 systems
<<lessFakeBO fakes trojan server responses (Back Orifice, NetBus, etc.) and logs every attempt to a logfile, stdout/stderr or syslog.
It is able to send fake pings and replies back to the client which is trying to access your system.
Main features:
- Added -V command line option
- Added one more log level for logreceived (4=hexdump of packet)
- Pontential buffer overflow fixed
- Some bugs in RealBO fixed
- Fixed problem when compiling on libc5 systems
Download (MB)
Added: 2007-03-22 License: GPL (GNU General Public License) Price:
947 downloads
fakechroot 2.6
fakechroot provides a fake chroot environment to programs. more>>
fakechroot project provides a fake chroot environment to programs. A fake chroot allows you to run programs which require root privileges on an unprivileged user account.
For example, you can create a Debian bootstrap or a development environment and build packages inside a chrooted system using a standard non-root user account.
You can then use the apt-get command to install other packages without root privileges.
Enhancements:
- This release includes a new environment variable FAKECHROOT_EXCLUDE_PATH and fixes for the getcwd(3), readlink(2), and mktemp(3) functions.
- The chroot(2) function is now recursive and allows nested chroots.
<<lessFor example, you can create a Debian bootstrap or a development environment and build packages inside a chrooted system using a standard non-root user account.
You can then use the apt-get command to install other packages without root privileges.
Enhancements:
- This release includes a new environment variable FAKECHROOT_EXCLUDE_PATH and fixes for the getcwd(3), readlink(2), and mktemp(3) functions.
- The chroot(2) function is now recursive and allows nested chroots.
Download (0.019MB)
Added: 2007-05-06 License: LGPL (GNU Lesser General Public License) Price:
904 downloads
Raw Fake AP 0.2
Raw Fake AP is a program that emulates valid IEEE 802.11 access points using wireless raw injection. more>>
Raw Fake AP is a program that emulates valid IEEE 802.11 access points using wireless raw injection.
Raw Fake AP application aims to create both beacon and probe response frames and could be used to "hide" real networks from novice wardrivers or for testing wireless intrusion detection systems.
Main features:
Overall features:
- Raw injection of beacon and probe response frames in monitor mode
- Try to forge coherent sequence numbers and BSS timestamps (depending on driver injection capabilities)
- Try to have a coherent time interval between beacons (which is hard to achieve without a real time kernel)
Command line interface will help you to choose between:
- Randomize Open/WEP/WPA/RSN crypto
- Randomize b/g cards
- Channel hopping
- TXpower hopping
- Randomize ESSIDs (alnum or not)
- Randomize BSSIDs
- Choose beacon interval
- Choose number of fake access points
- Choose a file with valid OUIs
- Choose a file with ESSIDs
- Choose between beacon or probe response frames
- Select a destination MAC address
<<lessRaw Fake AP application aims to create both beacon and probe response frames and could be used to "hide" real networks from novice wardrivers or for testing wireless intrusion detection systems.
Main features:
Overall features:
- Raw injection of beacon and probe response frames in monitor mode
- Try to forge coherent sequence numbers and BSS timestamps (depending on driver injection capabilities)
- Try to have a coherent time interval between beacons (which is hard to achieve without a real time kernel)
Command line interface will help you to choose between:
- Randomize Open/WEP/WPA/RSN crypto
- Randomize b/g cards
- Channel hopping
- TXpower hopping
- Randomize ESSIDs (alnum or not)
- Randomize BSSIDs
- Choose beacon interval
- Choose number of fake access points
- Choose a file with valid OUIs
- Choose a file with ESSIDs
- Choose between beacon or probe response frames
- Select a destination MAC address
Download (0.013MB)
Added: 2006-02-08 License: GPL (GNU General Public License) Price:
1380 downloads
FakeIKEd 0.0.4
Fiked is a fake IKE daemon that supports just enough of the standards and Cisco extensions. more>>
Fiked is a fake IKE daemon that supports just enough of the standards and Cisco extensions to attack commonly found insecure Cisco PSK+XAUTH VPN setups in what could be described as a semi-MitM attack.
Basically, knowing the pre-shared key, also known as shared secret or group password, the VPN gateway can be impersonated in IKE phase 1, in order to learn XAUTH user credentials in phase 2.
The configuration supported by fiked is IKE aggressive mode using pre-shared keys and XAUTH. FakeIKEd supports algorithms like DES, 3DES, AES128, AES192, AES256, MD5, SHA1, and DH groups 1, 2, and 5. Main mode is not supported.
Basically, if you know the pre-shared key, also known as shared secret or group password, you can play Man in the Middle, impersonate the VPN gateway in IKE phase 1, and learn XAUTH user credentials in phase 2.
This attack is not new. It has been known for a long time that IKE using PSK with XAUTH is insecure, and this is not the first actual implementation of the attack.
To successfully demostrate an attack on a VPN site, you need to know the shared secret, and you must be able to intercept the IKE traffic between the clients and the VPN gateway.
There are several ways to find out the shared secret, including being a legitimate user, grabbing it from some Cisco config file, using ike-crack, or layer 8 hackery.
There are also several ways to redirect the IKE traffic to your running fiked instance, including ARP spoofing, 802.11 hostap, or layer 1 hackery.
Usage:
Usage: fiked [-rdqhV] -g gateway -k id:psk [-k ...] [-l file] [-L file]
-r use raw socket: forge source address to match < gateway >
-d detach from tty and run as a daemon (implies -q)
-q be quiet, dont write anything to stdout
-h print help and exit
-V print version and exit
-g gw VPN gateway address to impersonate
-k i:k pre-shared key aka. group password, shared secret, prefixed
with its group/key id (first -k sets default)
-l file append results to credential log file
-L file verbous logging to file instead of stdout
Enhancements:
- Bugfixes, portability changes, and support for dropping privileges.
<<lessBasically, knowing the pre-shared key, also known as shared secret or group password, the VPN gateway can be impersonated in IKE phase 1, in order to learn XAUTH user credentials in phase 2.
The configuration supported by fiked is IKE aggressive mode using pre-shared keys and XAUTH. FakeIKEd supports algorithms like DES, 3DES, AES128, AES192, AES256, MD5, SHA1, and DH groups 1, 2, and 5. Main mode is not supported.
Basically, if you know the pre-shared key, also known as shared secret or group password, you can play Man in the Middle, impersonate the VPN gateway in IKE phase 1, and learn XAUTH user credentials in phase 2.
This attack is not new. It has been known for a long time that IKE using PSK with XAUTH is insecure, and this is not the first actual implementation of the attack.
To successfully demostrate an attack on a VPN site, you need to know the shared secret, and you must be able to intercept the IKE traffic between the clients and the VPN gateway.
There are several ways to find out the shared secret, including being a legitimate user, grabbing it from some Cisco config file, using ike-crack, or layer 8 hackery.
There are also several ways to redirect the IKE traffic to your running fiked instance, including ARP spoofing, 802.11 hostap, or layer 1 hackery.
Usage:
Usage: fiked [-rdqhV] -g gateway -k id:psk [-k ...] [-l file] [-L file]
-r use raw socket: forge source address to match < gateway >
-d detach from tty and run as a daemon (implies -q)
-q be quiet, dont write anything to stdout
-h print help and exit
-V print version and exit
-g gw VPN gateway address to impersonate
-k i:k pre-shared key aka. group password, shared secret, prefixed
with its group/key id (first -k sets default)
-l file append results to credential log file
-L file verbous logging to file instead of stdout
Enhancements:
- Bugfixes, portability changes, and support for dropping privileges.
Download (0.10MB)
Added: 2005-12-21 License: BSD License Price:
1402 downloads
DirIndexFaker 1.1
DirIndexFaker is a PHP script designed to produce fake Apache directory listings. more>>
DirIndexFaker script is writen in PHP and its designed to produce fake Apache directory listings for the purpose of slowing down and overloading with false positives the Web spiders used by the RIAA, MPAA, etc.
People like the riaa, mpaa, and others are on a copyright enforcing rampage, destroying innocent victims along the way. They are using automated tools (web spiders) to find people hosting illegal content to sue. Sometimes the spiders catch innocent people in their web of evil.
Since our politicians think the RIAAa well-being is more important than ours, we must find a way to make the RIAA/MPAAs spiders too expensive to operate. Therefore our goals should be to:
- Slow the spider down, or get it stuck in a loop
- Provide soo many false positives, that sorting the actual infringers from the innocent is too expensive to allow the copywrong police to continue
These things are what a honeypot, or tarpit is designed to do. There are several available RIAA/MPAA spider trapping scripts currently available, but they all have unacceptable limitations (either requirements are too high, or they take an unacceptable toll on your server).
What was needed was a script which could generate fake apache index pages, but with links to large files with copyrighted sounding names. The server operator should not have to have root, nor should it waste excessive disk space for the server operator, IE - the files should be generated by the script, and not actually stored on the servers disk. This is what DirIndexFaker does!
The best existing script I could find which came close to meeting these criteria was the DMCA Bot Killer , but it had several problems:
- It requires the files to be generated beforehand with a perl script, the code is in the source, but commented out and a little wonky.
- It does not look like an apache index page, it looks suspicious, the **AAs spiders could be easily modified to detect this.
- It requires a list of filenames to use when generating our warez index. This list is loaded from a server at every invocation. This is innefficient, and error-prone.
So DirIndexFaker is a fixed version of the DMCA Bot Killer.
Usage:
Simply extract the contents of the .zip file to a subfolder under your PHP enabled webservers document root, then place a link to that subfolder somewhere on your site where bots can see it, and people cannot. One way to hide the link from humans is with CSS.
Note: You may be tempted to keep the search engines away with your robots.txt file, but is is well known that the RIAA is using the search engines to find infringing content, so this is not a good idea.
Enhancements:
- This release adds the ability to slow down RIAA/MPAA bots with a usleep call.
- This is enabled by default, but can be disabled by commenting out a line at the top of index.php.
- The bottom row has been fixed to make server info match the actual server version running on your host.
- The random seed has been changed so that filenames/sizes will only change once a day.
- This makes it harder to detect as a fake.
<<lessPeople like the riaa, mpaa, and others are on a copyright enforcing rampage, destroying innocent victims along the way. They are using automated tools (web spiders) to find people hosting illegal content to sue. Sometimes the spiders catch innocent people in their web of evil.
Since our politicians think the RIAAa well-being is more important than ours, we must find a way to make the RIAA/MPAAs spiders too expensive to operate. Therefore our goals should be to:
- Slow the spider down, or get it stuck in a loop
- Provide soo many false positives, that sorting the actual infringers from the innocent is too expensive to allow the copywrong police to continue
These things are what a honeypot, or tarpit is designed to do. There are several available RIAA/MPAA spider trapping scripts currently available, but they all have unacceptable limitations (either requirements are too high, or they take an unacceptable toll on your server).
What was needed was a script which could generate fake apache index pages, but with links to large files with copyrighted sounding names. The server operator should not have to have root, nor should it waste excessive disk space for the server operator, IE - the files should be generated by the script, and not actually stored on the servers disk. This is what DirIndexFaker does!
The best existing script I could find which came close to meeting these criteria was the DMCA Bot Killer , but it had several problems:
- It requires the files to be generated beforehand with a perl script, the code is in the source, but commented out and a little wonky.
- It does not look like an apache index page, it looks suspicious, the **AAs spiders could be easily modified to detect this.
- It requires a list of filenames to use when generating our warez index. This list is loaded from a server at every invocation. This is innefficient, and error-prone.
So DirIndexFaker is a fixed version of the DMCA Bot Killer.
Usage:
Simply extract the contents of the .zip file to a subfolder under your PHP enabled webservers document root, then place a link to that subfolder somewhere on your site where bots can see it, and people cannot. One way to hide the link from humans is with CSS.
Note: You may be tempted to keep the search engines away with your robots.txt file, but is is well known that the RIAA is using the search engines to find infringing content, so this is not a good idea.
Enhancements:
- This release adds the ability to slow down RIAA/MPAA bots with a usleep call.
- This is enabled by default, but can be disabled by commenting out a line at the top of index.php.
- The bottom row has been fixed to make server info match the actual server version running on your host.
- The random seed has been changed so that filenames/sizes will only change once a day.
- This makes it harder to detect as a fake.
Download (0.005MB)
Added: 2005-12-16 License: GPL (GNU General Public License) Price:
1407 downloads
spamdyke 2.6.3
spamdyke is a drop-in filter for qmail to provide connection-time blacklisting, graylisting, DNS RBL checking, improved logging. more>>
spamdyke is a drop-in filter for qmail to provide connection-time blacklisting, graylisting, DNS RBL checking, improved logging, and more spamdyke project is a standalone program that does not use qmail source code or require patching/recompiling qmail.
For anyone who runs a mail server, spam is a problem. Its a huge problem and its only getting bigger. Unfortunately, qmail doesnt have many facilities for dealing with spam. qmail also doesnt do good logging. The qmail logs are probably useful to qmail developers but not to system administrators. Consider:
- Qmail doesnt log with a human-readable time format.
- Qmail logs dont track usable information (like senders and recipients).
- Qmail doesnt log to a single log file, making it very difficult to track an email from connection to delivery.
- Qmail logs roll over after a set size is reached (could be a few hours, could be a few minutes).
All of these things makes qmail very difficult to troubleshoot or monitor. spamdyke solves this. It monitors incoming traffic, acting as a middleman between qmail and the remote server. It catches the sender and recipient addresses as they go by and logs them to syslog. If it sees something it doesnt like (e.g. a blacklisted sender), it cuts the connection, closes qmail and fakes the rest of the SMTP transaction with the remote server. qmail thinks the remote server disconnected normally. The remote server thinks qmail is rejecting the message. Its the best of both worlds.
Some history: DJBs ucspi-tools package includes a handy little program called rblsmtpd for checking incoming SMTP connections against a DNSRBL. Initially, this seemed like a great thing (and it was) but it didnt go far enough. Lots of spam still came through. So after extending rblsmtpd to do more and more and more things, a limit was finally reached where it wouldnt go any further. Thus, spamdyke was born.
Main features:
- Reject the connection if the remote server has no reverse DNS entry.
- Reject the connection if the remote servers reverse DNS entry does not resolve.
- Reject the connection if the remote servers reverse DNS entry contains its IP address and a prohibited keyword (like "dynamic").
- Reject the connection if the remote servers reverse DNS entry contains its IP address and ends in a country code (whats the japanese word for "dynamic"?).
- Reject the connection if the remote servers IP address is listed in an IP blacklist.
- Reject the connection if the remote servers reverse DNS entry is listed in a domain name blacklist.
- Reject the connection if the remote servers IP address is listed in a given DNS realtime blacklist.
- Reject the connection if the remote server sends data before the SMTP greeting banner is displayed (earlytalkers).
- Reject the connection if the senders address is listed in a sender blacklist file.
- Limit recipients to a maximum number per connection. (Yes, this goes against RFC 821 but legitimate mail servers retry the rejected recipients, spammers dont.)
- Graylist incoming mail to specific domains (some domains can enjoy graylisting while others do not).
- Close the connection after a set idle time.
- Close the connection after a set maximum time.
Those filters end up rejecting more than 99.9% of the incoming connections to my mail server. As a result, I receive (on average) less than one spam message PER WEEK! (Down from a high of 70+ per day.) Regular correspondance with real people has not suffered.
Graylisting deserves special mention. As of 2007, its not widely used (and therefore still effective against spammers). Heres how it works:
An incoming connection is received and the sender and recipient are identified.
A log is consulted to see if the sender has sent email to the recipient before. If so, the message is accepted. If not, the message is rejected with a temporary rejection code and a log entry is made.
When the remote mail server retries the message (usually only a few minutes later), the previously-logged connection is noted and the message is accepted.
Simple, right? After the system is activated, regular correspondents first email is delayed a few minutes. After that, there are no delays. But the spam stops because most spammers dont retry their deliveries! Even when they do, they usually change their sender address to a new (fake) one, which gets graylisted.
Graylisting is amazing and makes a tremendous difference (for now). spamdyke will also:
- Bypass all filters if the remote servers IP address is listed in an IP whitelist file.
- Bypass all filters if the remote servers reverse DNS entry is listed in a domain name whitelist file.
- Log meaningful messages to the syslog (very unlike qmails logs).
- Log all SMTP traffic to aid diagnosing problems.
Enhancements:
- This release fixes a serious bug that was causing lost mail when the remote server sent the message and disconnected in a burst without waiting for a response.
- Code has been added to translate bare line feeds into carriage return+line feeds.
- Support has been added for MUAs that send their username with their AUTH LOGIN command.
<<lessFor anyone who runs a mail server, spam is a problem. Its a huge problem and its only getting bigger. Unfortunately, qmail doesnt have many facilities for dealing with spam. qmail also doesnt do good logging. The qmail logs are probably useful to qmail developers but not to system administrators. Consider:
- Qmail doesnt log with a human-readable time format.
- Qmail logs dont track usable information (like senders and recipients).
- Qmail doesnt log to a single log file, making it very difficult to track an email from connection to delivery.
- Qmail logs roll over after a set size is reached (could be a few hours, could be a few minutes).
All of these things makes qmail very difficult to troubleshoot or monitor. spamdyke solves this. It monitors incoming traffic, acting as a middleman between qmail and the remote server. It catches the sender and recipient addresses as they go by and logs them to syslog. If it sees something it doesnt like (e.g. a blacklisted sender), it cuts the connection, closes qmail and fakes the rest of the SMTP transaction with the remote server. qmail thinks the remote server disconnected normally. The remote server thinks qmail is rejecting the message. Its the best of both worlds.
Some history: DJBs ucspi-tools package includes a handy little program called rblsmtpd for checking incoming SMTP connections against a DNSRBL. Initially, this seemed like a great thing (and it was) but it didnt go far enough. Lots of spam still came through. So after extending rblsmtpd to do more and more and more things, a limit was finally reached where it wouldnt go any further. Thus, spamdyke was born.
Main features:
- Reject the connection if the remote server has no reverse DNS entry.
- Reject the connection if the remote servers reverse DNS entry does not resolve.
- Reject the connection if the remote servers reverse DNS entry contains its IP address and a prohibited keyword (like "dynamic").
- Reject the connection if the remote servers reverse DNS entry contains its IP address and ends in a country code (whats the japanese word for "dynamic"?).
- Reject the connection if the remote servers IP address is listed in an IP blacklist.
- Reject the connection if the remote servers reverse DNS entry is listed in a domain name blacklist.
- Reject the connection if the remote servers IP address is listed in a given DNS realtime blacklist.
- Reject the connection if the remote server sends data before the SMTP greeting banner is displayed (earlytalkers).
- Reject the connection if the senders address is listed in a sender blacklist file.
- Limit recipients to a maximum number per connection. (Yes, this goes against RFC 821 but legitimate mail servers retry the rejected recipients, spammers dont.)
- Graylist incoming mail to specific domains (some domains can enjoy graylisting while others do not).
- Close the connection after a set idle time.
- Close the connection after a set maximum time.
Those filters end up rejecting more than 99.9% of the incoming connections to my mail server. As a result, I receive (on average) less than one spam message PER WEEK! (Down from a high of 70+ per day.) Regular correspondance with real people has not suffered.
Graylisting deserves special mention. As of 2007, its not widely used (and therefore still effective against spammers). Heres how it works:
An incoming connection is received and the sender and recipient are identified.
A log is consulted to see if the sender has sent email to the recipient before. If so, the message is accepted. If not, the message is rejected with a temporary rejection code and a log entry is made.
When the remote mail server retries the message (usually only a few minutes later), the previously-logged connection is noted and the message is accepted.
Simple, right? After the system is activated, regular correspondents first email is delayed a few minutes. After that, there are no delays. But the spam stops because most spammers dont retry their deliveries! Even when they do, they usually change their sender address to a new (fake) one, which gets graylisted.
Graylisting is amazing and makes a tremendous difference (for now). spamdyke will also:
- Bypass all filters if the remote servers IP address is listed in an IP whitelist file.
- Bypass all filters if the remote servers reverse DNS entry is listed in a domain name whitelist file.
- Log meaningful messages to the syslog (very unlike qmails logs).
- Log all SMTP traffic to aid diagnosing problems.
Enhancements:
- This release fixes a serious bug that was causing lost mail when the remote server sent the message and disconnected in a burst without waiting for a response.
- Code has been added to translate bare line feeds into carriage return+line feeds.
- Support has been added for MUAs that send their username with their AUTH LOGIN command.
Download (0.043MB)
Added: 2007-06-22 License: GPL (GNU General Public License) Price:
858 downloads
chaostables 0.7
chaostables is a package with iptables/netfilter targets that will foil network scanners. more>>
chaostables is a package with iptables/netfilter targets that will foil network scanners. Documentation on how it works and how to reimplement it in userspace are also provided.
Special features include recognition of all nmap scan types including -sS SYN Scan, proactive slowdown of TCP FNX and UDP (50000+%), and providing back fake nondeterministic information.
<<lessSpecial features include recognition of all nmap scan types including -sS SYN Scan, proactive slowdown of TCP FNX and UDP (50000+%), and providing back fake nondeterministic information.
Download (0.46MB)
Added: 2007-08-08 License: GPL (GNU General Public License) Price:
807 downloads
Firestorm 0.5.5
Firestorm is an extremely high performance network intrusion detection system (NIDS). more>>
Firestorm is an extremely high performance network intrusion detection system (NIDS). At the moment it just a sensor but plans are to include real support for analysis, reporting, remote console and on-the-fly sensor configuration. It is fully pluggable and hence extremely flexible. Firestorm performs a lot better than all other systems I have tested (such as snort and prelude) by as much as a factor of 2 (and thats under favourable conditions, it way outstrips the competition under a targeted DoS attack).
A Network Intrusion Detection System is a system which can identify suspicious patterns in network traffic. If a firewall is a doorman, a NIDS is an undercover KGB agent. He silently gathers intelligence and can watch an enemy even if the door security has already let them in (maybe the enemy can make fake identification documents).
Tested Platforms
Linux 2.x
FreeBSD 4.x
OpenBSD
Solaris
Should compile and run on any mainstream UNIX really...
Main features:
- Protocol anomaly detection
- Full application layer decodes
- Fully pluggable
- High performance OS Specific capture module for Linux
- Capture from libpcap files (normal AND redhat extended)
- Packet decode engine fully supports encapsulation
- Decode plugins included for many protocols (see below)
- Comprehensive snort rule support
- Wu-Manber setwise string matching
- Easy to configure; just one config file
- Can run chroot and with lowered privs (when started as root)
- Can run as a realtime process (when started as root)
- Preprocessors to allow supplementary modes of detection (eg: anomaly)
- Full IP defragmentation (passes fragroute evasion tests)
- TCP stateful inspection with window tracking
- Intelligent TCP stream reassembly
- HTTP URL normalization
- EXTREMELY fast and scalable signature engine
- Configurable token-bucket rate-limiting of any alerts
- GNOME2 based analyst console user interface
- Enhanced logging format for ease of analysis
- ELOG indexing for lightning fast sorting and filtering of alerts
<<lessA Network Intrusion Detection System is a system which can identify suspicious patterns in network traffic. If a firewall is a doorman, a NIDS is an undercover KGB agent. He silently gathers intelligence and can watch an enemy even if the door security has already let them in (maybe the enemy can make fake identification documents).
Tested Platforms
Linux 2.x
FreeBSD 4.x
OpenBSD
Solaris
Should compile and run on any mainstream UNIX really...
Main features:
- Protocol anomaly detection
- Full application layer decodes
- Fully pluggable
- High performance OS Specific capture module for Linux
- Capture from libpcap files (normal AND redhat extended)
- Packet decode engine fully supports encapsulation
- Decode plugins included for many protocols (see below)
- Comprehensive snort rule support
- Wu-Manber setwise string matching
- Easy to configure; just one config file
- Can run chroot and with lowered privs (when started as root)
- Can run as a realtime process (when started as root)
- Preprocessors to allow supplementary modes of detection (eg: anomaly)
- Full IP defragmentation (passes fragroute evasion tests)
- TCP stateful inspection with window tracking
- Intelligent TCP stream reassembly
- HTTP URL normalization
- EXTREMELY fast and scalable signature engine
- Configurable token-bucket rate-limiting of any alerts
- GNOME2 based analyst console user interface
- Enhanced logging format for ease of analysis
- ELOG indexing for lightning fast sorting and filtering of alerts
Download (0.22MB)
Added: 2006-07-07 License: GPL (GNU General Public License) Price:
1208 downloads
Data::Faker::StreetAddress 0.07
Data::Faker::StreetAddress is a Data::Faker plugin. more>>
Data::Faker::StreetAddress is a Data::Faker plugin.
DATA PROVIDERS
us_zip_code
Return a random zip or zip+4 zip code in the US zip code format. Note that this is not necessarily a valid zip code, just a 5 or 9 digit number in the correct format.
us_state
Return a random US state name.
us_state_abbr
Return a random US state abbreviation. (Includes US Territories and AE, AA, AP military designations.)
From the USPS list at http://www.usps.com/ncsc/lookups/usps_abbreviations.html
street_suffix
Return a random street suffix (Drive, Street, Road, etc.)
From the USPS list at http://www.usps.com/ncsc/lookups/usps_abbreviations.html
street_name
Return a fake street name.
street_address
Return a fake street address.
secondary_unit_designator
Return a random secondary unit designator, with a range if needed (secondary unit designators are things like apartment number, building number, suite, penthouse, etc that differentiate different units with a common address.)
secondary_unit_number
Return a random secondary unit number, for the secondary unit designators that take ranges.
<<lessDATA PROVIDERS
us_zip_code
Return a random zip or zip+4 zip code in the US zip code format. Note that this is not necessarily a valid zip code, just a 5 or 9 digit number in the correct format.
us_state
Return a random US state name.
us_state_abbr
Return a random US state abbreviation. (Includes US Territories and AE, AA, AP military designations.)
From the USPS list at http://www.usps.com/ncsc/lookups/usps_abbreviations.html
street_suffix
Return a random street suffix (Drive, Street, Road, etc.)
From the USPS list at http://www.usps.com/ncsc/lookups/usps_abbreviations.html
street_name
Return a fake street name.
street_address
Return a fake street address.
secondary_unit_designator
Return a random secondary unit designator, with a range if needed (secondary unit designators are things like apartment number, building number, suite, penthouse, etc that differentiate different units with a common address.)
secondary_unit_number
Return a random secondary unit number, for the secondary unit designators that take ranges.
Download (0.020MB)
Added: 2006-10-25 License: Perl Artistic License Price:
1100 downloads
mod_auth_cookie_mysql2 0.7
mod_auth_cookie_mysql2 is an authentification with cookies against a MySQL db. more>>
mod_auth_cookie_mysql2 is a rewrite of the mod_auth_cookie_mysql module for apache 1.3. Some features were added, some were forgotten.
The module is available for apache 1.3 (mod_auth_cookie_mysql1) and apache 2 (mod_auth_cookie_mysql2). It is tested with mysql 3.x/4.x and and 5.0.x.
The current version of of this module is version 0.7.
If you want to receive a message when a new version is released, please leave your e-mail address in the announcements field at the left top of this site. This will register you to a moderated mailing list. Your e-mail address, will be kept private, it isnt visible to other users and it will not be distributed.
Basic auth is a standard authentication method in the internet. Two big disadvantages are, that on every request the username and password are transmitted to the webserver and there is no possibility to log out without closing the webbrowser.
With this module you can authorize your users with cookies. An external script sets the cookie and this module checks it against a MySQL database. The username/password combination is only one time transferred to the webserver when the external authenticator script (which sets the cookie) checks the user data. The generated cookie consists only of random session data.
So you can, for example, authenticate the user and set the cookie in a ssl connection and then use the cookie in a non-ssl environment and nobody can spy the username/password. Since the cookie is only random session data nobody can "hack" the system by manipulating the cookie values. Additionally you can add checks for session expiry and the correct remote ip on the server side.
Main features:
- Fake Basic Auth with cookies
- Cookie only consists of random session data, no username or password
- Can check expiry information stored in database against cookie
- Can check if the remote IP is equal to the IP stored in database
Enhancements:
- bug fix: return-code of function check_valid_cookies not initialized - thanks to Valerii Valeev
<<lessThe module is available for apache 1.3 (mod_auth_cookie_mysql1) and apache 2 (mod_auth_cookie_mysql2). It is tested with mysql 3.x/4.x and and 5.0.x.
The current version of of this module is version 0.7.
If you want to receive a message when a new version is released, please leave your e-mail address in the announcements field at the left top of this site. This will register you to a moderated mailing list. Your e-mail address, will be kept private, it isnt visible to other users and it will not be distributed.
Basic auth is a standard authentication method in the internet. Two big disadvantages are, that on every request the username and password are transmitted to the webserver and there is no possibility to log out without closing the webbrowser.
With this module you can authorize your users with cookies. An external script sets the cookie and this module checks it against a MySQL database. The username/password combination is only one time transferred to the webserver when the external authenticator script (which sets the cookie) checks the user data. The generated cookie consists only of random session data.
So you can, for example, authenticate the user and set the cookie in a ssl connection and then use the cookie in a non-ssl environment and nobody can spy the username/password. Since the cookie is only random session data nobody can "hack" the system by manipulating the cookie values. Additionally you can add checks for session expiry and the correct remote ip on the server side.
Main features:
- Fake Basic Auth with cookies
- Cookie only consists of random session data, no username or password
- Can check expiry information stored in database against cookie
- Can check if the remote IP is equal to the IP stored in database
Enhancements:
- bug fix: return-code of function check_valid_cookies not initialized - thanks to Valerii Valeev
Download (0.008MB)
Added: 2006-05-25 License: GPL (GNU General Public License) Price:
1249 downloads
Dents 0.3.1
Dents is a from-scratch implementation of the server side of the DNS protocol, sharing no code with any other project. more>>
Dents is a from-scratch implementation of the server side of the DNS protocol, sharing no code with any other project. Among its several features are compatibility with named, a modular driver system and an extensible control facility which allows the administrator to control the running server.
You should have installed glib from the GNOME project (ftp.gtk.org/pub/gtk). It should contain support for POSIX-threads to be thread-safe. Our "./configure" will disable threads if glib doesnt use pthreads. If you would like to use the control facility, you will also need
ORBit (also from the GNOME project) and support for POSIX-threads. The versions being used by some of the developers are:
glib-1.2.4
ORBit-0.4.3 (optional)
but prior versions will also likely work.
Enhancements:
- clients/gdents-admin/mockup.pl (on_zone_info_clicked): Added fake values so you can watch it sort. Havent decided how to display the value of an SOA record. Right now, comma delineated.
- clients/gdents-admin/ctlfac.glade: (zone_info window) added a menubar, statusbars and progressbar, put the old zone_info window in a notebook, put the old zone_info clist in a scrolled window. Added sort routines for the columns.
<<lessYou should have installed glib from the GNOME project (ftp.gtk.org/pub/gtk). It should contain support for POSIX-threads to be thread-safe. Our "./configure" will disable threads if glib doesnt use pthreads. If you would like to use the control facility, you will also need
ORBit (also from the GNOME project) and support for POSIX-threads. The versions being used by some of the developers are:
glib-1.2.4
ORBit-0.4.3 (optional)
but prior versions will also likely work.
Enhancements:
- clients/gdents-admin/mockup.pl (on_zone_info_clicked): Added fake values so you can watch it sort. Havent decided how to display the value of an SOA record. Right now, comma delineated.
- clients/gdents-admin/ctlfac.glade: (zone_info window) added a menubar, statusbars and progressbar, put the old zone_info window in a notebook, put the old zone_info clist in a scrolled window. Added sort routines for the columns.
Download (0.63MB)
Added: 2006-07-05 License: GPL (GNU General Public License) Price:
1209 downloads
FakeBold Font patches for QT 4.3.x 0.1
FakeBold Font patches for QT 4.3.x fake a bold font style and output for some fonts without bold support. more>>
FakeBold Font patches for QT 4.3.x fake a bold font style and output for some fonts without bold support.
It is specially and very useful for CJK fonts. actually it works with all fonts without bold style.
Here I use FT_Glyph_Embolden to get a bold glyph.
These patches is not related to font rendering result, if you want to control font rendering result, please control fontconfig configurations.
Screenshot1: shows bold/bolditalic support with "SOng" and "Hei" Chinese font.
Screenshot1: shows bold/italic support for Chinese,Korean,Yi,Tibetan with Sans fontset(Song,SIL Yi, Tibetan machine uni fonts)
<<lessIt is specially and very useful for CJK fonts. actually it works with all fonts without bold style.
Here I use FT_Glyph_Embolden to get a bold glyph.
These patches is not related to font rendering result, if you want to control font rendering result, please control fontconfig configurations.
Screenshot1: shows bold/bolditalic support with "SOng" and "Hei" Chinese font.
Screenshot1: shows bold/italic support for Chinese,Korean,Yi,Tibetan with Sans fontset(Song,SIL Yi, Tibetan machine uni fonts)
Download (0.004MB)
Added: 2007-08-10 License: GPL (GNU General Public License) Price:
809 downloads
Teamspeak::Telnet 0.3
Teamspeak::Telnet is a Telnet-Interface to administrate Teamspeak-Voice-Server. more>>
Teamspeak::Telnet is a Telnet-Interface to administrate Teamspeak-Voice-Server.
COMMAND OVERVIEW
banadd : add ip ban
banclear : clear banlist
bandel : del ip ban
banlist : show banlist
banplayer : bans a player
checkserverok : checks if server hangs
ci : display channel info
cl : channellist
dbci : display db channel info
dbfp : db find player
dbpi : display db infos about a player
dbserverlist : list all servers from db
dbsuseradd : adds a superadmin to server
dbsuserchangepw : changes password of a superadmin
dbsuserdel : deletes a superadmin from server
dbsuserlist : display superadmin serverlist
dbuseradd : adds a user to server
dbuserchangeattribs : changes rights of a user
dbuserchangepw : changes password of a user
dbuserdel : deletes a user from server
dbuserid : display dbid from loginname
dbuserlist : display server user list
dccl : channel client list
fc : finds a channel
fp : finds a player
gapl : get average packet loss
gi : global information
globalset : set a global variable
help : this helpfile
kick : kick player
ki : kick idlers
lc : list all open tcpquery connections
logfind : search serverlog
login : login to server
logmark : add a line to serverlog
log : show serverlog
mptc : move player to channel
msgall : message to all servers
msg : message to server
msgu : message to user
pi : display infos about a player
pl : playerlist
quit : close connection
rehash : reload server settings
removeclient : remove client
sel : select
serveradd : adds a server
serverdel : deletes a server
serverset : set a server variable
serverstart : start server
serverstop : stop server
si : server information
slogin : superlogin to server
sl : serverlist
sppriv : set user privilege
ver : version
globalset < attribute > < value >
set global attributes
globalset will change the < attribute > of the teamspeak instance and set it to < value >.
These are the currently available attributes and their values:
attribute value
hoster_gfx_url text
Note: This is a URL to a image to be displayed to connected clients, changes to it will only be visible to clients connecting after you changed it - and the changes will not be
saved to the server.ini, meaning will not be permanent over a server restart.
allowedclientnamechars text
Note: This restricts what characters you will allow in nicknames. Users with disallowed characters will get a message when they connect.
disallowedclientnamechars text
Note: This is the little brother of allowedclientnamechars - characters you set here will not be allowed in nicknames, clients will be informed what characters they are using that are not allowed on this server. The default setting for this will be "()[]{}" to prevent flag faking.
<<lessCOMMAND OVERVIEW
banadd : add ip ban
banclear : clear banlist
bandel : del ip ban
banlist : show banlist
banplayer : bans a player
checkserverok : checks if server hangs
ci : display channel info
cl : channellist
dbci : display db channel info
dbfp : db find player
dbpi : display db infos about a player
dbserverlist : list all servers from db
dbsuseradd : adds a superadmin to server
dbsuserchangepw : changes password of a superadmin
dbsuserdel : deletes a superadmin from server
dbsuserlist : display superadmin serverlist
dbuseradd : adds a user to server
dbuserchangeattribs : changes rights of a user
dbuserchangepw : changes password of a user
dbuserdel : deletes a user from server
dbuserid : display dbid from loginname
dbuserlist : display server user list
dccl : channel client list
fc : finds a channel
fp : finds a player
gapl : get average packet loss
gi : global information
globalset : set a global variable
help : this helpfile
kick : kick player
ki : kick idlers
lc : list all open tcpquery connections
logfind : search serverlog
login : login to server
logmark : add a line to serverlog
log : show serverlog
mptc : move player to channel
msgall : message to all servers
msg : message to server
msgu : message to user
pi : display infos about a player
pl : playerlist
quit : close connection
rehash : reload server settings
removeclient : remove client
sel : select
serveradd : adds a server
serverdel : deletes a server
serverset : set a server variable
serverstart : start server
serverstop : stop server
si : server information
slogin : superlogin to server
sl : serverlist
sppriv : set user privilege
ver : version
globalset < attribute > < value >
set global attributes
globalset will change the < attribute > of the teamspeak instance and set it to < value >.
These are the currently available attributes and their values:
attribute value
hoster_gfx_url text
Note: This is a URL to a image to be displayed to connected clients, changes to it will only be visible to clients connecting after you changed it - and the changes will not be
saved to the server.ini, meaning will not be permanent over a server restart.
allowedclientnamechars text
Note: This restricts what characters you will allow in nicknames. Users with disallowed characters will get a message when they connect.
disallowedclientnamechars text
Note: This is the little brother of allowedclientnamechars - characters you set here will not be allowed in nicknames, clients will be informed what characters they are using that are not allowed on this server. The default setting for this will be "()[]{}" to prevent flag faking.
Download (0.026MB)
Added: 2006-12-27 License: Perl Artistic License Price:
1055 downloads
Secleted [ 0 ] software to compare
Copyright Notice:
Software piracy is theft, Using crack, password, serial numbers, registration codes, key generators is illegal and prevent future software development. The above fakes search only lists software in full, demo and trial versions for free download. Download links are directly from our mirror sites or publisher sites, torrent files or links from rapidshare.com, yousendit.com or megaupload.com are not allowed
