Free fakest software for linux

fakechroot project provides a fake chroot environment to programs. A fake chroot allows you to run programs which require root privileges on an unprivileged user account.
For example, you can create a Debian bootstrap or a development environment and build packages inside a chrooted system using a standard non-root user account.
You can then use the apt-get command to install other packages without root privileges.
Enhancements:
- This release includes a new environment variable FAKECHROOT_EXCLUDE_PATH and fixes for the getcwd(3), readlink(2), and mktemp(3) functions.
- The chroot(2) function is now recursive and allows nested chroots.

fakehermes project is a companion program to hermes that implements a fake (and very simple) SMTP server.

Why would I want to run a fake SMTP server?

The main use of fakehermes is to configure it as a secondary MX server. Some spammers will try to send spam directly to your least prefered SMTP server, because some secondary SMTP servers are badly configured and will relay spam to the main SMTP server without any check.

Placing fakehermes as a secondary SMTP server will receive (but not proccess) those spammers connections. Legitimate connections will retry sooner or later on the main SMTP server.

fakehermes will also log all attempts to send email through it with a very detailed log that will log not only who sent the email but also what tricks did they try to send it.

fakehermes does NOT implement a full SMTP server. It will NOT deliver ANY mail, so DO NOT try to use it as your main SMTP server.

Raw Fake AP is a program that emulates valid IEEE 802.11 access points using wireless raw injection.
Raw Fake AP application aims to create both beacon and probe response frames and could be used to "hide" real networks from novice wardrivers or for testing wireless intrusion detection systems.
Main features:
Overall features:
- Raw injection of beacon and probe response frames in monitor mode
- Try to forge coherent sequence numbers and BSS timestamps (depending on driver injection capabilities)
- Try to have a coherent time interval between beacons (which is hard to achieve without a real time kernel)
Command line interface will help you to choose between:
- Randomize Open/WEP/WPA/RSN crypto
- Randomize b/g cards
- Channel hopping
- TXpower hopping
- Randomize ESSIDs (alnum or not)
- Randomize BSSIDs
- Choose beacon interval
- Choose number of fake access points
- Choose a file with valid OUIs
- Choose a file with ESSIDs
- Choose between beacon or probe response frames
- Select a destination MAC address

Firestorm is an extremely high performance network intrusion detection system (NIDS). At the moment it just a sensor but plans are to include real support for analysis, reporting, remote console and on-the-fly sensor configuration. It is fully pluggable and hence extremely flexible. Firestorm performs a lot better than all other systems I have tested (such as snort and prelude) by as much as a factor of 2 (and thats under favourable conditions, it way outstrips the competition under a targeted DoS attack).
A Network Intrusion Detection System is a system which can identify suspicious patterns in network traffic. If a firewall is a doorman, a NIDS is an undercover KGB agent. He silently gathers intelligence and can watch an enemy even if the door security has already let them in (maybe the enemy can make fake identification documents).
Tested Platforms
Linux 2.x
FreeBSD 4.x
OpenBSD
Solaris
Should compile and run on any mainstream UNIX really...
Main features:
- Protocol anomaly detection
- Full application layer decodes
- Fully pluggable
- High performance OS Specific capture module for Linux
- Capture from libpcap files (normal AND redhat extended)
- Packet decode engine fully supports encapsulation
- Decode plugins included for many protocols (see below)
- Comprehensive snort rule support
- Wu-Manber setwise string matching
- Easy to configure; just one config file
- Can run chroot and with lowered privs (when started as root)
- Can run as a realtime process (when started as root)
- Preprocessors to allow supplementary modes of detection (eg: anomaly)
- Full IP defragmentation (passes fragroute evasion tests)
- TCP stateful inspection with window tracking
- Intelligent TCP stream reassembly
- HTTP URL normalization
- EXTREMELY fast and scalable signature engine
- Configurable token-bucket rate-limiting of any alerts
- GNOME2 based analyst console user interface
- Enhanced logging format for ease of analysis
- ELOG indexing for lightning fast sorting and filtering of alerts

Data::Faker::StreetAddress is a Data::Faker plugin.

DATA PROVIDERS

us_zip_code

Return a random zip or zip+4 zip code in the US zip code format. Note that this is not necessarily a valid zip code, just a 5 or 9 digit number in the correct format.

us_state

Return a random US state name.

us_state_abbr

Return a random US state abbreviation. (Includes US Territories and AE, AA, AP military designations.)

From the USPS list at http://www.usps.com/ncsc/lookups/usps_abbreviations.html

street_suffix

Return a random street suffix (Drive, Street, Road, etc.)

From the USPS list at http://www.usps.com/ncsc/lookups/usps_abbreviations.html

street_name

Return a fake street name.

street_address

Return a fake street address.

secondary_unit_designator

Return a random secondary unit designator, with a range if needed (secondary unit designators are things like apartment number, building number, suite, penthouse, etc that differentiate different units with a common address.)

secondary_unit_number

Return a random secondary unit number, for the secondary unit designators that take ranges.

spamdyke is a drop-in filter for qmail to provide connection-time blacklisting, graylisting, DNS RBL checking, improved logging, and more spamdyke project is a standalone program that does not use qmail source code or require patching/recompiling qmail.
For anyone who runs a mail server, spam is a problem. Its a huge problem and its only getting bigger. Unfortunately, qmail doesnt have many facilities for dealing with spam. qmail also doesnt do good logging. The qmail logs are probably useful to qmail developers but not to system administrators. Consider:
- Qmail doesnt log with a human-readable time format.
- Qmail logs dont track usable information (like senders and recipients).
- Qmail doesnt log to a single log file, making it very difficult to track an email from connection to delivery.
- Qmail logs roll over after a set size is reached (could be a few hours, could be a few minutes).
All of these things makes qmail very difficult to troubleshoot or monitor. spamdyke solves this. It monitors incoming traffic, acting as a middleman between qmail and the remote server. It catches the sender and recipient addresses as they go by and logs them to syslog. If it sees something it doesnt like (e.g. a blacklisted sender), it cuts the connection, closes qmail and fakes the rest of the SMTP transaction with the remote server. qmail thinks the remote server disconnected normally. The remote server thinks qmail is rejecting the message. Its the best of both worlds.
Some history: DJBs ucspi-tools package includes a handy little program called rblsmtpd for checking incoming SMTP connections against a DNSRBL. Initially, this seemed like a great thing (and it was) but it didnt go far enough. Lots of spam still came through. So after extending rblsmtpd to do more and more and more things, a limit was finally reached where it wouldnt go any further. Thus, spamdyke was born.
Main features:
- Reject the connection if the remote server has no reverse DNS entry.
- Reject the connection if the remote servers reverse DNS entry does not resolve.
- Reject the connection if the remote servers reverse DNS entry contains its IP address and a prohibited keyword (like "dynamic").
- Reject the connection if the remote servers reverse DNS entry contains its IP address and ends in a country code (whats the japanese word for "dynamic"?).
- Reject the connection if the remote servers IP address is listed in an IP blacklist.
- Reject the connection if the remote servers reverse DNS entry is listed in a domain name blacklist.
- Reject the connection if the remote servers IP address is listed in a given DNS realtime blacklist.
- Reject the connection if the remote server sends data before the SMTP greeting banner is displayed (earlytalkers).
- Reject the connection if the senders address is listed in a sender blacklist file.
- Limit recipients to a maximum number per connection. (Yes, this goes against RFC 821 but legitimate mail servers retry the rejected recipients, spammers dont.)
- Graylist incoming mail to specific domains (some domains can enjoy graylisting while others do not).
- Close the connection after a set idle time.
- Close the connection after a set maximum time.
Those filters end up rejecting more than 99.9% of the incoming connections to my mail server. As a result, I receive (on average) less than one spam message PER WEEK! (Down from a high of 70+ per day.) Regular correspondance with real people has not suffered.
Graylisting deserves special mention. As of 2007, its not widely used (and therefore still effective against spammers). Heres how it works:
An incoming connection is received and the sender and recipient are identified.
A log is consulted to see if the sender has sent email to the recipient before. If so, the message is accepted. If not, the message is rejected with a temporary rejection code and a log entry is made.
When the remote mail server retries the message (usually only a few minutes later), the previously-logged connection is noted and the message is accepted.
Simple, right? After the system is activated, regular correspondents first email is delayed a few minutes. After that, there are no delays. But the spam stops because most spammers dont retry their deliveries! Even when they do, they usually change their sender address to a new (fake) one, which gets graylisted.
Graylisting is amazing and makes a tremendous difference (for now). spamdyke will also:
- Bypass all filters if the remote servers IP address is listed in an IP whitelist file.
- Bypass all filters if the remote servers reverse DNS entry is listed in a domain name whitelist file.
- Log meaningful messages to the syslog (very unlike qmails logs).
- Log all SMTP traffic to aid diagnosing problems.
Enhancements:
- This release fixes a serious bug that was causing lost mail when the remote server sent the message and disconnected in a burst without waiting for a response.
- Code has been added to translate bare line feeds into carriage return+line feeds.
- Support has been added for MUAs that send their username with their AUTH LOGIN command.

reTCP is a user-space TCP connection redirector with special HTTP proxy support. It can fix common flaws in HTTP requests, log data transfer, and do arbitrary transformations on response headers and content.
Options:
-sPORT set source listen (incoming) TCP port to PORT
-SHOST set source listen/bind (incoming) hostname to HOST
-CHOST connect from this HOST to remote (bind() before connect())
-gBOOL do gethostby*() DNS lookups iff BOOL. default: true
-zBOOL go into the background iff BOOL. default: false
-qUINT print global messages of verbosity UINT to stdout. default: 2
-1UINT print per connection messages of verbosity UINT to stdout. default: 2
-el emulate fake Lynx browser (User-agent:, Accept: etc.)
-en emulate fake Netscape 4.61 browser (User-agent:, Accept: etc.)
-e0 dont change browser information. default.
-pBOOL purge HTTP cookies sent by the client iff BOOL. default: false
-rBOOL purge HTTP Referer: sent by the client iff BOOL. default: false
-mBOOL purge HTTP If-modified-since: by the client iff BOOL. default: false
-fBOOL fix browser URLEncode bugs (i.e spaces in the URL). default: true
-iSTR set external Server -> Client filter command. default: none
-HSTR use handshake ("STRn") with external filters. default: none
-v print software version information and exit immediately
-h print this help screen and exit immediately
Enhancements:
- This release fixes a bug related to truncating HTTP request headers to 1024 bytes, adds a -F0 switch to disable forking, and fixes minor memory leaks.

Dents is a from-scratch implementation of the server side of the DNS protocol, sharing no code with any other project. Among its several features are compatibility with named, a modular driver system and an extensible control facility which allows the administrator to control the running server.
You should have installed glib from the GNOME project (ftp.gtk.org/pub/gtk). It should contain support for POSIX-threads to be thread-safe. Our "./configure" will disable threads if glib doesnt use pthreads. If you would like to use the control facility, you will also need
ORBit (also from the GNOME project) and support for POSIX-threads. The versions being used by some of the developers are:
glib-1.2.4
ORBit-0.4.3 (optional)
but prior versions will also likely work.
Enhancements:
- clients/gdents-admin/mockup.pl (on_zone_info_clicked): Added fake values so you can watch it sort. Havent decided how to display the value of an SOA record. Right now, comma delineated.
- clients/gdents-admin/ctlfac.glade: (zone_info window) added a menubar, statusbars and progressbar, put the old zone_info window in a notebook, put the old zone_info clist in a scrolled window. Added sort routines for the columns.