Free ntlm software for linux

Cntlm is an authenticating HTTP proxy intended to help you break free from the chains of the proprietary world we all are held prisoners in. You can run and use a free operating system on your computer and honor our noble idea, but you cant hide! Once youre behind the cold steel bars of the corporate proxy server requiring NTLM authentication, your lost.
Here comes Cntlm. It takes the address of your proxy (or proxies) and opens a listening socket, forwarding each request to the proxy (moving in a circular list if the active proxy stops working). Along the way, the forwarded connection is created anew and authenticated or, if available, previously cached connection is reused to achieve higher efficiency and faster responses. When the chain is set up, Cntlm is to be used as the primary proxy. Cntlm also itegrates transparent TCP/IP port forwarding (tunneling) through the parent proxy. Each tunnel opens a new listening socket on the specified local port and forwards all connections to the given host:port behind the parent proxy.
Apparently, the authentication part is similar to NTLMAPS and others, but Cntlm removes many of their shortcomings and inefficiencies. It supports real keep-alive (on both sides) and it caches all authenticated connections for reuse in subsequent requests. It can be restarted without TIME_WAIT delay, uses just a fraction of memory compared to others and by orders of magnitude less CPU. Each thread is completely independent and one cannot block another.
In addition to lower usage of system resources, Cntlm achieves higher throughput.
By caching once opened connections, it acts as an accelerator; instead of 5-way auth handshake for each connection, it transparently removes this requirement, providing direct access most of the time. For example, NTLMAPS doesnt do authentication at once with the initial request - instead, it first connects, sends a probe and disconnects. No sooner than that it connects again and then initiates NTLM handshake. Cntlm also doesnt read the clients complete request including HTTP body into memory, in fact, no traffic is generated except for exchange of headers until the client server connection is fully negotiated. Only then are the request and response bodies multiplexed, directly between client and server sockets. This way, Cntlm avoids most of the TCP/IP overhead of similar proxies. Along with the fact that Cntlm is written in optimized C, it achieves up to twenty times faster responses. The slower the line, the more impact Cntlm has on download speeds.
Memory management audits and profiling are inherent part of the development process. Each change in the code is audited using Valgrind, which acts as a virtual CPU and checks behaviour of each instruction of the application being profiled. Using this marvelous tool, you can uncloak any imbalance in malloc/free calls (double frees or leaks), operations with uninitialized memory, access outside of properly allocated memory and oh so much more.
Enhancements:
- The program automatically and temporarily switches to the NTLM-to-basic mode if the configuration file credentials fail.
- The Debian directory was moved, and packages are created the Debian way.

Apache2::AuthenNTLM is a Perl module to perform Microsoft NTLM and Basic User Authentication.

SYNOPSIS

< Location / >
PerlAuthenHandler Apache2::AuthenNTLM
AuthType ntlm,basic
AuthName test
require valid-user

# domain pdc bdc
PerlAddVar ntdomain "name_domain1 name_of_pdc1"
PerlAddVar ntdomain "other_domain pdc_for_domain bdc_for_domain"

PerlSetVar defaultdomain wingr1
PerlSetVar splitdomainprefix 1
PerlSetVar ntlmdebug 1
< /Location >

The purpose of this module is to perform a user authentication via Microsofts NTLM protocol. This protocol is supported by all versions of the Internet Explorer and is mainly useful for intranets. Depending on your preferences setting IE will supply your windows logon credentials to the web server when the server asks for NTLM authentication. This saves the user to type in his/her password again.

The NTLM protocol performs a challenge/response to exchange a random number (nonce) and get back a md4 hash, which is built from the users password and the nonce. This makes sure that no password goes over the wire in plain text.

The main advantage of the Perl implementation is, that it can be easily extended to verify the user/password against other sources than a windows domain controller. The defaultf implementation is to go to the domain controller for the given domain and verify the user. If you want to verify the user against another source, you can inherit from Apache2::AuthenNTLM and override its methods.

To support users that arent using Internet Explorer, Apache2::AuthenNTLM can also perform basic authentication depending on its configuration.

IMPORTANT: NTLM authentification works only when KeepAlive is on. (If you have set ntlmdebug 2, and see that there is no return message (type 3), check your httpd.conf file for "KeepAlive Off". If KeepAlive Off, then change it to KeepAlive On, restart Apache, and test again).

NTLM Authorization Proxy Server is a proxy software that allows you to authenticate via an MS Proxy Server using the proprietary NTLM protocol.
Since version 0.9.5 APS has an ability to behave as a standalone proxy server and authenticate http clients at web servers using NTLM method.
It can change arbitrary values in your clients request header so that those requests will look like they were created by MS IE. It is written in Python v1.5.2 language.
Main features:
- supports NTLM authentication via parent proxy server (Error 407 Proxy Authentication Required);
- supports NTLM authentication at web servers (Error 401 Access Denied/Unauthorized);
- supports translation of NTLM scheme to standard "Basic" authentication scheme;
- supports the HTTPS CONNECT method for transparent tunnelling through parent proxy server;
- has ability to change arbitrary values in clients request headers;
- supports unlimited number of client connections;
- supports connections from external hosts;
- supports HTTP 1.1 persistent connections;
- stores users credentials in config file or requests password from a console during the start time;
- supports intelligent failure detection and failover between multiple upstream proxies;
Enhancements:
- This release fixes a minor bug with Python 1.5.2 compatibility.

GNU Wget is a free software package for retrieving files using HTTP, HTTPS and FTP, the two most widely-used Internet protocols.
It is a non-interactive commandline tool, so it may easily be called from scripts, cron jobs, terminals without Xsupport, etc.
Main features:
- Can resume aborted downloads, using REST and RANGE
- Can use filename wild cards and recursively mirror directories
- NLS-based message files for many different languages
- Optionally converts absolute links in downloaded documents to relative, so that downloaded documents may link to each other locally
- Runs on most UNIX-like operating systems as well as Microsoft Windows
- Supports HTTP and SOCKS proxies
- Supports HTTP cookies
- Supports persistent HTTP connections
- Unattended / background operation
- Uses local file timestamps to determine whether documents need to be re-downloaded when mirroring
- GNU wget is distributed under the GNU General Public License.
Enhancements:
- A buffer overrun in the NTLM code was fixed.

mpop project is a small and fast POP3 client with header based mail filtering capabilities.
mpop is released under the GPL with the additional exemption that compiling, linking, and/or using OpenSSL is allowed.
Main features:
- Header based mail filtering: filter junk mail before downloading it
- Delivery to mbox files, maildir folders or a mail delivery agent (MDA)
- Very fast POP3 implementation, using command pipelining
- Authentication methods USER/PASS, APOP, PLAIN, LOGIN and CRAM-MD5 (and GSSAPI, DIGEST-MD5, and NTLM when GNU SASL is used)
- TLS encrypted connections (including server certificate verification and the possibility to send a client certificate)
- IPv6 support
- support for multiple accounts

Applications that collect data from RSS-compliant sites are called RSS readers or "aggregators" RSSOwl is such an application.
RSSOwl lets you gather, organize, update, and store information from any compliant source in a convenient, easy to use interface, save selected information in various formats for offline viewing and sharing, and much more.
Its easy to configure, available in many many languages and the best of all: Its platform-independent.
RSS ("Really Simple Syndication" or "Rich Site Summary") is a document specification that gives users the power to collect and organize Web-based news and information in a more efficient manner.
The owl is a traditional symbol of wisdom, and a quiet, efficient hunter. Youll find RSSOwls "big eyes" a big help when scanning the Webs vast array of RSS sources.
Main features:
- Import your favorite newsfeeds using the OPML format. Most newsreaders support the export of newsfeeds via OPML, making it very easy to switch to RSSOwl and have your bookmarked favorites inside RSSOwl.
- Bookmark your favorite newsfeeds in nested categories. Set properties like "auto-update-interval", "open on startup" or "reload on startup".
- RSSOwl helps you finding a suitable title for your favorites. Just click the "Grab title from newsfeed" button and RSSOwl will scan the newsfeed for the title and use it for the new favorite.
- Create collections of newsfeeds other may subscribe to. A subscription is a file that contains newsfeeds. Placing the subscription online will allow others to subscribe to that collection and have the same newsfeeds inside RSSOwl. The subscription is updated each time RSSOwl is starting.
- Switch on the internal browser to read news that contain HTML. Some newsfeeds use this kind of technique to include images and links.
- Select a newsfeed, a single news or an entire category of newsfeeds to export the content into one of the formats PDF, RTF or HTML. When exporting news into PDF, RSSOwl will create bookmarks showing the titles of all news. These are very helpfull when searching for a particular news inside the PDF document.
- RSSOwls internal panels are highly customizable. Choose between a 2-column and a 3-column layout. Hide and restore the tree containing all favorites and the quickview box. Maximize the tabfolder with a single click in order to view a website inside the internal browser with full size.
- A lot of search-options make RSSOwl a powerful application to search inside a newsfeed or an entire category. The boolean operators "and", "or" and "not" may be combined with the search-term. Common options to only match a whole word, regard case-sensitivity or to use regular expressions are allowed. Results are displayed in the tabfolder and each keyword is highlighted inside the newstext.
- AmphetaRate is a centralized ratings/recommendation service that provides personalized news and blog recommendations. Each news found in your subscribed feeds may be rated "Fantastic", "Good", "Moderate", "Bad" and "Very bad". Your recommendations are computed by Bayesian filtering and an algorithm finding people who share your taste.
- The integrated newsfeed-search engine allows to search for newsfeeds by keyword. Simply enter words like "News" or "Linux" and press the search button. Soon the engine will give out a list of newsfeeds. It is also possible to restrict the search to only match newsfeeds that have the same language that RSSOwl has set. Once the search has finished, import all of them into any category with a single click.
- Tired of copying and pasting newsfeeds out of a website into your newsreader? Simply enter the website containing links to newsfeeds into the feed-discovery and RSSOwl will show all the newsfeeds it has found. Import them into any category with a single click. Or enter the URL to an OPML file and gain access to its newsfeeds - its a breeze!
- The integrated feedvalidator allows to check the validity of a newsfeed. Any error or warning is shown inside the validator, together with the line-number. This feature makes the perfect tool for bloggers as theyre able to test their newsfeeds. RSSOwl provides support for RSS 0.91, 0.92 and 2.0 straight "out of the box".
- Access password protected newsfeeds. RSSOwl 1.0 is supporting the Base authentication which is the original and most compatible authentication scheme. But be prepared for RSSOwl 1.1 coming soon which will also support Digest and NTLM authentication that was introduced with HTTP 1.1.
- A small toolbar above the tree containing all favorites allowes to execute the commands "Reload All Favorites", "Aggregate All Favorites", "Search in all Favorites" and "Mark All Favorites Read". Believe us, its a handy feature. :-)
- Place RSSOwl into the system tray on minimization. As soon as RSSOwl is reloading a newsfeed and detects that new, unread news are available it will tell you so.
- RSSOwl is highly customizable. "Preferences" allow to change fonts, languages, colors, hotkeys and a lot more. Export settings into a file to import them into RSSOwl on a different computer. Switch fonts or make yourself comfortable with RSSOwl by choosing one of the 25 languages available - everything is just a few clicks away!

WebCleaner is a filtering HTTP proxy. It can be customized to your needs.
Main features:
- remove unwanted HTML (adverts, flash, etc.)
- popup blocker
- disable animated GIFs
- filter images by size, remove banner adverts
- compress documents on-the-fly (with gzip)
- reduce images to low-bandwidth JPEGs
- remove/add/modify arbitrary HTTP headers
- configurable over web interface
- usage of SquidGuard blacklists
- antivirus filter module
- detection and correction of known HTML security flaws
- Basic, Digest and (untested) NTLM proxy authentication support
- per-host access control
- HTTP/1.1 support (persistent connections, pipelining)
- HTTPS proxy CONNECT and optional SSL gateway support
Enhancements:
- Compatibility problems with Internet Explorer and the Compress
- filter have been fixed.
- The Blocker filter now allows absolute block URLs.
- The sets of blacklisted domains and advertisement servers have been updated.