Free proactive software for linux

Real-Time Proactive Secret Sharing Library is an implementation of the Shamirs secret sharing scheme and Herzbergs proactive secret sharing algorithm.

Real-Time Proactive Secret Sharing Library targets the RTAI OS. It includes a port of GNU GMP to RTAI, which is used for multiple precision arithmetic operations.

to run the rt-pss

./start_pss ID (*) ID should be between 0 and PSSW_NUMBER_OF_MACHINES-1(this constant is defined in src/share_app_pssw.h)
(*) each local RT-PSS should be executed with a
different ID starting with 0
(*) you must have superuser privilegies to do that.

to stop the rt-pss


./stop_pss (*) be sure that no applications that uses the RT-PSS are
running.
(*) you must have superuser privilegies to do that.

developing RT-PSS Apps

There is a demo application available in the directory: examples/GetShare. The RT-PSS API can be consulted in the file README.API

Squidview is a program that displays the squid proxy server log file in a nice fashion, providing the log file is in squids native reporting fashion. It has features such as search, report generation, monitor mode and supports three log files.

Thus, the program can be used to monitor Internet usage on a networked site. But please note squid has to be running first and this program is not a proactive resource controller. What it can do is tell you who and which sites are consuming the most bandwidth.

Installation:

If "configure" and "make" are successful:

make install-strip

"make install-strip" will provide a smaller executable than "make install" because the latter has quite a bit of debugging information with it.

Or if you arent the superuser the program will still run if you have read access to the squid log file.

This program assumes the main squid log file is here:
/usr/local/squid/var/logs/access.log

If it isnt just symlink it appropriately from the following default. This directory and links are made in the users home space when squidview is first run by the user.

graeme@localhost:~/.squidview$ ls -l
HOWTO -> /usr/local/share/squidview/HOWTO
log1 -> /usr/local/squid/var/logs/access.log
log2 -> log1
log3 -> log1
users
words

In this case squidview expects the primary log to be "log1", and the symlink redirects it to where the file actually is. Three log locations are supported which gives you a bit of room for accomodating rotating logs.

PhishBouncer project is an advanced Java HTTP(S) proxy with anti-phishing capabilities.
PhishBouncer is an anti-phishing platform based on an HTTP/HTTPS proxy integrating anti-phishing checks that do not depend on block lists or Phish signatures. The checking algorithms make use of the attributes of the web-site being visited, the structure and properties of the referring URL, and the web-sites association with other legitimate web-sites that the user interacts with. The checks are implemented as plug-in interceptors, and it is easy to modify them and add or remove new checks. Apart from defense against Phishing, PhishBouncer is also a platform for developing and testing new anti-Phishing checks.
For ease of rapid prototyping and testing of anti-Phishing checks with real and reliable test data, a crawl-and-drive framework is also provided-- all you need is an APWG membership to be able to download Phish Reports from APWG and follow the instructions provided. This framework will periodically download new Phish URLs from APWG, and visit the Phish sites using the PhishBouncer proxy first without and then with the anti-Phishing checks. All results are logged so that dead or broken sites (i.e., sites that produced errors in either visit) can be culled, and the remaining data can be used to obtain an accurate count of how many Phish sites were flagged by the currently active checks.
The HTTP/HTTPS proxy framework can also be used to insert other types of adaptive behavior in the HTTP/HTTPS based interaction by replacing the plug-in interceptors executing anti-phishing checks by other interceptors that performs logging, filtering (as in parental control), load-balancing, QoS-based redirection etc.
PhishBouncer was developed by BBN under an R&D project supported by the Homeland Security Advanced Research Project Agency (HSARPA), under its Cyber Security R&D program.
Main features:
- Implemented in Java, therefore less vulnerable to traditional exploits (e.g., buffer overflow attacks)
- Architectural solution with stronger guarantees than browser plug-ins (can catch phishing attacks even if the browser is closed or not part of the communication)
- Browser independent - supports all web browsers
- Operating system independent - supports all operating systems that can run Java
- Highly customizable deployment options - runs on user hosts, wireless routers, or network server
- Open framework and plug-in architecture - allows easy addition of new checks
- Attribute-based detection - provides protection against unknown phishing attacks
- Supports reactive and proactive anti-phishing checks
- Supports HTTP and HTTPS

Nagios (formerly Netsaint) is a daemon written in C that is designed to monitor networked hosts and services.
Nagios project has the ability to notify contacts (via email, pager or other methods) when problems arise and are resolved. Host and service checks are performed by external "plugins", making it easy to write custom checks in your language of choice.
Several CGIs are included in order to allow you to view the current and historical status via a Web browser, and a WAP interface is also provided to allow you to acknowlege problems and disable notifications from an internet-ready cellphone.
Main features:
- Monitoring of network services (SMTP, POP3, HTTP, NNTP, PING, etc.)
- Monitoring of host resources (processor load, disk and memory usage, running processes, log files, etc.)
- Monitoring of environmental factors such as temperature
- Simple plugin design that allows users to easily develop their own host and service checks
- Ability to define network host hierarchy, allowing detection of and distinction between hosts that are down and those that are unreachable
- Contact notifications when service or host problems occur and get resolved (via email, pager, or other user-defined method)
- Optional escalation of host and service notifications to different contact groups
- Ability to define event handlers to be run during service or host events for proactive problem resolution
- Support for implementing redundant and distributed monitoring servers
- External command interface that allows on-the-fly modifications to be made to the monitoring and notification behavior through the use of event handlers, the web interface, and third-party applications
- Retention of host and service status across program restarts
- Scheduled downtime for suppressing host and service notifications during periods of planned outages
- Ability to acknowledge problems via the web interface
- Web interface for viewing current network status, notification and problem history, log file, etc.
- Simple authorization scheme that allows you restrict what users can see and do from the web interface
Enhancements:
- Fixed bug with processing epn directives in Perl plugins
- Fixed bug with check_result_path config option being ignored
- Added $MAXHOSTATTEMPTS$ and $MAXSERVICEATTEMPTS$ macros
- Fixed bug with incorrect output returned from embedded Perl plugins
- Fixed bug where status data file was not read by CGIs using mmap()
- Fix for CGI segfault
- Program status now updated at least every 5 seconds for addons that watch NDOUtils DB
- Added escape_html_tags option to CGI config file to escape HTML tags in plugin output
- Added optional integration with Splunk into the CGIs
- Added new action and notes URL target frame options to CGI config file
- Added new exclude option to timeperiod definitions for easy on-call rotation definitions

BFBTester is great for doing quick, proactive, security checks of binary programs. BFBTester will perform checks for single and multiple argument command line overflows and environment variable overflows. Versions 2.0-BETA and higher can also watch for
tempfile creation activity to alert the user of any programs using unsafe tempfile names.

The basic syntax for making BFBTester to run is:

bfbtester [-htv] [-d level ] [-r rejects] [-o out-file]
[-x max-execs] -asme file [file2 file3 ...]
Must specify one or more of the following tests:
-s Single Argument Test
-m Multiple Argument Test
-e Environment Variable Test
-a Selects all tests
Options:
-h Print this message
-t Enable tempfile monitoring
-v Print version string
-d level Set debug level (default = 0, max = 2)
-r rejects Comma separated list of binaries to skip
-o out-file Output to out-file rather than stdout
-x max-execs Set maximum executables to run in parallel (default = 250)
file. Specific binary or a directory of binaries to test

You must specify at least one test to run and you must specify either a binary or a directory.

Nagios Config project is a Web-based front end for configuring Nagios 1.x.
Nagios is a host and service monitor designed to inform you of network problems before your clients, end-users or managers do. It has been designed to run under the Linux operating system, but works fine under most *NIX variants as well.
The monitoring daemon runs intermittent checks on hosts and services you specify using external "plugins" which return status information to Nagios. When problems are encountered, the daemon can send notifications out to administrative contacts in a variety of different ways (email, instant message, SMS, etc.). Current status information, historical logs, and reports can all be accessed via a web browser.
Main features:
- Monitoring of network services (SMTP, POP3, HTTP, NNTP, PING, etc.)
- Monitoring of host resources (processor load, disk and memory usage, running processes, log files, etc.)
- Monitoring of environmental factors such as temperature
- Simple plugin design that allows users to easily develop their own host and service checks
- Ability to define network host hierarchy, allowing detection of and distinction between hosts that are down and those that are unreachable
- Contact notifications when service or host problems occur and get resolved (via email, pager, or other user-defined method)
- Optional escalation of host and service notifications to different contact groups
- Ability to define event handlers to be run during service or host events for proactive problem resolution
- Support for implementing redundant and distributed monitoring servers
- External command interface that allows on-the-fly modifications to be made to the monitoring and notification behavior through the use of event handlers, the web interface, and third-party applications
- Retention of host and service status across program restarts
- Scheduled downtime for suppressing host and service notifications during periods of planned outages
- Ability to acknowledge problems via the web interface
- Web interface for viewing current network status, notification and problem history, log file, etc.
- Simple authorization scheme that allows you restrict what users can see and do from the web interface
Enhancements:
- A require_once() statement in cleardb_import.php was fixed.
- The main page was redesigned to be more efficient.
- A problem in services_A1.php was fixed.

Sales-n-Stats project is live help software and real time Web site statistics combined into one sales tracking solution that adds personal touch and customer care to your website.
A free version is available. It includes real time visitor tracking, live help via text chat with customers (VoIP chat exists in the commercial version only), a personal profile and history for every visitor, Web site statistics, extensive sales and marketing reports, and out-of-the-box integration with X-Cart and LiteCommerce shopping cart software.
Also it has free integration modules for phpNuke, Mambo, and osCommerce as well as a PHP toolkit for integration with other e-commerce Web sites.
Main features:
- Text chat with visitors
- Proactive communication
- Content pushing
- Off-line messages
- Messages history
- Real-time visitor monitoring
- History of pageviews and actions
- Geo-Location (IP address lookup)
- Advertising campaigns tracking
- Built-in web statistics reports
- Built-in sales and marketing reports
- Custom reports constructor
- Multi-platform installation packages (Windows, MacOS, Linux, FreeBSD)
Enhancements:
- An improved installation wizard that dramatically reduces installation efforts.
- The installation wizard now supports SFTP and passive FTP mode.
- Built-in integration with Joomla!, Drupal, CRE Loaded, and Zen Cart.
- Skype integration is used for VoiceIP.
- Improved search engine support.
- New search engines have been added.
- CAPTCHA protection in the leave a message form.
- A "Contact us" form of X-Cart or LiteCommerce can be used instead of the standard Sales-n-Stats "Leave a message" form when the "Live help" button is off.
- Many other major and minor improvements in usability and performance.

Openwall GNU/*/Linux (or Owl for short) is a security-enhanced operating system with Linux and GNU software as its core, compatible with other major distributions of GNU/*/Linux. Openwall GNU/*/Linux is intended as a server platform. And, of course, it is free.
Main features:
- While we value quality above feature set, Owl does indeed offer a number of features besides just trying to be more secure.
- Most obviously, Owl can be used as a base for installing whatever software is generally available for GNU/*/Linux systems. It offers some compatibility (read below) for software packages found in or developed for other major Linux distributions, such as Red Hat Linux.
- Additionally, being a server platform, Owl will include a growing set of integrated Internet services.
- Owl includes a complete build environment capable to re-build the entire system from source with one simple command ("make buildworld"). (This is explained in more detail below.)
- Owl supports multiple architectures (currently x86, SPARC, and Alpha), as this lets you use it in more cases and helps us catch certain classes of software bugs earlier, thus improving the reliability of Owl packages.
Security:
- Owl combines several approaches to reduce the number and/or impact of flaws in its software components and impact of flaws in third-party software that one might install on the system.
- The primary approach used is proactive source code review for several classes of software vulnerabilities. However, because of the large amount of code, theres a certain level of "importance" for a software component or a part thereof to be audited. - Currently, only pieces of code which are typically run with privileges greater than those of a regular user and/or typically process data obtained over a network are audited before the corresponding software component is included. This covers relevant code paths in many of the system libraries, all SUID/ SGID programs, all daemons and network services. Other software may be audited when it is already a part of Owl. Potential problems found during the audit are fixed or, in some pathological cases, may prevent the software component from being included. In general, code quality and privilege management are always considered when theres a choice between implementations of a feature. As the project evolves, many of the software components will be replaced with ones of our own.
- When packaged for Owl, the software components are configured or, when necessary, modified in order to provide safe defaults, apply the least privilege principle, and introduce privilege separation. The use of safe defaults, where optional and potentially dangerous features need to be turned on explicitly, lets us audit the pieces of code used in in the default configuration in a more thorough way. Extra systems administration facilities ("owl-control") are provided for managing system features such as the optional SUID/SGID binaries independently from installing the corresponding packages. Every Owl package will have its audit status documented to allow for risk assessment.
- While source code review is the preferred way to deal with software vulnerabilities, it cant be applied in all cases. Typically, when insecure third-party software is installed on an otherwise secure system, "the game" is lost. The only thing an operating system can guarantee is that potential unauthorized access would be limited to those privileges granted to the software in question. However, in the recent years, a number of approaches were developed which reduce the likelihood and/or may reduce the impact of successful real-world attacks on insecure third-party software. Owl will use some of those "hardening" approaches in various parts of the system.
- Owl uses "strong" cryptography within its core components, and already includes some security policy enforcement (proactive password checking with "pam_passwdqc", password and account expiration, network address- based access control) and integrity checking ("mtree") capabilities. It is one of our goals to provide a wide range of security tools with Owl, available for use "out of the box".
Enhancements:
- After many Owl-current snapshots, Owl 2.0 release is finally out.
- Owl 2.0 is built around Linux kernel 2.4.32-ow1, glibc 2.3.6 (with our security enhancements), GCC 3.4.5, and recent versions of over 100 other packages.
- It offers binary- and package-level compatibility for most packages intended for Red Hat Enterprise Linux 4 (RHEL4) and Fedora Core 3 (FC3), as well as for many FC4 packages.
- Additionally, Owl 2.0 uses our new installer, making installation a lot easier than it used to be for Owl 1.1 and below.