Free spy software for linux

VNC Spy monitors network traffic to find keystrokes entered into a VNC viewer. Letters the user types are printed to your screen.

So, for example, if an engineer insists on using VNC to log in from his Windows machine into your network whenever he wants from home, try leaving vncspy running for a while. I like to use the command:

sudo vncspy eth0 | tee keylog

Note that you need to run vncspy as root. You can either su root, or sudo.

This will sniff all keystrokes he enters from home to his VNC server. Assuming he has to enter his user name and password to log-on, you should see his user name in the keylog, followed by his password. Its that simple!

When you get his password, try writing it on a sticky-note, and pasting it on his monitor. Ive found showing people their passwords to be very effective at improving their security habits.

Usage:

vncspy must be run as root. It takes only one optional parameter, the interface to sniff on. If left out, it will use the first interface on your system, typically eth0.

Compling:

The only major dependency for vncspy is the pcap development library. On Debian or Ubuntu, you may issue a command like:

sudo apt-get install libpcap0.8-dev

If your system does not have libpcap available, you can install it from source from:

http://www.tcpdump.org.

Once you have libpcap, compiling vncspy is simple. Just type:

make

It should create the vncspy program. Let me know if you need help.

Header Spy is an extension which shows HTTP headers on statusbar.
Main features:
- Up to 5 statusbar panels;
- Request and response headers;
- Custom headers;
- Tooltip headers;
- Menu with headers for statusbar panels;

KBoincSpy is a KDE monitor and control utility for the BOINC client. KBoincSpy displays a lot of useful information about the computation of work units, such as the percent of work done, and estimates of the completion time and credits granted.
For some projects like SETI@home and ClimatePrediction.net, it also reports some interesting data about the content and significance of each work unit being analyzed.
It can be also used to control the behavior of the BOINC client, allowing the user to attach to (as well as detach from) projects, start/stop the computation, or suspend all network communications.
Its interface design was inspired by SETI Spy, a Windows monitoring utility for SETI@home Classic written by Roelof Engelbrecht.
The Berkeley Open Infrastructure for Network Computing is a software platform for distributed computing. It enables organizations who oversee scientific projects requiring extensive computing resources to easily set up and maintain a distributed computing infrastructure.
By downloading the BOINC distributed computing client, each of the hundreds of thousands of participants worldwide can select the scientific projects more to his/her liking and assign some computing resources to them.
Enhancements:
- This release focuses on reaching almost feature parity with the latest BOINC client from Berkeley (the 5.x series).
- Among the new features were an attach-to-project wizard, host and user statistics graphs, and Web links.
- This version also features new translations to eight languages. Precompiled packages are available for the x86 and x86-64 architecture versions of the Fedora, Gentoo, Mandriva, Slackware, and SuSE Linux distributions.

ZOOM::IRSpy::Maintenance is a maintenance documentation for IRSpy.
The IRSpy application is implemented by five components:
- A library of classes within the ZOOM::IRSpy "namespace".
- A command-line invocation script called irspy
- A web-based UI - either this or the command-line script can be used to run the spy software, but the latter is more capable in that it also provides ways to interrogate the database of results.
- A small additional library, ZOOM::Pod, which is used by IRSpy and which is more conveniently included in this distribution than released and maintained separately.
- The configuration for a Zebra database that stores the harvested information.
These components are discussed in turn.

Duplicity backs directories by producing encrypted tar-format volumes and uploading them to a remote or local file server.
Because duplicity uses librsync, the incremental archives are space efficient and only record the parts of files that have changed since the last backup. Because duplicity uses GnuPG to encrypt and/or sign these archives, they will be safe from spying and/or modification by the server.
The duplicity package also includes the rdiffdir utility. Rdiffdir is an extension of librsyncs rdiff to directories---it can be used to produce signatures and deltas of directories as well as regular files. These signatures and deltas are in GNU tar format.
Main features:
Easy to use: Although duplicity is a command-line utility, the semantics are relative simply. To take a basic example, this command:
- duplicity /usr scp://host.net/target_dir
- backs up the /usr directory to the remost host host.net via scp.
Encrypted and signed archives: The archives that duplicity produces can be encrypted and signed using GnuPG, the standard for free software cryptology. The remote location will not be able to infer much about the backups other than their size and when they are uploaded. Also, if the archives are modified on the remote side, this will be detected when restoring.
Bandwidth and space efficient: Duplicity uses the rsync algorithm so only the changed parts of files are sent to the archive when doing an incremental backup. For instance, if a long log file increases by just a few lines of text, a small diff will be sent to and saved in the archive. Other backup programs may save a complete copy of the file.
Standard file format: Athough archive data will be encrypted, inside it is in standard GNU-tar format archives. A full backup contains normal tarballs, and incremental backups are tar archives of new files and the deltas from previous backups. The deltas are in the format produced by librsyncs command-line utility rdiff.
- Although you should never have to look at a duplicity archive manually, if the need should arise they can be produced and processed using GnuPG, rdiff, and tar.
Choice of remote protocol: Duplicity does not make many demands on its archive server. As long as files can be saved to, read from, listed, and deleted from a location, that location can be used as a duplicity backend. Besides increasing choice for the user, it can make a server more secure, as clients only require minimal access.
- Currently local file storage, scp/ssh, ftp, rsync, and Amazon S3 are supported, and others shouldnt be difficult to add.

RFDump is a backend GPL tool to directly interoperate with any RFID ISO-Reader to make the contents stored on RFID tags accessible. This makes the following types of audits possible:
Test robustness of data-structures on the reader and the backend-application
Proof-of-concept manipulations of RFID tag contents
Clone / copy & paste User-Data stored on RFID tags
Audit tag-security features
Due to the overwhelming feedback we received since presenting RFDump at the Blackhat Conference 2004 in Las Vegas (check out the slides from our presentation) we are working on making his Web Site a portal for information exchange regarding RFID technology. The intention is to build a forum where all people interested or concerned about RFID technolgy can discuss and exchange their opinion in an open environment.
RFDump is a tool to detect RFID-Tags and show their meta information: Tag ID, Tag Type, manufacturer etc. The User-Data of a tag can be displayed and modified using either a Hex or an ASCII editor. In addition, the integrated cookie feature demonstrates how easy it is for a company to abuse RFID technology to spy on their customers. RFDump works with the ACG Multi-Tag Reader or similar card reader hardware.
Main features:
- Runs on Linux, Windows
- Supports ACGs PCMCIA/CF Multi-Tag Readers
- Decodes the tag type, tag ID and manufacturer
- Displays tag memory in Hex and ASCII encoding
- Allows to write memory using Hex or ASCII editor
- NEW: Full 14443 a/b Support
- NEW: Support for Mifare sector keys
- NEW: Cookie feature using arbitrary cookie ID and automatically incrementing counter
- NEW: Brute-Force cracking of access control cards (sector keys)
- NEW: Audit of encrypted RFID tags check for "default" Shipping Keys
- NEW: Save and restore of Mifare Cards incl. Sector-Keys
- NEW: Multi baudrate reader support, RFDump can set boud rate
- NEW: Scan-Option
- NEW: Config-Menus
Supported Tag Types:
ISO 15693: Tag-it ISO, My-d, I-Code SLI, LRI512, TempSense
ISO 14443 A: Mifare Standard(1,2), Mifare UltraLight(1,2)
ISO 14443 B: SR176(1,2)
Tag-it
I-Code
Recommended Hardware:
Linux/Windows PC or HP iPAQ PDA with Linux
ACG Multi-Tag Reader, in a CF-Flash Socket or PCMCIA Adapter
13.56 MHz Tags for testing
Enhancements:
- Support was added for access control cards, ISO 14443 a/b.
- Support for brute force cracking of sector keys on encrypted rfid tags was added.
- Support for multi-baud rate readers was added.
- Support for cloning access cards was added.
- Minor bugs were fixed.

RearSite is a simple collaborative Web site manager. RearSite is an automated Web publishing tool allowing to control who is allowed to access the published documents and also to manage per directories collaboratives tools well adapted to distance learning (forums, chats, shareable calendars, or multimedia quizzes).

An administrator can create users accounts (user name, user passwd, and user home directory), users get logged in and then receive access to their documents.


RearSite is written in PERL (CGI.pm based) and use a FastCGI compliant HTTP server (like APACHE).

Using RearSite is quite simple : after login, the user has access to his home dir and is able to delete, rename, create and edit documents. RearSite is well adapted to install WWW directories previously cooked (using any editors). Its very easy to transfer and install archives (ZIP, tar or tar.gz by now), they are automatically unpacked.

Published documents are public (by default), access restriction may be done using user/password couples, DNS domains or LDAP filters.

The user interface is WWW forms like, so RearSite only needs (on the client side) a Java, JavaScript and frames compliant WWW browser (accepting cookies).

RearSite is now quite secured, the login process (developped in Java) use an MD5 encryption of the user password (combined with a one time key). So, people spying the network cannot use the keys they may have seen. After login, users receive a cookie associated with their computers IP numbers.

RearSite also allows the user to specify who can retrieve his documents by configuring access rights :

documents are public (the default).
documents are restricted to users coming from trusted domains.
documents are restricted to users coming from trusted domains or to HTTP authenticated users.
* documents are restricted to class of users existing in an LDAP directory. This kind of HTTP client authentication needs auth_ldap for Apache (See restricted access by users classes).

Since 1.1, if the administrator wants it, the user is able to use templates to specify per directories access rights. By default (and as an example), the user can easily say that a directory is public, for frenchies only or for frenchies excepted those in the ripoux.fr domain (french joke!).

The user is also able to share his directories with other RearSite users (trusted users). When a directory is shared, a trusted user user is able to delete, rename, add ... files within the directory he received rights for.

The user is also able to recursively process all the file names of all his embeded directories. The functionality provided is to rename all files (lowercase, replace a string within all file names, ...) which simplyfies migration from systems with case-insensitive file names. These functionalities are available by selecting the Special tools button which also give a way to export the current directory within an archive (ZIP or tar.gz).

Since 1.4, a forum can directly be attached to each directories. When a user wants to create a forum, the result is a Forum.html file located within the current directory. This file will give access to the forum. People having access to this file are allowed to post in the forum.

Since 1.6, a chat can directly be attached to each directories. When a user wants to create a chat, the result is a Chat.html file located within the current directory. This file will give access to the chat. People having access to this file are allowed to talk in the chat.

Since 1.9, a shareable calendar can be directly attached to each directories. When a user wants to create a calendar, the result is a Calendar.html file located within the current directory. This file will give access to the calendar. People having access to this file are allowed to read the calendar. Only the owner of a calendar is allowed to update it, but he may allow other users. Accessing his calendar via RearSite allows the owner to update it immediatly. When accessing a calendar via a normal WWW access, the user (owner or not) must be authenticated (via Rearsite configured authentication scheeme) before being allowed to update it.

The chat,forum and calendar functionalities are accessible via the Communications button, they have been designed for distance learning purposes but can easily be used for any groupware needs.

Anti-Paranoia is an extension which takes all your doubts and gives you confidence.

Especially if you are working on security, you might get the feeling that your part of something really big and maybe even evil.

How can your extension help me? It will pop up calmative messages for you to feel relaxed while browsing the web.

No, this extension will not spy and destroy your personal data, remember: Everything is good!