untrusted
Sponsored Links
Sponsored Links
Secleted [ 0 ] software to compare
Results 1 - 15 of about 28
Transec 1.16
Transec is a Java taglib component that provides a secure PIN/TAN/password input via untrusted, insecure Web browsers. more>>
Transec is a Java taglib component that provides a secure PIN/TAN/password input via untrusted, insecure Web browsers.
Only images and coodinates are transferred to the browser.
TRANSEC is a virtual keyboard that can prevent spyware or troyan attacks. Transec is self-explanatory and can be easily used. PIN- and TAN-inputs are visible only for the user.
The user enters his/her data using a virtuall keyboard instead of the common keyboard.
Though Interception of input data is almost impossible.
If at all, only by intercepting all mouseclicks plus each single referred picture an agressor could be succesfull, because the virtual keybourd is randomly rotated after each entry.
This inputmodule can be easily integrated as JSP-taglib in each JSP-Software. It may need minimal adaption (colors etc.).
<<lessOnly images and coodinates are transferred to the browser.
TRANSEC is a virtual keyboard that can prevent spyware or troyan attacks. Transec is self-explanatory and can be easily used. PIN- and TAN-inputs are visible only for the user.
The user enters his/her data using a virtuall keyboard instead of the common keyboard.
Though Interception of input data is almost impossible.
If at all, only by intercepting all mouseclicks plus each single referred picture an agressor could be succesfull, because the virtual keybourd is randomly rotated after each entry.
This inputmodule can be easily integrated as JSP-taglib in each JSP-Software. It may need minimal adaption (colors etc.).
Download (0.14MB)
Added: 2006-11-08 License: GPL (GNU General Public License) Price:
1080 downloads
Systrace 1.6d
Systrace enforces system call policies for applications by constraining the applications access to the system. more>>
The policy is generated interactively. Operations not covered by the policy raise an alarm, allowing an user to refine the currently configured policy.
For complicated applications, it is difficult to know the correct policy before running them. Initially, Systrace notifies the user about all system calls that an application tries to execute. The user configures a policy for the specific system call that caused the warning. After a few minutes, a policy is generated that allows the application to run without any warnings. However, events that are not covered still generate a warning. Normally, that is an indication of a security problem. Systrace improves cyber security by providing intrusion prevention.
Alternatively, policies can be learned automatically. In many instances, the automatically learned policies can be used for sandboxing immediately. Sometimes, minimal manual post-processing is necessary.
With Systrace, untrusted binary applications can be sandboxed. Their access to the system can be restricted almost arbitrarily. Sandboxing applications that are available only as binaries is only sensible, as it is not possible to directly analyze what they are designed to do. However, constraining the system calls that large open-source applications are allowed to execute is useful too, as it is very difficult to determine their correctness.
System call arguments can be rewritten dynamically. This effects a virtual chroot for the sandboxed application. It also prevents race conditions in the argument evaluation.
Main features:
- Confines untrusted binary applications.
- Interactive Policy Generation with Graphical User Interface.
- Supports different emulations:
- GNU/Linux, BSDI, etc..
- System Call Argument Rewriting.
- Non-interactive Policy Enforcement.
- Remote Monitoring and Intrusion Detection.
- Privilege Elevation: Add-on capabilities.
<<lessFor complicated applications, it is difficult to know the correct policy before running them. Initially, Systrace notifies the user about all system calls that an application tries to execute. The user configures a policy for the specific system call that caused the warning. After a few minutes, a policy is generated that allows the application to run without any warnings. However, events that are not covered still generate a warning. Normally, that is an indication of a security problem. Systrace improves cyber security by providing intrusion prevention.
Alternatively, policies can be learned automatically. In many instances, the automatically learned policies can be used for sandboxing immediately. Sometimes, minimal manual post-processing is necessary.
With Systrace, untrusted binary applications can be sandboxed. Their access to the system can be restricted almost arbitrarily. Sandboxing applications that are available only as binaries is only sensible, as it is not possible to directly analyze what they are designed to do. However, constraining the system calls that large open-source applications are allowed to execute is useful too, as it is very difficult to determine their correctness.
System call arguments can be rewritten dynamically. This effects a virtual chroot for the sandboxed application. It also prevents race conditions in the argument evaluation.
Main features:
- Confines untrusted binary applications.
- Interactive Policy Generation with Graphical User Interface.
- Supports different emulations:
- GNU/Linux, BSDI, etc..
- System Call Argument Rewriting.
- Non-interactive Policy Enforcement.
- Remote Monitoring and Intrusion Detection.
- Privilege Elevation: Add-on capabilities.
Download (0.20MB)
Added: 2006-04-24 License: BSD License Price:
1283 downloads
NRobot 0.21
NRobot project is an autonomous robot fighting game. more>>
NRobot project is an autonomous robot fighting game.
Instead of directly controlling a robot, the human playing the game must write a program that acts as the "brain" of the robot.
The robot will then be dumped into the game arena and must attempt to survive on its own. NRobot is written for the ECMA CLR. Its been tested on Mono and on Microsofts .NET framework. Currently, it is functional and "playable".
It comes with three sample robot implementations, so that "out of the box" you can watch a game. One important missing feature is a security architecture: robot code executes with full privileges.
Thus, its recommended that if you are running any robots from untrusted sources, NRobot is run under a user account with no privileges over files you care about.
Its also short on documentation, and the GUI implementations have some rough edges.
<<lessInstead of directly controlling a robot, the human playing the game must write a program that acts as the "brain" of the robot.
The robot will then be dumped into the game arena and must attempt to survive on its own. NRobot is written for the ECMA CLR. Its been tested on Mono and on Microsofts .NET framework. Currently, it is functional and "playable".
It comes with three sample robot implementations, so that "out of the box" you can watch a game. One important missing feature is a security architecture: robot code executes with full privileges.
Thus, its recommended that if you are running any robots from untrusted sources, NRobot is run under a user account with no privileges over files you care about.
Its also short on documentation, and the GUI implementations have some rough edges.
Download (0.38MB)
Added: 2006-11-21 License: GPL (GNU General Public License) Price:
1067 downloads
KeyNote 2.3
KeyNote is a simple and flexible trust-management system designed to work well for applications. more>>
KeyNote is a simple and flexible trust-management system designed to work well for applications.
Trust management, introduced in the PolicyMaker system [BFL96], is a unified approach to specifying and interpreting security policies, credentials, and relationships; it allows direct authorization of security-critical actions. A trust-management system provides standard, general-purpose mechanisms for specifying application security policies and credentials. Trust-management credentials describe a specific delegation of trust and subsume the role of public key certificates; unlike traditional certificates, which bind keys to names, credentials can bind keys directly to the authorization to perform specific tasks.
A language for describing `actions, which are operations with security consequences that are to be controlled by the system.
A mechanism for identifying `principals, which are entities that can be authorized to perform actions.
A language for specifying application `policies, which govern the actions that principals are authorized to perform.
A language for specifying `credentials, which allow principals to delegate authorization to other principals.
A `compliance checker, which provides a service to applications for determining how an action requested by principals should be handled, given a policy and a set of credentials.
The trust-management approach has a number of advantages over other mechanisms for specifying and controlling authorization, especially when security policy is distributed over a network or is otherwise decentralized.
Trust management unifies the notions of security policy, credentials, access control, and authorization. An application that uses a trust- management system can simply ask the compliance checker whether a requested action should be allowed. Furthermore, policies and credentials are written in standard languages that are shared by all trust-managed applications; the security configuration mechanism for one application carries exactly the same syntactic and semantic structure as that of another, even when the semantics of the applications themselves are quite different.
Trust-management policies are easy to distribute across networks, helping to avoid the need for application-specific distributed policy configuration mechanisms, access control lists, and certificate parsers and interpreters.
For a general discussion of the use of trust management in distributed system security, see [Bla99].
KeyNote is a simple and flexible trust-management system designed to work well for a variety of large- and small- scale Internet-based applications. It provides a single, unified language for both local policies and credentials. KeyNote policies and credentials, called `assertions, contain predicates that describe the trusted actions permitted by the holders of specific public keys. KeyNote assertions are essentially small, highly-structured programs. A signed assertion, which can be sent over an untrusted network, is also called a `credential assertion. Credential assertions, which also serve the role of certificates, have the same syntax as policy assertions but are also signed by the principal delegating the trust.
In KeyNote:
Actions are specified as a collection of name-value pairs.
Principal names can be any convenient string and can directly represent cryptographic public keys.
The same language is used for both policies and credentials.
The policy and credential language is concise, highly expressive, human readable and writable, and compatible with a variety of storage and transmission media, including electronic mail.
The compliance checker returns an application-configured `policy compliance value that describes how a request should be handled by the application. Policy compliance values are always positively derived from policy and credentials, facilitating analysis of KeyNote-based systems.
Compliance checking is efficient enough for high-performance and real-time applications.
This document describes the KeyNote policy and credential assertion language, the structure of KeyNote action descriptions, and the KeyNote model of computation.
<<lessTrust management, introduced in the PolicyMaker system [BFL96], is a unified approach to specifying and interpreting security policies, credentials, and relationships; it allows direct authorization of security-critical actions. A trust-management system provides standard, general-purpose mechanisms for specifying application security policies and credentials. Trust-management credentials describe a specific delegation of trust and subsume the role of public key certificates; unlike traditional certificates, which bind keys to names, credentials can bind keys directly to the authorization to perform specific tasks.
A language for describing `actions, which are operations with security consequences that are to be controlled by the system.
A mechanism for identifying `principals, which are entities that can be authorized to perform actions.
A language for specifying application `policies, which govern the actions that principals are authorized to perform.
A language for specifying `credentials, which allow principals to delegate authorization to other principals.
A `compliance checker, which provides a service to applications for determining how an action requested by principals should be handled, given a policy and a set of credentials.
The trust-management approach has a number of advantages over other mechanisms for specifying and controlling authorization, especially when security policy is distributed over a network or is otherwise decentralized.
Trust management unifies the notions of security policy, credentials, access control, and authorization. An application that uses a trust- management system can simply ask the compliance checker whether a requested action should be allowed. Furthermore, policies and credentials are written in standard languages that are shared by all trust-managed applications; the security configuration mechanism for one application carries exactly the same syntactic and semantic structure as that of another, even when the semantics of the applications themselves are quite different.
Trust-management policies are easy to distribute across networks, helping to avoid the need for application-specific distributed policy configuration mechanisms, access control lists, and certificate parsers and interpreters.
For a general discussion of the use of trust management in distributed system security, see [Bla99].
KeyNote is a simple and flexible trust-management system designed to work well for a variety of large- and small- scale Internet-based applications. It provides a single, unified language for both local policies and credentials. KeyNote policies and credentials, called `assertions, contain predicates that describe the trusted actions permitted by the holders of specific public keys. KeyNote assertions are essentially small, highly-structured programs. A signed assertion, which can be sent over an untrusted network, is also called a `credential assertion. Credential assertions, which also serve the role of certificates, have the same syntax as policy assertions but are also signed by the principal delegating the trust.
In KeyNote:
Actions are specified as a collection of name-value pairs.
Principal names can be any convenient string and can directly represent cryptographic public keys.
The same language is used for both policies and credentials.
The policy and credential language is concise, highly expressive, human readable and writable, and compatible with a variety of storage and transmission media, including electronic mail.
The compliance checker returns an application-configured `policy compliance value that describes how a request should be handled by the application. Policy compliance values are always positively derived from policy and credentials, facilitating analysis of KeyNote-based systems.
Compliance checking is efficient enough for high-performance and real-time applications.
This document describes the KeyNote policy and credential assertion language, the structure of KeyNote action descriptions, and the KeyNote model of computation.
Download (0.13MB)
Added: 2006-07-14 License: (FDL) GNU Free Documentation License Price:
1253 downloads
stephanie 3.0
stephanie is a program for hardening OpenBSD for multiuser environments. more>>
stephanie is a program for hardening OpenBSD for multiuser environments.
Mmmmm, OpenBSD. Functional, secure, free. With an emphasis on security and integrated cryptography, it carries an excellent reputation for plain old "you-just-cant-hack-this-ness". Not perfect, but nothing is, at least theyre not wearing suits and lying to you.
There are a few roles where i believe OpenBSD fits perfectly. One of these is in multiuser environments, where you have large numbers of possibly malicious users with local access. Here the OpenBSD teams commitment to auditing and fixing code provides a level trust in the environment which is hard to find elsewhere. Also, their efforts to provide integrated cryptography means setting up secure access is easy. So, lets take advantage of the freely available source and tailor it to our specific needs.
Details:
In Phrack 54, route|Mike Schiffman wrote a series of patches for OpenBSD 2.4 for Trusted Path Execution (TPE). Stephanie brings a modified version of these up to speed for OpenBSD 2.8 - 3.0, along with some additional features. A trusted path is one where the parent directory is owned by root and is neither group or other writeable. The TPE works off an internal list of trusted user ids. If a given user tries to execute a file not in a trusted path, and their user id is not in the kernels trusted list, they are denied execution privileges. In real terms, this means they cant download, compile and run krad-sploit.c.
In addition to the TPE, a series of privacy patches came along too. Originally supplied as patches for the individual utilities, these are now implemented through kvm(3), and honour trusted users (ie, trusted users are allowed to see all system information). As a practical example, this means that untrusted users will only be able to see information about processes they own, and the stat tools (netstat, iostat, vmstat, etc) will generally be broken for them. It has been pointed out that by going through trying to kill every possible process id you can find other users processes, but you cant really gain any information on them, so this is not really a great concern.
The original TPE patches had one known way of bypassing the execution restrictions, which was using shell redirection to allow arbitrary interpreted language scripts to be run (perl, sh, etc). This has been fixed up, but could possibly be a big pain in the ass, so please pay attention. When an interpreter is invoked, like most things, it creates a new process group with a job count of one. When a series of commands are connected via the | character on the command line, all the commands belong to the same process group and the job count represents the number of commands eg ps -ax | grep something | awk {print $1} has a job count of three, and the ps, grep and awk processes all belong to the same process group.
The one exception to this is when a user logs in, where we find their shell has its job count set to zero. So how can we use this to prevent shell redirection for a given set of programs? We need to be able to distinguish between ordinary commands and interpreters. At the moment this is done by setting the immutable flag on them. So, in kern_exec(), if we find an untrusted user executing something with the immutable flag set and a job count greater than zero, we flag the process as being potentially dodgy. Then in other system calls we disallow read()ing from fd 0 (stdin) and things like dup2(0, n) if the process has been flagged.
There are two main disadvantages to this. First is the system will need to be brought down to single user mode if the interpreter needs to be patched, and secondly, people will have a hard time suing to an untrusted user. Of course, when a user has shell, they can still type any commands that could otherwise be placed in a shell script, but at the least, this will raise the bar a bit.
Finally, Stephanie brings restricted symbolic links, ala the openwall patches for linux. As time permits, im still working on adding additional features, and will add bits of the openwall stuff i like. The basic goal is to add an extra layer of security without being a monumental pain in the ass to legitimate users, so some things wont be there. I havent added the additional hard link restrictions of the openwall patch, but will do something about this later as time permits.
Installing:
Step by step instructions are presented in the install guide which comes with the source. Read it all first, but its reasonably straight forward. It would be a good idea to read the original article (local copy) if you havent already.
Its distributed under the original two clause BSD license, mess with it all you want, but dont get cranky at me if it breaks something.
You can also read the tpe_adm(8) man page online.
<<lessMmmmm, OpenBSD. Functional, secure, free. With an emphasis on security and integrated cryptography, it carries an excellent reputation for plain old "you-just-cant-hack-this-ness". Not perfect, but nothing is, at least theyre not wearing suits and lying to you.
There are a few roles where i believe OpenBSD fits perfectly. One of these is in multiuser environments, where you have large numbers of possibly malicious users with local access. Here the OpenBSD teams commitment to auditing and fixing code provides a level trust in the environment which is hard to find elsewhere. Also, their efforts to provide integrated cryptography means setting up secure access is easy. So, lets take advantage of the freely available source and tailor it to our specific needs.
Details:
In Phrack 54, route|Mike Schiffman wrote a series of patches for OpenBSD 2.4 for Trusted Path Execution (TPE). Stephanie brings a modified version of these up to speed for OpenBSD 2.8 - 3.0, along with some additional features. A trusted path is one where the parent directory is owned by root and is neither group or other writeable. The TPE works off an internal list of trusted user ids. If a given user tries to execute a file not in a trusted path, and their user id is not in the kernels trusted list, they are denied execution privileges. In real terms, this means they cant download, compile and run krad-sploit.c.
In addition to the TPE, a series of privacy patches came along too. Originally supplied as patches for the individual utilities, these are now implemented through kvm(3), and honour trusted users (ie, trusted users are allowed to see all system information). As a practical example, this means that untrusted users will only be able to see information about processes they own, and the stat tools (netstat, iostat, vmstat, etc) will generally be broken for them. It has been pointed out that by going through trying to kill every possible process id you can find other users processes, but you cant really gain any information on them, so this is not really a great concern.
The original TPE patches had one known way of bypassing the execution restrictions, which was using shell redirection to allow arbitrary interpreted language scripts to be run (perl, sh, etc). This has been fixed up, but could possibly be a big pain in the ass, so please pay attention. When an interpreter is invoked, like most things, it creates a new process group with a job count of one. When a series of commands are connected via the | character on the command line, all the commands belong to the same process group and the job count represents the number of commands eg ps -ax | grep something | awk {print $1} has a job count of three, and the ps, grep and awk processes all belong to the same process group.
The one exception to this is when a user logs in, where we find their shell has its job count set to zero. So how can we use this to prevent shell redirection for a given set of programs? We need to be able to distinguish between ordinary commands and interpreters. At the moment this is done by setting the immutable flag on them. So, in kern_exec(), if we find an untrusted user executing something with the immutable flag set and a job count greater than zero, we flag the process as being potentially dodgy. Then in other system calls we disallow read()ing from fd 0 (stdin) and things like dup2(0, n) if the process has been flagged.
There are two main disadvantages to this. First is the system will need to be brought down to single user mode if the interpreter needs to be patched, and secondly, people will have a hard time suing to an untrusted user. Of course, when a user has shell, they can still type any commands that could otherwise be placed in a shell script, but at the least, this will raise the bar a bit.
Finally, Stephanie brings restricted symbolic links, ala the openwall patches for linux. As time permits, im still working on adding additional features, and will add bits of the openwall stuff i like. The basic goal is to add an extra layer of security without being a monumental pain in the ass to legitimate users, so some things wont be there. I havent added the additional hard link restrictions of the openwall patch, but will do something about this later as time permits.
Installing:
Step by step instructions are presented in the install guide which comes with the source. Read it all first, but its reasonably straight forward. It would be a good idea to read the original article (local copy) if you havent already.
Its distributed under the original two clause BSD license, mess with it all you want, but dont get cranky at me if it breaks something.
You can also read the tpe_adm(8) man page online.
Download (0.014MB)
Added: 2006-03-10 License: GPL (GNU General Public License) Price:
1326 downloads
Sys::Utmp::Utent 1.6
Sys::Utmp::Utent is a Perl module to represent a single utmp entry. more>>
Sys::Utmp::Utent is a Perl module to represent a single utmp entry.
SYNOPSIS
use Sys::Utmp;
my $utmp = Sys::Utmp->new();
while ( my $utent = $utmp->getutent() )
{
if ( $utent->user_process )
{
print $utent->ut_user,"n";
}
}
$utmp->endutent;
As described in the Sys::Utmp documentation the getutent method returns an object of the type Sys::Utmp::Utent which provides methods for accessing the fields in the utmp record. There are also methods for determining the type of the record.
The access methods relate to the common names for the members of the C struct utent - those provided are the superset from the Gnu implementation and may not be available on all systems: where they are not they will return the empty string.
ut_user
Returns the use this record was created for if this is a record for a user process. Some systems may return other information depending on the record type. If no user was set this will be the empty string. If tainting is switched on with the -T switch to perl then this will be tainted as it is possible that the user name came from an untrusted source.
ut_id
The identifier for this record - it might be the inittab tag or some other system dependent value.
ut_line
For user process records this will be the name of the terminalor line that the user is connected on.
ut_pid
The process ID of the process that created this record.
ut_type
The type of the record this will have a value corresponding to one of the constants (not all of these may be available on all systems and there may well be others which should be described in the getutent manpage or in /usr/include/utmp.h ) :
ACCOUNTING - record was created for system accounting purposes.
BOOT_TIME - the record was created at boot time.
DEAD_PROCESS - The process that created this record has terminated.
EMPTY - record probably contains no other useful information.
INIT_PROCESS - this is a record for process created by init.
LOGIN_PROCESS - this record was created for a login process (e.g. getty).
NEW_TIME - record created when the system time has been set.
OLD_TIME - record recording the old tme when the system time has been set.
RUN_LVL - records the time at which the current run level was started.
USER_PROCESS - record created for a user process (e.g. a login )
for convenience Sys::Utmp::Utent provides methods which are lower case versions of the constant names which return true if the record is of that type.
ut_host
On systems which support this the method will return the hostname of the host for which the process that created the record was started - for example for a telnet login. If taint checking has been turned on (with the -T switch to perl ) then this value will be tainted as it is possible that a remote user will be in control of the DNS for the machine they have logged in from. ( see perlsec for more on tainting )
ut_time
The time in epoch seconds wt which the record was created.
<<lessSYNOPSIS
use Sys::Utmp;
my $utmp = Sys::Utmp->new();
while ( my $utent = $utmp->getutent() )
{
if ( $utent->user_process )
{
print $utent->ut_user,"n";
}
}
$utmp->endutent;
As described in the Sys::Utmp documentation the getutent method returns an object of the type Sys::Utmp::Utent which provides methods for accessing the fields in the utmp record. There are also methods for determining the type of the record.
The access methods relate to the common names for the members of the C struct utent - those provided are the superset from the Gnu implementation and may not be available on all systems: where they are not they will return the empty string.
ut_user
Returns the use this record was created for if this is a record for a user process. Some systems may return other information depending on the record type. If no user was set this will be the empty string. If tainting is switched on with the -T switch to perl then this will be tainted as it is possible that the user name came from an untrusted source.
ut_id
The identifier for this record - it might be the inittab tag or some other system dependent value.
ut_line
For user process records this will be the name of the terminalor line that the user is connected on.
ut_pid
The process ID of the process that created this record.
ut_type
The type of the record this will have a value corresponding to one of the constants (not all of these may be available on all systems and there may well be others which should be described in the getutent manpage or in /usr/include/utmp.h ) :
ACCOUNTING - record was created for system accounting purposes.
BOOT_TIME - the record was created at boot time.
DEAD_PROCESS - The process that created this record has terminated.
EMPTY - record probably contains no other useful information.
INIT_PROCESS - this is a record for process created by init.
LOGIN_PROCESS - this record was created for a login process (e.g. getty).
NEW_TIME - record created when the system time has been set.
OLD_TIME - record recording the old tme when the system time has been set.
RUN_LVL - records the time at which the current run level was started.
USER_PROCESS - record created for a user process (e.g. a login )
for convenience Sys::Utmp::Utent provides methods which are lower case versions of the constant names which return true if the record is of that type.
ut_host
On systems which support this the method will return the hostname of the host for which the process that created the record was started - for example for a telnet login. If taint checking has been turned on (with the -T switch to perl ) then this value will be tainted as it is possible that a remote user will be in control of the DNS for the machine they have logged in from. ( see perlsec for more on tainting )
ut_time
The time in epoch seconds wt which the record was created.
Download (0.009MB)
Added: 2006-10-18 License: Perl Artistic License Price:
1101 downloads
Horatio 1.7
The Horatio system is a firewall authentication tool. more>>
The Horatio system is a firewall authentication tool. The premise: Legitimate users want to attach laptops and other mobile hosts to the network, but security demands that illegitimate users be prevented from accessing the internal, secure network and from abusing the general Internet. The approach taken by Horatio is to provide a separate, untrusted, network that only connects to the internal network (and thus to the Internet) through a firewall that by default does not pass any traffic.
When a legitimate user connects his or her host, it is assigned an address by a DHCP server (such as dhcpd), but is unable to contact anything outside the untrusted network. The user must must point a web browser at the horatio web server, which runs on the firewall machine, and provide a username and password.
When leaving, the user can log out, removing his or her host from the access list. If the user does not log out, a periodic rollcall (using fping) will detect that the host is no longer accessible and remove it from the access list.Once the username and password have been validated, the firewall rules are modified and are allowing the access to the rest of the network.
The horatio server uses syslog to log the actions it takes, including log-ins, log-outs, web accesses, rollcalls, and process starts and stops. The firewall uses Linux ipchains. HTTPS support is provided using OpenSSL, and the Perl modules IO::Socket::SSL, Net::SSLeay, and HTTP::Daemon::SSL. The firewall and host list management scripts are written in Bash.
For more information, see the horatio(8) man page. More details about the firewall are available in the horatio-firewall(8) man page and about the host management in the horatio-hostlist(8) man page.
Enhancements:
- horatio.in: Added Timeout to HTTPS daemon, log logins/logouts with HTTP/HTTPS
<<lessWhen a legitimate user connects his or her host, it is assigned an address by a DHCP server (such as dhcpd), but is unable to contact anything outside the untrusted network. The user must must point a web browser at the horatio web server, which runs on the firewall machine, and provide a username and password.
When leaving, the user can log out, removing his or her host from the access list. If the user does not log out, a periodic rollcall (using fping) will detect that the host is no longer accessible and remove it from the access list.Once the username and password have been validated, the firewall rules are modified and are allowing the access to the rest of the network.
The horatio server uses syslog to log the actions it takes, including log-ins, log-outs, web accesses, rollcalls, and process starts and stops. The firewall uses Linux ipchains. HTTPS support is provided using OpenSSL, and the Perl modules IO::Socket::SSL, Net::SSLeay, and HTTP::Daemon::SSL. The firewall and host list management scripts are written in Bash.
For more information, see the horatio(8) man page. More details about the firewall are available in the horatio-firewall(8) man page and about the host management in the horatio-hostlist(8) man page.
Enhancements:
- horatio.in: Added Timeout to HTTPS daemon, log logins/logouts with HTTP/HTTPS
Download (0.092MB)
Added: 2006-07-11 License: GPL (GNU General Public License) Price:
1200 downloads
lfyre 0.3.1
lfyre is a programming language and interactive compiler. more>>
Lfyre is a programming language and the interactive compiler for the same language.
Its key features are flexibility, performance and simplicity.
For instance, lfyre code can be compiled or interpreted and can define new language keywords and operators.
Lfyre programming language and interactive compiler aim at many things at once:
first of all, the compiler is really interactive: you can compile, uncompile, run and debug source code from its prompt.
second, lfyre aims at filling the gap between low and high level languages by a modular approach:
the compiler provides a minimal set of features, most notably support for basic types and extensions, while modules written in lfyre provide the rest:
most keywords and operators, classes library, etc.
Lfyre code can be compiled (at the moment by translating it into C) or interpreted by a high performance virtual machine built in the compiler. The virtual machine is used by the compiler to execute and debug source code interactively, or while compiling (this allows a program to define new keywords, whose associated code must run while compiling).
All parts of the compiler (parser, resolver, C and vm translators, virtual machine) can be programmatically accessed from lfyre code. For example, a program can reuse lfyre parser to read a configuration file or can compile some modules at run-time and load them.
Or even, a program may load untrusted or untested code and run it safely inside the virtual machine.
Lfyre interactive compiler is portable, except for some exotic techniques used to speedup the virtual machine. Such speedups can anyway be disabled, obtaining fully portable code.
Lfyre compiled code aims and is expected to run at least as fast as hand-written C.
From the downside, lfyre is a "classic" procedural language with templates, reflection and single inheritance. Some features typical of functional languages are being investigated but are probably out of scope.
The name "lfyre" is a shortcut of Lfyre - a Language designed for FlexibilitY, Reflection and Extensibility.
<<lessIts key features are flexibility, performance and simplicity.
For instance, lfyre code can be compiled or interpreted and can define new language keywords and operators.
Lfyre programming language and interactive compiler aim at many things at once:
first of all, the compiler is really interactive: you can compile, uncompile, run and debug source code from its prompt.
second, lfyre aims at filling the gap between low and high level languages by a modular approach:
the compiler provides a minimal set of features, most notably support for basic types and extensions, while modules written in lfyre provide the rest:
most keywords and operators, classes library, etc.
Lfyre code can be compiled (at the moment by translating it into C) or interpreted by a high performance virtual machine built in the compiler. The virtual machine is used by the compiler to execute and debug source code interactively, or while compiling (this allows a program to define new keywords, whose associated code must run while compiling).
All parts of the compiler (parser, resolver, C and vm translators, virtual machine) can be programmatically accessed from lfyre code. For example, a program can reuse lfyre parser to read a configuration file or can compile some modules at run-time and load them.
Or even, a program may load untrusted or untested code and run it safely inside the virtual machine.
Lfyre interactive compiler is portable, except for some exotic techniques used to speedup the virtual machine. Such speedups can anyway be disabled, obtaining fully portable code.
Lfyre compiled code aims and is expected to run at least as fast as hand-written C.
From the downside, lfyre is a "classic" procedural language with templates, reflection and single inheritance. Some features typical of functional languages are being investigated but are probably out of scope.
The name "lfyre" is a shortcut of Lfyre - a Language designed for FlexibilitY, Reflection and Extensibility.
Download (0.30MB)
Added: 2005-05-30 License: GPL (GNU General Public License) Price:
1608 downloads
Self-certifying File System 0.7.2
Self-certifying File System provides a secure, global network file system with decentralized control. more>>
Self-certifying File System provides a secure, global network file system with decentralized control.
SFS is a secure, global network file system with completely decentralized control. SFS lets you access your files from anywhere and share them with anyone, anywhere.
Anyone can set up an SFS server, and any user can access any server from any client.
At the same time, SFS uses strong cryptography to provide security over untrusted networks.
Thus, you can safely share files across administrative realms without involving administrators or certification authorities.
<<lessSFS is a secure, global network file system with completely decentralized control. SFS lets you access your files from anywhere and share them with anyone, anywhere.
Anyone can set up an SFS server, and any user can access any server from any client.
At the same time, SFS uses strong cryptography to provide security over untrusted networks.
Thus, you can safely share files across administrative realms without involving administrators or certification authorities.
Download (1.2MB)
Added: 2007-02-24 License: GPL (GNU General Public License) Price:
979 downloads
HTML::StripScripts 1.00
HTML::StripScripts can strip scripting constructs out of HTML. more>>
HTML::StripScripts can strip scripting constructs out of HTML.
SYNOPSISM
use HTML::StripScripts;
my $hss = HTML::StripScripts->new({ Context => Inline });
$hss->input_start_document;
$hss->input_start(< i >);
$hss->input_text(hello, world!);
$hss->input_end(< /i >);
$hss->input_end_document;
print $hss->filtered_document;
This module strips scripting constructs out of HTML, leaving as much non-scripting markup in place as possible. This allows web applications to display HTML originating from an untrusted source without introducing XSS (cross site scripting) vulnerabilities.
You will probably use HTML::StripScripts::Parser rather than using this module directly.
The process is based on whitelists of tags, attributes and attribute values. This approach is the most secure against disguised scripting constructs hidden in malicious HTML documents.
As well as removing scripting constructs, this module ensures that there is a matching end for each start tag, and that the tags are properly nested.
Previously, in order to customise the output, you needed to subclass HTML::StripScripts and override methods. Now, most customisation can be done through the Rules option provided to new().
The HTML document must be parsed into start tags, end tags and text before it can be filtered by this module. Use either HTML::StripScripts::Parser or HTML::StripScripts::Regex instead if you want to input an unparsed HTML document.
<<lessSYNOPSISM
use HTML::StripScripts;
my $hss = HTML::StripScripts->new({ Context => Inline });
$hss->input_start_document;
$hss->input_start(< i >);
$hss->input_text(hello, world!);
$hss->input_end(< /i >);
$hss->input_end_document;
print $hss->filtered_document;
This module strips scripting constructs out of HTML, leaving as much non-scripting markup in place as possible. This allows web applications to display HTML originating from an untrusted source without introducing XSS (cross site scripting) vulnerabilities.
You will probably use HTML::StripScripts::Parser rather than using this module directly.
The process is based on whitelists of tags, attributes and attribute values. This approach is the most secure against disguised scripting constructs hidden in malicious HTML documents.
As well as removing scripting constructs, this module ensures that there is a matching end for each start tag, and that the tags are properly nested.
Previously, in order to customise the output, you needed to subclass HTML::StripScripts and override methods. Now, most customisation can be done through the Rules option provided to new().
The HTML document must be parsed into start tags, end tags and text before it can be filtered by this module. Use either HTML::StripScripts::Parser or HTML::StripScripts::Regex instead if you want to input an unparsed HTML document.
Download (0.040MB)
Added: 2007-07-13 License: Perl Artistic License Price:
834 downloads
FreeS/WAN 2.06
FreeS/WAN is an implementation of IPSEC & IKE for Linux. more>>
FreeS/WAN is an implementation of IPSEC & IKE for Linux. IPSEC is Internet Protocol SECurity. It uses strong cryptography to provide both authentication and encryption services. Authentication ensures that packets are from the right sender and have not been altered in transit. Encryption prevents unauthorised reading of packet contents. These services allow you to build secure tunnels through untrusted networks.
Two protocols are used
ESP (Encapsulating Security Payload) provides encryption plus authentication
IKE (Internet Key Exchange) negotiates connection parameters, including keys, for ESP
Freeswan implementation has three main parts:
KLIPS (kernel IPsec) implements ESP, and packet handling within the kernel
Pluto (an IKE daemon) implements IKE, negotiating connections with other systems
various scripts provide an adminstrators interface to the machinery.
Because IPsec operates at the network layer, it is remarkably flexible and can be used to secure nearly any type of Internet traffic. Two applications, however, are extremely widespread:
a Virtual Private Network, or VPN, allows multiple sites to communicate securely over an insecure Internet by encrypting all communication between the sites.
"Road Warriors" connect to the office from home, or perhaps from a hotel somewhere
There is enough opportunity in these applications that vendors are flocking to them. IPsec is being built into routers, into firewall products, and into major operating systems, primarily to support these applications. See our list of implementations for details.
We support both of those applications, and various less common IPsec applications as well, but we also add one of our own:
opportunistic encryption, the ability to set up FreeS/WAN gateways so that any two of them can encrypt to each other, and will do so whenever packets pass between them.
This is an extension we are adding to the protocols. FreeS/WAN is the first prototype implementation, though we hope other IPsec implementations will adopt the technique once we demonstrate it. See project goals below for why we think this is important.
A somewhat more detailed description of each of these applications is below. Our quickstart section will show you how to build each of them.
<<lessTwo protocols are used
ESP (Encapsulating Security Payload) provides encryption plus authentication
IKE (Internet Key Exchange) negotiates connection parameters, including keys, for ESP
Freeswan implementation has three main parts:
KLIPS (kernel IPsec) implements ESP, and packet handling within the kernel
Pluto (an IKE daemon) implements IKE, negotiating connections with other systems
various scripts provide an adminstrators interface to the machinery.
Because IPsec operates at the network layer, it is remarkably flexible and can be used to secure nearly any type of Internet traffic. Two applications, however, are extremely widespread:
a Virtual Private Network, or VPN, allows multiple sites to communicate securely over an insecure Internet by encrypting all communication between the sites.
"Road Warriors" connect to the office from home, or perhaps from a hotel somewhere
There is enough opportunity in these applications that vendors are flocking to them. IPsec is being built into routers, into firewall products, and into major operating systems, primarily to support these applications. See our list of implementations for details.
We support both of those applications, and various less common IPsec applications as well, but we also add one of our own:
opportunistic encryption, the ability to set up FreeS/WAN gateways so that any two of them can encrypt to each other, and will do so whenever packets pass between them.
This is an extension we are adding to the protocols. FreeS/WAN is the first prototype implementation, though we hope other IPsec implementations will adopt the technique once we demonstrate it. See project goals below for why we think this is important.
A somewhat more detailed description of each of these applications is below. Our quickstart section will show you how to build each of them.
Download (1.5MB)
Added: 2006-07-11 License: GPL (GNU General Public License) Price:
1210 downloads
cron-apt 0.4.16
cron-apt is a tool to run apt commands regularly. more>>
cron-apt software is a quite simple cron job that updates a debian system (by default only apt-get update) using apt-get.
You can configure it to do anythig that you can do by running apt-get. If there is a failure it send an email to the system administrator so he/she can fix the error.
Enhancements:
- Support for untrusted sources was added.
- A lot of bugs were fixed.
<<lessYou can configure it to do anythig that you can do by running apt-get. If there is a failure it send an email to the system administrator so he/she can fix the error.
Enhancements:
- Support for untrusted sources was added.
- A lot of bugs were fixed.
Download (0.022MB)
Added: 2005-09-26 License: DFSG approved Price:
1491 downloads
cvsweb-scrape 0.1
cvsweb-scrape is a small tool that downloads a CVS module via the cvsweb interface. more>>
cvsweb-scrape is a small tool that downloads a CVS module via the cvsweb interface.
This is useful when anonymous CVS checkouts are unavailable for some reason, but the cvsweb interface is still up.
Usage:
Edit the script to specify the cvsweb url, desired output dir, etc. Then run the script. Thats it.
Security note:
This script doesnt do anything to protect against untrusted cvsweb administrators. But if youre downloading something from the site in the first place, you probably dont care about that.
<<lessThis is useful when anonymous CVS checkouts are unavailable for some reason, but the cvsweb interface is still up.
Usage:
Edit the script to specify the cvsweb url, desired output dir, etc. Then run the script. Thats it.
Security note:
This script doesnt do anything to protect against untrusted cvsweb administrators. But if youre downloading something from the site in the first place, you probably dont care about that.
Download (0.002MB)
Added: 2006-06-29 License: GPL (GNU General Public License) Price:
1212 downloads
firewall 20020626
firewall is a set of scripts (firewall, fwup and fwdown) for ipchains. more>>
Firewall is a set of scripts (firewall, fwup and fwdown) that implement an ipchains firewall and various forms of network address and port translation. All you have to do is read the policy file and edit it to reflect your topology and filtering policy.
The policy file is composed of sections in which you need to specify: this hosts trusted and untrusted network interfaces; this hosts role and function within the network topology; the incoming and outgoing services to allow and the internal and external hosts that may take part in them. It has been designed to make this as painless and flexible as possible.
Each section contains detailed explanations and advice on things such as when to start the firewall and the security implications of various well known internet services and advice on how to allow them safely. It is intended to introduce administrators to some subtleties of packet filtering quickly so that they can make better informed security decisions and achieve and maintain effective network security (at least the packet filtering part) in a very short time. Of course, it will not prevent you from making bad network security, but you will have been warned.
Main features:
- Single Host (no forwarding, no address/port translation)
- Forwarding (no address/port translation)
- Masquerading (outgoing M:1 NAPT)
- Port Forwarding (Masquerading + incoming 1:M NAPT)
- Alias Port Forwarding (Masquerading + incoming N:M NAPT)
- Static NAT (incoming and outgoing 1:1 NAT)
<<lessThe policy file is composed of sections in which you need to specify: this hosts trusted and untrusted network interfaces; this hosts role and function within the network topology; the incoming and outgoing services to allow and the internal and external hosts that may take part in them. It has been designed to make this as painless and flexible as possible.
Each section contains detailed explanations and advice on things such as when to start the firewall and the security implications of various well known internet services and advice on how to allow them safely. It is intended to introduce administrators to some subtleties of packet filtering quickly so that they can make better informed security decisions and achieve and maintain effective network security (at least the packet filtering part) in a very short time. Of course, it will not prevent you from making bad network security, but you will have been warned.
Main features:
- Single Host (no forwarding, no address/port translation)
- Forwarding (no address/port translation)
- Masquerading (outgoing M:1 NAPT)
- Port Forwarding (Masquerading + incoming 1:M NAPT)
- Alias Port Forwarding (Masquerading + incoming N:M NAPT)
- Static NAT (incoming and outgoing 1:1 NAT)
Download (0.18MB)
Added: 2006-07-11 License: GPL (GNU General Public License) Price:
1349 downloads
WikklyText 0.99.50
WikklyText project is a lightweight, portable, extensible Wiki language. more>>
WikklyText project is a lightweight, portable, extensible Wiki language. The WikklyText tools are written in Python making it easy to use in either a server or stand-alone environment.
Main features:
- "99% compatible" with TiddlyWiki markup. (View Markup Help Text)
- Provides "Safe" and "Full" modes: In "Safe" mode, the user is restricted to only calling safe macros, no HTML injection is possible, and the generated text is filtered to preclude XSS issues. In a server setting (e.g. Drupal) this allows untrusted users to write WikklyText content without endangering system security.
- Powerful extension mechanism, including embedding Python code in documents with < ?py ... ? >.
Why WikklyText?
After using TiddlyWiki for several months, I found myself wanting to use its markup language from within Drupal, as well as for creating stand-alone documents. At the time I was using a mix of various content creation methods (hand-edited HTML, TinyMCE, reStructuredText), and wasnt satisfied with having to choose a method based on the environment (i.e. TiddlyWiki vs. Drupal vs. standalone). WikklyText is meant to complement TiddlyWiki by allowing you to easily move content between TiddlyWiki, Drupal, and standalone HTML documents. For me, this has allowed me to replace my hodge-podge of content creation methods with a single format that is readable as plain-text as well as in rendered form. There are a few differences between WikklyText and TiddlyWiki markup but these are clearly documented in the helptext, and should cause only minor issues, if any.
<<lessMain features:
- "99% compatible" with TiddlyWiki markup. (View Markup Help Text)
- Provides "Safe" and "Full" modes: In "Safe" mode, the user is restricted to only calling safe macros, no HTML injection is possible, and the generated text is filtered to preclude XSS issues. In a server setting (e.g. Drupal) this allows untrusted users to write WikklyText content without endangering system security.
- Powerful extension mechanism, including embedding Python code in documents with < ?py ... ? >.
Why WikklyText?
After using TiddlyWiki for several months, I found myself wanting to use its markup language from within Drupal, as well as for creating stand-alone documents. At the time I was using a mix of various content creation methods (hand-edited HTML, TinyMCE, reStructuredText), and wasnt satisfied with having to choose a method based on the environment (i.e. TiddlyWiki vs. Drupal vs. standalone). WikklyText is meant to complement TiddlyWiki by allowing you to easily move content between TiddlyWiki, Drupal, and standalone HTML documents. For me, this has allowed me to replace my hodge-podge of content creation methods with a single format that is readable as plain-text as well as in rendered form. There are a few differences between WikklyText and TiddlyWiki markup but these are clearly documented in the helptext, and should cause only minor issues, if any.
Download (0.15MB)
Added: 2007-07-09 License: GPL (GNU General Public License) Price:
837 downloads
Secleted [ 0 ] software to compare
- Page: 1 of 2
- 1
- 2
Copyright Notice:
Software piracy is theft, Using crack, password, serial numbers, registration codes, key generators is illegal and prevent future software development. The above untrusted search only lists software in full, demo and trial versions for free download. Download links are directly from our mirror sites or publisher sites, torrent files or links from rapidshare.com, yousendit.com or megaupload.com are not allowed
