silently, invisibly, with all TCP ports closed except to those who know...
the secret knock!
PR: ports/70186
Submitted by: Aaron Dalton <aaron@daltons.ca>
libPJL- Printer Job Language library A library and a
command-line tool to use PJL- HP Printer Job Language
PR: ports/69382
Submitted by: Yonatan <Yonatan@xpert.com>
This is a pcsc-lite driver for the Schlumberger Reflex 62/64
serial smartcard reader
This port should be filed under "security/ifd-slb_rf60"
because there are already some other pcsc-lite drivers
follow this convention.
I also made a few minor changes because of portlint warnings,
so please apply this patch and rename the directory to
"ifd-slb_rf60" before committing.
PR: ports/63120
Submitted by: Toni Andjelkovic <toni@soth.at>
Fcrackzip is a fast and featureful ZIP password cracker,
written in portable C (and optional x86 assembly). It allows
the user to recover forgotten ZIP archive passwords, using
either a brute force or dictionary attack on the provided
files.
PR: ports/69159
Submitted by: Stefan Walter <sw@gegenunendlich.de>
ports tree. It also features a file `database/portaudit.txt'
where UUIDs for vulnerabilities can be allocated quickly
before they are moved to the VuXML database.
Call `packaudit' after upgrading your ports tree.
Onion Routing is a connection-oriented anonymizing
communication service. Users choose a source-routed path
through a set of nodes, and negotiate a "virtual circuit"
through the network, in which each node knows its predecessor
and successor, but no others. Traffic flowing down the circuit
is unwrapped by a symmetric key at each node, which reveals the
downstream node.
WWW: http://freehaven.net/tor/
PR: ports/67305
Submitted by: freebsd-ports@rikrose.net
root privileges for file manipulation, by setting LD_PRELOAD to a
library with alternative versions of getuid(), stat(), etc.
PR: ports/64102
Submitted by: Meno Abels <meno.abels@adviser.com>
Rootkit Hunter is scanning tool to ensure you for about 99.9%
you're clean of nasty tools.
This tool scans for rootkits, backdoors and local exploits by
running tests like:
- MD5/SHA1 hash compare
- Look for default files used by rootkits
- Wrong file permissions for binaries
- Look for suspected strings in LKM and KLD modules
- Look for hidden files
- Optional scan within plaintext and binary files
PR: ports/66660
Submitted by: Radim Kolar <hsn at netmag dot cz>
LEP is my attempt to provide a simple yet effective crypto
system that focuses largely on streamlining tasks and less on
elaborate inclusion of algorithms (MD5 and Blowfish are the
only official algorithms used, both of which are linked in from
-lcrypto), and also has some simple implementations of classic
cipher design (transposition, byte swapping, caesar, XOR, hex
encoding, etc) which can fit into the same operation chain,
relieving the need for OS overhead with process spawning and
piping.
PR: ports/66659
Submitted by: Dmitri Nikulin <setagllib@optusnet.com.au>
various attacks an IDS developer has to deal with. Unlike some of the other
port scan detection tools out there, scanlogd is designed to be totally safe
to use.
PR: ports/66449
Submitted by: Roman Bogorodskiy <bogorodskiy@inbox.ru>
Retire libgcrypt-devel
Switch back to security/libgcrypt and bump PORTREVISION for
- gnutls
- gnutls-devel
- gsasl
- opencdk
- vpnc
libggz:
- Remove dependency on libgcrypt, because the port does not yet
work with the new libgcrypt
libksba:
- Update to 0.9.5
- Pass maintainership to lofi, who already maintains the other
aegypten ports.
Approved by: lofi
wmbiff:
Switch to security/libgcrypt but no PORTREVISION bump, because the
dependency is optional and the port does not work with the new
libgcrypt and needs to be updated.
No action, because ports don't work with the new libgcrypt and need
to be updated, maintainers informed:
security/newpg
security/pinentry
security/dirmngr
emulators/fuse
emulators/libspectrum
Lockdown is a hardening system written in C++ for FreeBSD
and released under the BSD license.
Lockdown was designed to harden FreeBSD's base system. It does so
by editing the systems configuration files and set permissions,
flags and ownership on SUID, GID and information files.
Lockdown was meant to be run only once, so you can quickly
and without forgetting something, get a secure system running.
WWW: http://lockdown.TruNet.dk/
PR: 62714
Submitted by: Daniel Blankensteiner <db@TruNet.dk>
While I am here,
- make portlint happy,
- use WRKSRC instead hardcode path.
- use SAMBASRC instead wrong path if WRKDIRPREFIX env set.
- remove PORTREVISION on new ports.
PR: ports/63464
Submitted by: Jean Milanez Melo <jmelo@freebsdbrasil.com.br>
signature definitions). This allows the definitions to be updated
seperately as and when required.
PR: ports/62917, 62918
Submitted by: Tim Bishop <tim@bishnet.net> (maintainer)
These protocols are all used to run a remote session on a computer,
over a network. PuTTY implements the client end of that session:
the end at which the session is displayed, rather than the end
at which it runs.
WWW: http://www.chiark.greenend.org.uk/~sgtatham/putty/
Version 1.1.91 is incompatible with 1.1.12.
The -devel is required by the upcoming GnuTLS version and the new vpnc version.
The Stable version is still required by the Aegypten plugins.
Approved by: portmgr(marcus)
Repocopied by: joe
This is a package to test FreeBSD port auditing systems, e.g. portaudit
and the upcoming VuXML based system. Even though it installs no files,
it is listed in the portaudit database as vulnerable.
Kind of a EICAR-STANDARD-ANTIVIRUS-TEST-FILE
- The reference source for the CVM interface
- Diagnostic and benchmark CVM clients
- A checkpassword interface CVM client
- A UNIX/POSIX system module (uses getpwnam)
- A flat-file module
- A library for client writers
- A set of libraries for module writers
Author: Bruce Guenter <bruceg@em.ca>
WWW: http://untroubled.org/cvm/
This port in needed to unbreak build of mail/mailfront and ftp/twoftpd.
VPNC - Client for Cisco 3000 VPN Concentrator
A VPN client compatible with Cisco's EasyVPN equipment.
Supports IPSec (ESP) with Mode Configuration and Xauth.
Supports only shared-secret IPSec authentication, 3DES, MD5,
and IP tunneling. It runs entirely in userspace
PR: 60283
Submitted by: Christian Lackas
Graphical certification authority is an interface for managing
RSA keys and certificates, and the creation and signing of PKCS#10 requests.
It uses the OpenSSL library and a Berkeley DB for key and certificate storage.
It supports importing and exporting keys and PEM DER PKCS8 certificates,
signing and revoking of PEM DER PKCS12, and selection of x509v3 extensions.
A tree view of certificates is presented.
Author: Christian Hohnstaedt <christian@hohnstaedt.de>
WWW: http://www.hohnstaedt.de/xca.html
PR: 58378
Submitted by: Valentin Zahariev <curly@e-card.bg>
While pam(8) refers Linux-PAM Guides at ``SEE ALSO'' section,
it seems no documentation is in ports/ tree.
I think reading those docs takes good understanding of PAM
in RELENG_4, and also OpenPAM in HEAD.
PR: ports/53490
Submitted by: Hideyuki KURASHINA <rushani@FreeBSD.org>
A small SSH Askpass replacement written with GTK2. Features
fullscreen dialog and translucent background.
PR: ports/56537
Submitted by: Manuel Rabade <mig@mig-29.net>
security/opensc port that works with Estonian Electronic ID card
This is modified version of the OpenSC port that works with
Estonian Electronic ID card (EstEID).
WWW: http://marie.vtl.ee/esteid/
PR: ports/56612
Submitted by: Sven Petai <hadara@bsd.ee>
autossh is a program to start a copy of ssh and monitor it, restarting
it as necessary should it die or stop passing traffic.
The original idea and the mechanism were from rstunnel (Reliable SSH
Tunnel). With this version the method changes: autossh uses ssh to
construct a loop of ssh forwardings (one from local to remote, one
from remote to local), and then sends test data that it expects to
get back. (The idea is thanks to Terrence Martin.)
WWW: http://www.harding.motd.ca/autossh/
Destroy, A program that destroys files on the hard disk by
writing null and random bytes to the file, then unlinking
it.
PR: ports/50291
Submitted by: Shane Kinney <shane@freebsdhackers.net>
This is a commercial stand-alone solution written in C not a PERL script +
myriads of dependencies + some AV...
Licenses for private (individual, non-commercial) use, e.g. for protecting
your family's home network, can be applied for free of charge.
Submitted by: Marius Strobl <marius@alchemy.franken.de>
