---
CryptKit is a developer's toolkit implementing several of the most
modern and efficient cryptographic algorithms. The kit is primarily
written in ANSI C for speed and subsequently wrapped with SWIG for
ease of use in python.
CryptKit is small and fast, mainly because it implements excellent
algorithms: Rijndael (AES), SHA 256 bits, Elliptic Curve PKI,
Diffie-Hellman key exchange and Nyberg-Ruppel signature/verification.
These modules are combined to provide a faster, lighter and easier
to use secure socket alternative to SSL. CryptKit is not compatible
with SSL. Whereas SSL aims to support a wide variety of algorithms
that essentially perform the same task ( like DES/RC4/RC2 or MD5/SHA
), CryptKit takes the minimalist approach of implementing only one
version of each crypto primitve. Great care went into selecting the
best of what was available.
WWW: http://eevolved.com/cryptkit/
Perl module to calculate SHA1 digests
---
The Digest::SHA1 module allows you to use the NIST SHA-1 message
digest algorithm from within Perl programs. The algorithm takes
as input a message of arbitrary length and produces as output a
160-bit "fingerprint" or "message digest" of the input.
Submit and Maintain : Marc Matteo <marcm@lectroid.net>
* Format string bug fixed in protocol.c
smtp, pop3 and nntp in client mode were affected.
(stunnel clients could be attacked by malicious servers)
* Certificate chain can be supplied with -p option or in stunnel.pem.
* Problem with -r and -l options used together fixed.
* memmove() instead of memcpy() is used to move data in buffers.
* More detailed information about negotiated ciphers is printed.
* New ./configure options: "--enable-no-rsa" and "--enable-dh".
- Support for ACE (WinACE) Archiver
- Support for additional packers
- Support for newer versions of packers
- Support for BZIP compression format
- Support for additional LHA compression formats, LH6 and LH7
- Support for zcompress compression format
- Support for PDF 5.0 files
- Improved scanning for MIME formats
- Support for Unicode and Unicode big-endian saved scripts
- Support for Compiled Help files
- Support for Microsoft Exchange internal data-transfer format
- Support for Internet Message Connector (IMC) Archive format.
- Support for uncompressed VBA in Visio files
- Improved heuristic analysis for 32-bit Windows applications
- Support for compressed RTF and HTML in Microsoft Outlook messages
- Support for Script Component Type Libraries
- Improved performance when scanning Windows 32 applications
- Define NO_REGRESS
- replace all LOG_DEBUG to LOG_INFO
- use snprintf() instead of sprintf() in debuglog.c
- stop if /tmp/pcsc already exists
- clean and remove /tmp/pcsc on exit
Patches by Dr. Ludovic Rousseau <ludovic.rousseau@free.fr> and
already submitted to upstream project. Thanks.
---
PC/SC Architecture for most Unix type operating systems. Allows
easy porting of Windows smartcard software to other operating
systems. Supports many types of serial, PCMCIA, and USB smartcard
readers and cryptographic tokens.
WWW: http://www.linuxnet.com/
Tested by Dr. Ludovic Rousseau and me.
--
Logcheck is a scheduled auditing tool that scans system log files
for security violations and unusual activity. Reports of suspicious
log entries are mailed to a specified user (usually root).
WWW: http://www.psionic.com/abacus/logcheck
MAINTAINER= Srebrenko Sehic <haver@insecure.dk>
ccrypt is a utility for encrypting and decrypting files and streams.
It was designed to replace the standard unix crypt utility, which is
notorious for using a very weak encryption algorithm. ccrypt is based
on the Rijndael cipher, which is the U.S. government's chosen
candidate for the Advanced Encryption Standard. This cipher is believed
to provide very strong security.
--
Zebedee is a simple program to establish an encrypted, compressed TCP or
UDP tunnel between two systems. This allows traffic such as telnet, ftp,
VNC, and X to be protected from snooping as well as potentially gaining
performance over low-bandwidth networks from compression.
WWW: http://www.winton.org.uk/zebedee/
Submitted by Jon Leonard <jleonard@iss.net>
Passive OS fingerprinting technique based on information coming
from remote host when it establishes connection to our system.
Captured packets contains enough information to determine OS - and,
unlike active scanners (nmap, queSO) - without sending anything to
this host.
---
IO::Socket::SSL is a class implementing an object oriented interface
to SSL sockets. The class is a descendent of IO::Socket::INET and
provides a subset of the base class's interface methods as well as
SSL specific methods.
