by me, ok jasper@
DNSCrypt-proxy provides local service which can be used directly
as your local resolver or as a DNS forwarder, encrypting requests
using the DNSCrypt protocol and passing them to an upstream server,
by default OpenDNS who run this on their resolvers.
The DNSCrypt protocol is very similar to DNSCurve, but focuses on
securing communications between a client and its first-level resolver.
While not providing end-to-end security, it protects the local
network, which is often the weakest point of the chain, against
man-in-the-middle attacks. It also provides some confidentiality to
DNS queries.
processing.
While there, remove unnecessary patches (some fixed upstream, some workarounds
for header problems which have since been cleaned up, and change the "Build the
pacrunner into libproxy" patch into -DBIPR:BOOL=OFF in CONFIGURE_ARGS instead).
ok ajacoutot@
* Add an rc.d script.
* In snort.conf, provide the URL to the official Snort rules so that
users know where to get them.
* In snort.conf, provide the URL to the Emerging Threats rules along
with a commented include line to allow users to easily load the
Emerging Threats rules if they wish.
* Revise pkg/README with details on where to obtain Snort rules, the
differences between the official Snort rules and Emerging Threats
rules, how to download them, and provide some guidance on setting up
Snort.
snort.conf and README changes OK Markus Lude (maintainer), sthen@
rc.d script OK sthen@
If specific combinations of RDATA are loaded into a nameserver, either
via cache or an authoritative zone, a subsequent query for a related
record will cause named to lock up.
See https://kb.isc.org/article/AA-00801 for more details.
* Added "qtype-any" filter for displaying ANY queries which are
now fashionable in DNS based attacks.
* Anand Buddhev pointed out that LDFLAGS= is missing from Makefile.in.
Also updated known_tlds.h.
While here dest and GROFF is not needed.
Ok sthen@ (maintainer)
The Net::PcapWriter module allows to create pcap files within
a perl programm without capturing any data.
from Stefan Rinkes <stefan.rinkes AT gmail DOT com>
The Net::Inspect module allows to inspect data on various network
layers.
The idea of Net::Inspect is to plug various layers of network
inspection together to analyze data. This is kind of what wireshark
or IDS do, exept this is in perl and therefore slower to execute
but faster to develop and maybe more flexibel too.
from Stefan Rinkes <stefan.rinkes AT gmail DOT com>
o Fixed sorting of 'fake' domain ; ucfirst not is required.
o Capitalize region names ; fake domains (like 'Master') should be
ucfirst, and go to the top of the report list ; 'proper' regions
are sorted 'lc'. The ISO-country-list is now utf8,
Capitalized and complete.
o Faster probe-load averaging by always probing the average number
of mirrors. The 'ok' and 'not ok' mirrors are averaged separately.
o Show 'project_name' when reporting changes in the mirror-list.
o Show 'path' for rsync urls in the report like 'site::path'.
While here GROFF is not needed.
Ok sthen@ (maintainer)
