Projects

OpenVPN

OpenVPN is a robust and highly configurable VPN (Virtual Private Network) daemon which can be used to securely link two or more private networks using an encrypted tunnel over the Internet. OpenVPN's principal strengths include wide cross-platform portability, excellent stability, support for ... [More] dynamic IP addresses and NAT, adaptive link compression, single TCP/UDP port usage, a modular design that offloads most crypto tasks to the OpenSSL library, and relatively easy installation that in most cases doesn't require a special kernel module. [Less]

Snort

Snort® is an open source network intrusion prevention and detection system using a flexible rule-driven language, which combines the benefits of signature, protocol and anomaly based inspection methods. With millions of downloads to date, Snort is the most widely deployed intrusion detection and ... [More] prevention technology worldwide and has become the de facto standard for the industry. [Less]

Openwall - John the Ripper

John the Ripper is a fast password cracker, currently available for many flavors of Unix (11 are officially supported, not counting different architectures), Windows, DOS, BeOS, and OpenVMS. Its primary purpose is to detect weak Unix passwords. Besides several crypt(3) password hash types most ... [More] commonly found on various Unix flavors, supported out of the box are Kerberos AFS and Windows NT/2000/XP/2003 LM hashes, plus several more with contributed patches. [Less]

Prelude

Prelude is an Hybrid IDS framework, that is, it is a product that enable all available security application, be it opensource or proprietary, to report to a centralized system. In order to achieve this task, Prelude relies on the IDMEF (Intrusion Detection Message Exchange Format) IETF standard ... [More] , that enables different kinds of sensors to generate events using an unified language. Prelude benefits from its ability to find traces of malicious activity from different sensors (Snort, honeyd, Nessus Vulnerability Scanner, Samhain, over 30 types of systems logs, and many others) in order to better verify an attack and in the end to perform automatic correlation between the various events. Prelude is commited to providing an Hybrid IDS that offers the ability to unify currently available tools. [Less]

IronBee

Led by the team who designed and built ModSecurity, the new project aims to produce a web application firewall sensor that is secure, high-performing, portable, and freely available – even for commercial use. Hosted at the web site www.ironbee.com, the project is open to all parties interested in joining the development effort.

sshproxy

sshproxy is a pure python implementation of an ssh authenticating proxy. It allows users to connect to remote sites without having to know the password or key of the remote sites. ACL rules can be set up to allow or deny users based on different parameters like their IP address or the time of ... [More] the day. Access attempts are logged via syslog, and an enhanced "action log" system is under development. The client is the standard ssh client. [Less]

Bastille-Unix (aka Bastille Linux)

Bastille Unix is a Hardening and Reporting/Auditing Program which enhances the security of a Unix box, by configuring daemons, system settings and firewalling. It currently functions on HP-UX, Red Hat, SuSE, Gentoo, Mandrivia, and OSX

Openwall - tcb

The tcb package contains core components of our tcb suite implementing the alternative password shadowing scheme on Openwall GNU/*/Linux (Owl). It is being made available separately from Owl primarily for use by other distributions. The package consists of three components: pam_tcb, libnss_tcb ... [More] , and libtcb. pam_tcb is a PAM module which supersedes pam_unix. It also implements the tcb password shadowing scheme. The tcb scheme allows many core system utilities (passwd(1) being the primary example) to operate with little privilege. libnss_tcb is the accompanying NSS module. libtcb contains code shared by the PAM and NSS modules and is also used by user management tools on Owl due to our shadow suite patches. [Less]

Openwall - passwdqc

pam_passwdqc is a simple password strength checking module for PAM-aware password changing programs, such as passwd(1). In addition to checking regular passwords, it offers support for passphrases and can provide randomly generated ones. All features are optional and can be (re-)configured without ... [More] rebuilding. The package additionally includes libpasswdqc (a password/passphrase strength checking library), pwqcheck (a standalone password/passphrase strength checking program), and pwqgen (a standalone random passphrase generator program). [Less]

Openwall - scanlogd

scanlogd is a TCP port scan detection tool, originally designed to illustrate various attacks an IDS developer has to deal with, for a Phrack Magazine article. Thus, unlike some of the other port scan detection tools out there, scanlogd is designed to be totally safe to use. scanlogd supports ... [More] several packet capture interfaces: the raw socket interface on Linux (which does not require any libraries), libnids, and libpcap. [Less]