2 3 4 5 6 Next >
lsh is an implementation of the SSH protocol version 2. It is under active development. Developer contributions are welcome from both inside and outside the US.
Passcheck is a drop-in replacement or rewrite of the original cracklib, and shares no code with the original. It features an enhanced dictionary check, and the ability to use the standard system wordlist.
syslog-ng, as the name shows, is a syslogd replacement, but with new functionality for the new generation. The original syslogd allows messages only to be sorted based on priority/facility pairs; syslog-ng adds the possibility to filter based on message contents using regular expressions. The new configuration scheme is intuitive and powerful. Forwarding logs over TCP and remembering all forwarding hops makes it ideal for firewalled environments.
The exploitation of buffer overflow vulnerabilities in process stacks constitutes a significant portion of security attacks in recent years. We present a new method to detect and handle such attacks. In contrast to previous work, our method does not require any modification to the operating system and works with existing binary programs. Our method does not require access to the source code of defective programs, nor does it require recompilation or off-line processing of binaries.
Secure locate provides a secure way to index and quickly search for files on your system. It uses incremental encoding just like GNU locate to compress its database to make searching faster, but it will also check file permissions and ownership so that users will not see files they do not have access to.
oidentd is an RFC 1413 compliant ident daemon which runs on Linux, FreeBSD, OpenBSD, and Solaris. It can handle IP masqueraded/NAT connections on Linux, FreeBSD, and OpenBSD, and it has a flexible mechanism for specifying ident responses. Users can be granted permission to specify their own ident responses. Responses can be specified according to host and port pairs.
fsh uses lsh or ssh to establish a secure tunnel to the remote system. This takes as long as a normal connection establishment, but once the tunnel is established, fsh can reuse it to start new sessions on the remote system almost instantaneously. You get the security of ssh and the speed of rsh.
Flash is an attempt to address the security problems associated with giving local unix users full shell access. It is a (hopefully) secure shell which will only execute administrator defined programs, while also being very user friendly. Flash is fully windowed (using an ncurses interface), is driven by cursor keys, has hotkey support, has fascist logging support and more.
lidentd is an identd replacement with many features including fake users, random fake users, restricted fake user responses, matching against the passwd file for fake responses and more.
sftp is an ftp replacement that runs over an ssh tunnel. Two programs are included - sftp and sftpserv. When sftp is run and a host is connected to (either by running 'sftp remotehost' or 'open remotehost' from the sftp prompt), an ssh connection is initiated to the remote host, and sftpserv is run. So, sftpserv must be in your path on the remote host. Note that since sftpserv is run from ssh, no root privileges are necessary.
Browse by category