(Page 4 of 6)   < Prev  1 2 3 4 5 6  Next >

Category: Replacement

Added 2001-10-22
by Nikos Mavroyanopoulos, nmav@hellug.gr
mcrypt is a program for encrypting files or streams. It is intended to be a replacement for the old UNIX crypt. It uses well-known and well-tested algorithms like DES, BLOWFISH, TWOFISH, ARCFOUR, CAST-128, and more in several modes (CBC, CFB, etc.). It also has a compatibility mode with the old UNIX crypt and Solaris des.

Added 2001-10-22
by Brian Wellington, bwelling@xbill.org
Secure FTP (sftp) implements a file transfer protocol using ssh/rsh as the transport mechanism. When the client is invoked, a remote shell is spawned and the server is run. sftp is mainly useful over a secure ssh session since passwords are not exposed. It also has the advantage that no root access is required, since the server runs as a user process.

Added 2001-10-22
by Nadeem Riaz, nads@bleh.org
Psftp is basically an ftp-like program that uses ssh 1.x as its backend. Psftp provides a cli ftp-like interface on top of scp and ssh.

Added 2001-10-22
by Intrinsic, intrinsic@hushmail.com
Secfingerd is a replacement for the standard finger daemon that comes with most UN*Xes. It allows each user to control whether-or-not they want to be fingered and if they do, what information about them is displayed as well as the formatting used. Secfingerd does not support empty and indirect queries. User's can stop themselves from being fingered by creating a ".nofinger" file in their home directory, this release of secfingerd also supports a global nofinger file which can be used to stop users such as "bin" from being fingered without putting a ".nofinger" file in "/bin".

Added 2001-10-22
by Nadeem Riaz, nads@bleh.org
Psftp is basically an ftp-like program that uses ssh 1.x as its backend. Psftp provides a cli ftp-like interface on top of scp and ssh.

Added 2001-10-22
by Matt Bishop
The file msystem.c contains a version of system(3), popen(3), and pclose(3) that provide considerably more security than the standard C functions. They are named msystem, mpopen, and mpclose, respectively. While I don't guarantee them to be PERFECTLY secure, they do constrain the environment of the child quite tightly, tightly enough to close the obvious holes.

Osh - Operator Shell
Added 2001-10-22
by Mike Neuman
The Operator Shell (Osh) is a setuid root, security enhanced, restricted shell for providing fine- grain distribution of system privileges for a wide range of usages and requirements.

PortMap 3
Added 2001-10-22
by Wietse Venema
This is the 3rd enhanced portmapper release. The code compiles fine with SunOS 4.1.x, Ultrix 4.x and ESIX System V release 4.0, but it will work with many other UNIX flavors. Tested with SunOS 4.1.1; an earlier version was also tested with Ultrix 3.0. SysV.4 uses a different program that the portmapper, however; rpcbind is the name, and it can do much more than the old portmapper. This is a portmapper replacement with access control in the style of the tcp wrapper (log_tcp) package. It provides a simple mechanism to discourage access to the NIS (YP), NFS, and other services registered with the portmapper. In some cases, better or equivalent alternatives are available. The SunOS portmap that is provided with patch id100482-02 should close the same security holes. In addition, it provides NIS daemons with their own access control lists. This is better than just portmapper access control. The "securelib" shared library (eecs.nwu.edu:/pub/securelib.tar) implements access control for all kinds of (RPC) services, not just the portmapper. Reportedly, Irix 4.0.x already has a secured portmapper. However, many vendors still ship portmap implementations that allow anyone to read or modify its tables and that will happily forward any request so that it appears to come from the local system.

Added 2001-10-22
by Wietse Venema
This is a rpcbind replacement with access control in the style of the tcp/ip daemon wrapper (log_tcp) package. It provides a simple mechanism to discourage remote access to the NIS (YP), NFS, and other rpc services. It also has host access control on IP addresses. Note that the local host is considered authorized and host access control requires the libwrap.a library that comes with recent tcp/ip daemon wrapper (log_tcp) implementations. If a port requests that are forwarded by the rpcbind process will be forwarded through an unprivileged port. In addition, the rpcbind process refuses to forward requests to rpc daemons that do, or should, verify the origin of the request: at present. The list includes most of the calls to the NFS mountd/nfsd daemons and the NIS daemons

Added 2001-10-22
by William LeFebvre
The securelib package by William LeFebvre. Provides a replacement shared library from SunOS 4.1.x systems that offers new versions of the accept, recvfrom, and recvmsg networking system calls. These calls are compatible with the originals, except that they check the address of the machine initiating the connection to make sure it is allowed to connect, based on the contents of the configuration file. The advantage of this approach is that it can be installed without recompiling any software.

Search Tools
Browse by category
Log Analysis, Host, Passwords, Network, File Integrity, PSTN, Forensics, Backdoors, Source Code
Passwords, Filesystem, Network, System, Compiler, Log Management, Usage Monitoring, Email
One Time Passwords, User Authentication, Password Management, Web, Server, Certificates, Tokens
Intrusion Detection
Network, Host, Web, Evasion
Access Control
Network, Firewall, user privileges, RPC, Bootup, File System, Applications, Mandatory Access Control, Server, X-Windows, ACLs, Privileges
Libraries, Applications
Libraries, Random Numbers, Traffic Encryption, Data Encryption, Cryptoanalysis, Steganography, E-mail
Network Monitoring
Policy Enforcement
Web Access, Email
System Security Management
Accounts, Console, Windows NT, Firewall, Configuration, Filesystem, Linux, Solaris, Monitoring
Network Utilities
Tunneling, Miscellaneous, Monitoring
Secure Deletion
Linux, FreeBSD, NT, Solaris
Hostile Code
Detection, Removal, Sandbox


Privacy Statement
Copyright 2010, SecurityFocus