Software Map

NSIA (Network System Integrity Analysis) is a Web application monitoring system that scans sites for potentially unwanted context such as defacements, unauthorized changes, errors, information leaks, profanity, and compliance issues. It operates as an IDS (Intrusion Detection System) for Web sites.

NSBD (Not-So-Bad Distribution) is an automated Web-based distribution system that is designed for distributing free software on the internet, where users cannot trust the network and cannot entirely trust the maintainers of software. NSBD authenticates packages with GNU Privacy Guard (GnuPG) or "Pretty Good(Tm) Privacy" (PGP(Tm)) digital signatures so users can be assured that packages have not been tampered with, and it limits the maintainer to only update selected files and directories on the user's computer. NSBD's focus is on security, leaving as much control as is practical in the users' hands. Network transfers are done with http or rsync.

The SPSmtpGate is a transparent anti-spam SMTP proxy server. SPSmtpGate has support for the Sendmail version 8 Milter (mail filter) protocol. SPSmtpGate is easy to set up because it requires only minor changes to the configuration of your mail transfer agent.

labrea is a program that creates a "sticky honeypot" by taking over unused IP addresses on a network and creating virtual machines that answer to connection attempts. labrea answers those connection attempts in a way that causes the machine at the other end to get "stuck", sometimes for a very long time.

shwatchr is a small Perl script that audits logins
to shell accounts on Linux/*NIX machines that
originate from arbitrary hosts on the Internet.
When a successful login occurs and a shell is
spawned, shwatchr is executed from the shell rc
file and compares the host from which the login
originates against a list of known/allowed hosts.
If a match is not found then shwatchr can be
configured to either send an email to a separate
alert email address that contains the time and
host from which the login took place or issue a
warning and proceed to kill all user shells.
shwatchr does not require root to execute and
hence users can have some measure of knowledge and
security over who is logging into their accounts
even if they can't modify firewall or tcpwrapper
rulesets, or look at system logs.

libencio is a library providing a stdio-like
interface for reading and writing of encrypted
files (in MCrypt format only for now).
Additionally, it provides full support for
fseek()-like random read access of encrypted data.
This allows one to operate on encrypted files as
if they were ordinary, cleartext files. It could
be used to provide MUAs with a layer to
transparently handle encrypted attachments, as a
backend to ffmpeg or mplayer to directly play
encrypted files, or in combination with tar for
encrypted backups. It uses libmcrypt and libmhash
for encryption and hashing algorithms.

SilverTunnel-NG is a Java library that handles all the Tor connection work for easy integration into new or existing projects. You can connect to any server on the Internet anonymously; connect to a hidden service inside the Tor network; provide a hidden service; and more.

xNBTScan is a GTK 2 interface to the NBTscan program, useful for locating netbios services on a network. It supports all options available in NBTscan 1.0.3.

The Reliable Forwarder Daemon (rfd) does TCP
forwarding by listening on a user-defined port and
forwarding incoming connections transparently
through a second rfd server on a remote machine.
Ultra reliable forwarding is achieved using a zero
overhead reconnect protocol. Reconnections happen
periodically if no data is read from the remote
machine due to errors. Reconnections are
transparent to the service being forwarded. This
is useful for POP/IMAP connections, which will
survive a modem failure. The server can handle an
arbitrary large number of connections, but no
forking or threading is ever done. rfd handles
multiple simultaneous connections efficiently
without blocking.

cliPSafe is a command line interface (CLI) to
Password Safe databases. cliPSafe only works with
version 3 databases and it currently only operates
in read-only mode.

RAVM is a fast virtual machine coded mainly in x86 assembly. It has 256 registers that are 32-bits each, and it uses 32-bit instructions. On a 2.4 GHz Intel CPU it can execute nearly 400 MIPS with bounds checking on memory accesses. An assembler is provided.

hasher is a secure package buliding tool for RPM
packages and also ultra-light virtualization
technology.

CCHEF (Covert Channels Evaluation Framework) is a software framework for empirically evaluating covert channels in network protocols running under Linux. CCHEF can be used in real networks with real overt traffic, but can also emulate covert channels using overt traffic from trace files. CCHEF was mainly designed for research purposes, but not to be (mis)used for real covert channel communication. Therefore, the sender/receiver application is a normal user space programs and not disguised in any way.

Makejail employs short configuration files to help administrators create and maintain chroot jails. Makejails attempts to guess which files are required by the daemon, and installs all these files into the jail.