20:58 brix 

Eksblowfish is a variant of the Blowfish cipher, modified to make the
key setup very expensive.  ("Eks" stands for "expensive key
schedule".)  This doesn't make it significantly cryptographically
stronger, but is intended to hinder brute-force attacks.  It also
makes it unsuitable for any application requiring key agility.  It was
designed by Niels Provos and David Mazieres for password hashing in
OpenBSD.

Eksblowfish is a parameterised (family-keyed) cipher.  It takes a cost
parameter that controls how expensive the key scheduling is.  It also
takes a family key, known as the "salt".  Cost and salt parameters
together define a cipher family.  Within each family, a key determines
an encryption function in the usual way.

This distribution also includes an implementation of "bcrypt", the
Unix crypt() password hashing algorithm based on Eksblowfish.

WWW: http://search.cpan.org/dist/Crypt-Eksblowfish/

Approved by:    erwin (mentor)

20:57 brix 

This perl module implements the LGI$HPWD password hashing function
from VMS, and some associated VMS username and password handling
functions.

WWW: http://search.cpan.org/dist/Authen-DecHpwd/

Approved by:    erwin (mentor)

19:15 miwi 

2008-05-15 net-p2p/dclibc: Abandoned, not used, website disappeared
2008-04-07 net-mgmt/ap-utils: Does not work with gcc4.2; appears to be abandoned
2008-03-31 multimedia/xfce4-xmms-controller-plugin: Project is dead
2008-05-15 www/pear-HTTP_Session: Use www/pear-HTTP_Session2 instead
2008-05-04 security/bioapitool: All functionallity of this tools has been merged
with pam_bsdbioapi

10:24 rafan 

sqlmap is an automatic SQL injection tool entirely developed in Python. It is
capable to perform an extensive database management system back-end
fingerprint, retrieve remote DBMS databases, usernames, tables, columns,
enumerate entire DBMS, read system files and much more taking advantage of web
application programming security flaws that lead to SQL injection
vulnerabilities.

WWW:    http://sqlmap.sourceforge.net/

PR:             ports/123851
Submitted by:   Tomoyuki Sakurai <cherry at trombik.org>

03:09 rafan 

Pwman3 is a console based password management application.
Pwman3 is written in python. It uses sql for storage
and all data is encrypted when it isn't being viewed on screen.

WWW: http://pwman.bleurgh.com

PR:             ports/123074
Submitted by:   Yarodin <yarodin at gmail.com>

13:19 araujo 

- Project was renamed security/barnyard-sguil6 to security/barnyard-sguil.

PR:             ports/122648, ports/122700
Submitted by:   Paul Schmehl <pauls@utdallas.edu> (maintainer)

18:54 brooks 

Admit I'm never going to actually fix security/drupal4-ldap_integration,
particularly since it's clear no one uses it and remove it from the tree.

23:21 pav 

- Remove, it's ancient and newer version is included in base of all supported
  releases

Suggested by:   sam

06:49 clsung 

EzCrypto is an easy to use wrapper around the poorly documented OpenSSL ruby
library.

Features
    * Defaults to AES 128 CBC
    * Will use the systems OpenSSL library for transparent hardware crypto
      support
    * Single class object oriented access to most commonly used features
    * Ruby like

WWW:  http://ezcrypto.rubyforge.org/

PR:             ports/122805
Submitted by:   Steven Kreuzer

21:15 barner 

Add fprint_demo 0.4, demo and test application for libfprint.

21:15 barner 

Add pam_fprint 0.2, PAM module offering finger print authentication
using libfprint.

21:14 barner 

Add libfprint 0.0.6, library for fingerprint reader devices.

15:50 pav 

- Remove entry for gnome-keyring-manager

Forgotten by:   marcus

07:37 pav 

A Perl module wrapping libzxid. Also zxid.pl, that implements SP in
mod_perl environment, is supplied.

WWW:    http://zxid.org/

PR:             ports/114800
Submitted by:   Gea-Suan Lin <gslin@gslin.org>

16:00 tabthorpe 

2008-02-29 security/acid: development has ceased, use security/base

21:39 miwi 

- Disconnect security/nmapfe (project was renamed to security/zenmap)

21:33 miwi 

- Connect security/zenmap to the build

15:47 danfe 

Add a port of ophcrack, a Windows password cracker based on rainbow tables,
with GTK+ GUI.

WWW: http://ophcrack.sourceforge.net/

04:25 tmclaugh 

- expire port: Long out of date with multiple security issues.
  (Don't worry, openssh-portable is still there.)

10:43 mm 

This is version 2 of PHP OpenID using the PEAR framework.

The PHP OpenID library lets you enable OpenID authentication on sites built
using PHP. It features the OpenID consumer, Store implementations, and an
OpenID server.

WWW:    http://openidenabled.com/php-openid/

09:11 vanilla 

Add yapet 0.1, a curses based password manager.

PR:             ports/121293
Submitted by:   Rafael Ostertag <rafi at guengel.ch>

01:07 miwi 

2007-11-22 x11-themes/indubstrial: yes
2008-01-14 x11-themes/gtk-smooth-engine: Redundant port (now included in
gtk-engines), no release since 2005
2007-09-21 security/amavis-perl: depends on misc/compat3x, which has security
problems
2007-12-31 sysutils/cdbakeoven: Abandonware
2008-01-04 net/gnu-finger: no active development and known security
vulnerabilities.
2007-11-16 misc/seizedesktop: development stalled for years, outdated,
unmaintained

05:58 rafan 

EasyPG is an all-in-one GnuPG interface for Emacs. It consists of two
parts: EasyPG Assistant and EasyPG Library.

EasyPG Assistant is a set of convenient tools to use GnuPG from
Emacs. EasyPG Library is a sort of an elisp port of GPGME, a wrapper
library which provides API to access some of the GnuPG functions.

WWW: http://sourceforge.jp/projects/epg/

PR:             ports/119008
Submitted by:   Shota Iwazaki <iwazaki8 at yahoo.co.jp>

23:24 miwi 

This Module decrypts all kind of Cisco encrypted hashes
also referred to as type 7 passwords. Further you can
encrypt any given string into a encrypted hash that will
be accepted by any Cisco device as an encrypted type 7 password.

WWW:    http://search.cpan.org/dist/Cisco-Hash/

PR:             ports/120498
Submitted by:   Tsung-Han Yeh <snowfly at yuntech.edu.tw>

22:43 miwi 

Implementation of the Diffie-Hellman Key Exchange cryptographic protocol
in PHP5. Enables two parties without any prior knowledge of each other
establish a secure shared secret key across an insecure channel
of communication.

WWW: http://pear.php.net/package/Crypt_DiffieHellman/

PR:             ports/120010
Submitted by:   Ditesh Shashikant Gathani <ditesh at gathani.org>

23:34 lme 

FCheck is an open source PERL script providing intrusion detection and policy
enforcement of Windows 95/98/NT/3.x and Unix server administration through the
use of comparative system snapshots. FCheck can provide notification of any
differences found through use of your event management system, printer, and/or
email when any monitored files or directories are altered, including any
additions and/or deletions.

WWW:    http://www.geocities.com/fcheck2000/

16:57 rafan 

Sqlninja is a tool targeted to exploit SQL Injection vulnerabilities on
a web application that uses Microsoft SQL Server as its back-end.

Its main goal is to provide a remote shell on the vulnerable DB server,
even in a very hostile environment. It should be used by penetration
testers to help and automate the process of taking over a DB Server when
a SQL Injection vulnerability has been discovered.

WWW: http://sqlninja.sourceforge.net/

PR:             ports/117276
Submitted by:   Valerio Daelli <valerio.daelli at gmail.com>

16:23 wxs 

New port: p5-Snort-Rule.

A module that facilitates the dynamic creation of rules for snort.

PR:             ports/120193
Submitted by:   Paul Schmehl <pauls@utdallas.edu>
Approved by:    garga (mentor)

11:56 miwi 

Network Security Monitoring Console is a framework for performing
analysis on packat capture files.

WWW:    http://thnetos.wordpress.com/nsm-console/

PR:             ports/119682
Submitted by:   Tomoyuki Sakurai <cherry at trombik.org>

06:38 beech 

- New Port maia-1.0.2a

- Maia Mailguard is a web-based interface and management system based on
  the popular amavisd-new e-mail scanner and SpamAssassin. Written in Perl
  and PHP, Maia Mailguard gives end-users control over how their mail is
  processed by virus scanners and spam filters, while giving mail administrators
  the power to configure site-wide defaults and limits.

        WWW: http://www.maiamailguard.com/

PR:             ports/119325
Submitted by:   Janky Jay <ek@purplehat.org> (maintainer)
Approved by:    linimon (mentor)

11:44 miwi 

This package provides an object oriented interface to GNU Privacy
Guard (GPG). It requires the GPG executable to be on the system.

Though GPG can support symmetric-key cryptography, this package is intended
only to facilitate public-key cryptography.

WWW: http://pear.php.net/package/Crypt_GPG/

05:24 lwhsu 

Add shimmer 0.1.0, perl implementation that hides a valuable port on
your server.

PR:             ports/119512
Submitted by:   Felippe de Meirelles Motta <lippemail at gmail.com>

11:15 beech 

- New port phpdeadlock-1.0.1
- Web-based user authentication/password protection system

PR:             ports/117122
Submitted by:   Greg Larkin <glarkin@sourcehosting.net> (maintainer)
Approved by:    linimon (mentor)

20:33 edwin 

XORSearch

XORSearch is a program to search for a given string in an XOR or
ROL encoded binary file. An XOR encoded binary file is a file where
some (or all) bytes have been XORed with a constant value (the key).
A ROL (or ROR) encoded file has it bytes rotated by a certain number
of bits (the key). XOR and ROL/ROR encoding is used by malware
programmers to obfuscate strings like URLs.

XORSearch will try all XOR keys (0 to 255) and ROL keys (1 to 7)
when searching. I programmed XORSearch to include key 0, because
this allows to search in an unencoded binary file (X XOR 0 equals
X).

If the search string is found, XORSearch will print it until the 0
(byte zero) is encountered or until 50 characters have been printed,
which ever comes first. 50 is the default value, it can be changed
with option -l. Unprintable characters are replaced by a dot.

WWW: http://blog.didierstevens.com/programs/xorsearch/
Author: Didier Stevens

22:57 miwi 

This program uses a brute force algorithm to guess your encrypted
compressed file's password. If you forget your encrypted file password,
this program is the solution. This program can crack zip,7z and rar file
passwords.

WWW: http://sourceforge.net/projects/rarcrack

PR:             ports/117630
Submitted by:   Philippe Audeoud <jadawin at tuxaco.net>

05:00 chinsan 

Add uberkey, a keylogger for x86 systems.

WWW: http://www.linuks.mine.nu/uberkey/

09:22 miwi 

pdfcrack is a command line, password recovery tool for PDF-files.

WWW: http://sourceforge.net/projects/pdfcrack

PR:             ports/117442
Submitted by:   Philippe Audeoud <jadawin at tuxaco.net>

02:51 alepulver 

This port contains the Shrew Soft ike daemon and client tools. The
software supports ike v1 communications between two gateways or a
a client and a gateway.

For more information please visit ...

WWW: http://www.shrew.net/

PR:             ports/116684
Submitted by:   mgrooms at shrew.net

16:52 novel 

OpenFWTK is an application proxy toolkit which inherits the ideology
of TIS fwtk and maintains API backwards compatibility. The design goal
is to make it simple yet powerful; no performance hacks allowed in the
code and library dependencies are reduced to minimum.

WWW: http://sourceforge.net/projects/openfwtk

PR:             ports/117194
Submitted by:   Anton Karpov <toxa at toxahost.ru>

03:35 tabthorpe 

2007-09-10 security/p5-Digest-SHA2: Has numerious known bugs, deprecated in
favor of Digest::SHA

23:33 sat 

- Sort category Makefiles

Inspired by:    Jason Harris <jharris@widomaker.com>
Howto:          http://twiki.cenkes.org/Cenkes/SortingCategoryMakefiles

13:21 rafan 

Wapiti allows you to audit the security of your web applications.
It performs "black-box" scans, i.e. it does not study the source code of
the application but will scans the webpages of the deployed webapp,
looking for scripts and forms where it can inject data.
Once it gets this list, Wapiti acts like a fuzzer, injecting payloads to
see if a script is vulnerable.

WWW: http://wapiti.sourceforge.net/

PR:             ports/116873
Submitted by:   Philippe Audeoud <jadawin at tuxaco.net>

15:14 miwi 

2007-08-29 security/vncrypt: not supported on any current version of FreeBSD
2007-09-15 net-mgmt/ocs-unix-agent: Use net-mgmt/ocsinventory-agent instead

06:39 acm 

- New port: security/fpc-openssl

Free Pascal unit for OpenSSL

05:49 edwin 

new port: security/afterglow, a collection of graph-generating scripts

        AfterGlow is a collection of scripts which facilitate the
        process of generating event graphs and treemaps. AfterGlow
        1.x is written in Perl and generates output that can be
        read by GraphViz or LGL.  All the scripts and other files
        for afterglow are installed in ${DATADIR}

        WWW: http://sourceforge.net/projects/afterglow

PR:             ports/115186
Submitted by:   Paul Schmehl <pauls@utdallas.edu>

11:55 edwin 

new port security/ssss - Shamir's Secret Sharing Scheme

        ssss is an implementation of Shamir's secret sharing scheme
        for UNIX/linux machines. It is free software, the code is
        licensed under the GNU GPL. ssss does both: the generation
        of shares for a known secret and the reconstruction of a
        secret using user provided shares. The software was written
        in 2006 by B. Poettering, it links against the GNU libgmp
        multiprecision library (version 4.1.4 works well) and
        requires the /dev/random entropy source.

PR:             ports/115949
Submitted by:   Lukasz Komsta <luke@novum.am.lublin.pl>

08:15 edwin 

New port: security/seccure - SECCURE Elliptic Curve Crypto Utility for Reliable
Encryption

        The seccure toolset implements a selection of asymmetric
        algorithms based on elliptic curve cryptography (ECC). In
        particular it offers public key encryption / decryption,
        signature generation / verification and key establishment.

        ECC schemes offer a much better key size to security ratio
        than classical systems (RSA, DSA). Keys are short enough
        to make direct specification of keys on the command line
        possible (sometimes this is more convenient than the
        management of PGP-like key rings). seccure builds on this
        feature and therefore is the tool of choice whenever
        lightweight asymmetric cryptography -- independent of key
        servers, revocation certificates, the Web of Trust or even
        configuration files -- is required.

PR:             ports/115943
Submitted by:   Lukasz Komsta <luke@novum.am.lublin.pl>

07:47 edwin 

new port: security/hamachi (supersedes ports/110850)

        New port of Hamachi VPN, using Linux official binary and a
        patch on tuncfg.c based on the official OSX release.

        Hamachi is a software that eases the creation of secure
        VPNs even between nodes that would not be able to connect
        to each other (server-assisted connection can be established
        from two NATted client, if at least one of the two NAT
        associates the port to the client not checking remote host).

        UPX port is required in order to decompress the linux binary
        and avoid run-time dependency on /proc.

PR:             ports/112982
Submitted by:   Lapo Luchini <lapo@lapo.it>

03:46 marcus 

As promised, remove net-im/gaim, and all dependent ports.  Gaim has been
replaced by net-im/pidgin.

02:47 edwin 

New port: security/openvpn-auth-ldap - LDAP authentication plugin for OpenVPN

        The OpenVPN Auth-LDAP Plugin implements username/password
        authentication via LDAP for OpenVPN 2.x. It also includes
        some integration with the OpenBSD packet filter, supporting
        adding and removing VPN clients from PF tables.

        WWW: http://dpw.threerings.net/projects/openvpn-auth-ldap/

PR:             ports/113925
Submitted by:   Nick Barkas <snb@threerings.net>

18:44 se 

New port of w3af, the Web Application Audit and Attack Framework.
This is a Python based package of tools that can be used to assess
the security of a web server (including automated advanced tests,
e.g. for XSS or SQL injection vulnerabilities).

I did not get this port to work with the py-google port, there for
a local copy of pygoogle is included and packaged with this port.

17:55 itetcu 

Chaosreader is a perl script that parses snoop or tcpdump logs
and extracts sessions for a number of different appplications:
ssh, telnet, smtp, irc, ftp, etc.  The data are formatted into
an html file and can be used to replay some sessions.

Sshkeydata is a perl script that attempts to recreate ssh
sessions extracted by chaosreader by estimating what commands
may have been typed.

Both scripts are installed in ${PREFIX}/bin

WWW: http://sourceforge.net/projects/chaosreader

PR:             ports/115125
Submitted by:   pauls

18:48 sat 

Add port security/p5-Net-Server-Mail-ESMTP-AUTH:

Net::Server::Mail::ESMTP::AUTH is an extension to provide
support for SMTP authentication with Net::Server::Mail::ESMTP
module.

Currently only LOGIN and PLAIN methods are supported.

WWW: http://search.cpan.org/dist/Net-Server-Mail-ESMTP-AUTH/
Author: Sylvain Cresto <scresto [_at_] gmail.com>

PR:             ports/114785 (with corrections)
Submitted by:   Zane C. Bowers <vvelox@vvelox.net>

09:22 sat 

Add port security/clamtk:

ClamTk is a GUI front-end for ClamAV using gtk2-perl. It is designed to
be an easy-to-use frontend for Unix systems.

WWW: http://clamtk.sourceforge.net/
Author: Dave M <dave.nerd@gmail.com>

23:21 pav 

Shibboleth is standards-based, open source middleware software which
provides Web Single SignOn (SSO) across or within organizational
boundaries. It allows sites to make informed authorization decisions
for individual access of protected online resources in a
privacy-preserving manner.

This software is a C++ implementation of the Service Provider
component of the Shibboleth can be used in Apache Web servers.  The
service provider manages secured resources. User access to resources
is based on assertions received by the service provider (SP) from
an identity provider.

WWW:    http://shibboleth.internet2.edu/

PR:             ports/114663
Submitted by:   Janos Mohacsi <janos.mohacsi@bsd.hu>

15:32 miwi 

2007-07-31 x11-fm/endeavour: Development ceased, this port should be updated to
Endeavour Mark II
2007-08-01 security/p5-openxpki-client-soap-lite: No longer maintained by
Developers.
2007-06-26 net-mgmt/aircrack: Please use net-mgmt/aircrack-ng.

14:41 chinsan 

Add chntpw 070409, utility to set the password and edit registry on
Microsoft NT system.

PR:             ports/114897
Submitted by:   buganini at gmail.com
Approved by:    rafan (mentor, implicit)

07:18 clsung 

Lasso is a free software C library aiming to implement the Liberty
Alliance standards; it defines processes for federated identities,
single sign-on and related protocols. Lasso is built on top of
libxml2, XMLSec and OpenSSL and is licensed under the GNU General
Public License  (with an OpenSSL exception).

WWW:    http://lasso.entrouvert.org/

PR:             ports/114639
Submitted by:   Gea-Suan Lin <gslin at gslin.org>

02:11 rafan 

- Retire security/metasploit-devel since security/metasploit is now
  up-to-date

PR:             ports/114196
Submitted by:   Yonatan <onatan at gmail.com> (maintainer)

18:35 csjp 

Hook bsmtrace into build for the security category

Reminded by:    Pav

18:37 miwi 

Crypt::Camellia_PP is a pure perl implementation of Camellia, a 128-bit
symmetrical block cipher with 128-bit, 192-bit, and 256-bit key from
NTT and Mitsubishi Electric Corporation.  It is one of the approved
encryption methods to be used by European Union as well as specified
in several Internet RFCs.

See also: http://info.isl.ntt.co.jp/crypt/eng/camellia/index.html
WWW: http://search.cpan.org/dist/Crypt-Camellia_PP/

PR:             ports/114525
Submitted by:   Yoshisato YANAGISAWA

02:24 clsung 

ZXID aims at full stack implementation of all federated identity
management and identity web services protocols. Initial goal is
supporting SP role, followed by ID-WSF WSC and IdP roles.

ZXID is light weight, has a small foot print, and is implemented in C.
It is suitable for both high performance and embedded applications.
Scripting languages are supported using SWIG, including Perl, PHP and
Java. The "full stack" nature of ZXID means it's self contained and
has minimal external library dependencies (see downloads).

WWW:    http://zxid.org/

PR:             ports/114346
Submitted by:   Gea-Suan Lin <gslin at gslin.org>

02:16 clsung 

This module priovides an Object Oriented interface for Yahoo!
Browser-Based Authentication.

This module is ported from the official PHP class which is located on
this page: http://developer.yahoo.com/php

WWW:    http://search.cpan.org/dist/Yahoo-BBAuth/

PR:             ports/114345
Submitted by:   Gea-Suan Lin <gslin at gslin.org>

21:37 brooks 

Add ca_root_nss:

Root certificates from certificate authorities included in the Mozilla
NSS library and thus in Firefox and Thunderbird.

00:06 brooks 

Add pssh:

This package provides parallel versions of the openssh tools. Included
in the distribution:

 - Parallel ssh (pssh)
 - Parallel scp (pscp)
 - Parallel rsync (prsync)
 - Parallel nuke (pnuke)
 - Parallel slurp (pslurp)

What are these tools good for? Mainly for controlling large collections
of nodes in the wide-area.

WWW: http://www.theether.org/pssh/

01:00 clsung 

Add p5-Sudo 0.31, perl extension for running a command line sudo.

PR:             ports/113056
Submitted by:   Gea-Suan Lin <gslin at gslin.org>

12:34 garga 

Scanhill is a Microsoft Messenger Protocol Sniffer. Currently it can only
intercept Instant Text Messaging. Optionally, intercepted text messages can be
stored onto an RDMBS (Only mySQL is supported for now). Given that mySQL is
used, stored instant messages can be read through a browser interface that is
written in PHP language. Please see the INSTALL.txt file for instructions on
how to install, configure and run EnderUNIX scanhill.

WWW:    http://www.enderunix.org/scanhill/

15:53 sat 

Add port security/execwrap:

ExecWrap is a super-user exec wrapper for the lighttpd web-server, but
it can be used in any environment as long as arguments can be passed
from the server to its children via the environment.

WWW: http://cyanite.org/execwrap/
Author: Sune Foldager <cryo@cyanite.org>

08:06 beech 

- Ports renamed for consistency

PR:             ports/112327
Repocopy by:    marcus
Approved by:    sat (maintainer)

11:30 miwi 

- Connect security/pidgin-encryption
- Fix category by pidgin-otr

11:07 miwi 

- Update to 3.0.1
- Update pkg-descr
- Update MASTER_SITES
- Connect to build

PR:             112651
Submitted by:   Mike Smith<perlfu@gmail.com>

02:41 clsung 

Add php-Auth_OpenID 1.2.2, PHP OpenID library.

PR:             ports/112079
Submitted by:   Gea-Suan Lin <gslin at gslin.org>

20:15 itetcu 

Add slave port sshguard-ipfw, protect networked hosts from brute force attacks
against ssh using ipfw.

PR:             ports/112760
Submitted by:   Mij <mij at bitchx.it>

20:10 itetcu 

Add slave port sshguard-pf, protect networked hosts from brute force attacks
against ssh usinh pf

PR:             ports/112759
Submitted by:   Mij <mij at bitchx.it>

09:11 leeym 

- add Crypt::OpenSSL::X509 0.5

  This implement a large majority of OpenSSL's useful X509 API.

  The email() method supports both certificates where the
  subject is of the form:
  "... CN=Firstname lastname/emailAddress=user@domain", and also
  certificates where there is a X509v3 Extension of the form
  "X509v3 Subject Alternative Name: email=user@domain".

Submitted by:   kftseng@iyard.org

10:33 miwi 

This plugin enables Off-The-Record encryption for
Kopete.

WWW: http://kopete-otr.follefuder.org/

PR:             ports/112575
Submitted by:   Dave Grochowski <malus.x at gmail.com>

20:46 sobomax 

Re-add pvk under proper name.

19:51 sobomax 

Add pvt 20070406, tool to convert a RSA key in PEM format into a PVK
file and vice versa.

15:01 gabor 

Remove expired ports:

2007-04-27 security/op: no longer available from any mastersite
2007-05-15 shells/bash2: Old, unmaintained version, use shells/bash instead
2007-05-19 sysutils/xperfmon: irrelevant for supported FreeBSD releases

22:16 edwin 

New port: security/smap

    smap is a simple scanner for SIP enabled devices

    smap sends off various SIP requests awaiting responses from SIP
    enabled DSL router, proxies and user agents. It could be considered
    a mashup of nmap and sipsak ;)

    WWW: http://www.wormulon.net/
    Author: Hendrik Scholz <hscholz@raisdorf.net>

08:00 clsung 

Add aespipe , an AES encrypting or decrypting pipe.

PR:             ports/112056
Submitted by:   Ekkehard 'Ekki' Gehm <gehm at physik.tu-berlin.de>

14:01 tobez 

Resurrect p5-Crypt-OpenPGP, now with a patch for CVE-2005-0366.

Seems OK:       simon, lth

21:33 miwi 

- Add ossec-hids-client as slave port.
PR:             ports/111944
Submitted by:   Valerio Daelli <valerio.daelli at gmail.com>

21:32 miwi 

- Add ossec-hids-local as slave port

PR:             ports/111944
Submitted by:   Valerio Daelli <valerio.daelli at gmail.com>

21:29 miwi 

OSSEC is an Open Source Host-based Intrusion Detection System.
It performs log analysis, integrity checking, Windows registry
monitoring, rootkit detection, time-based alerting and active
response.

WWW: http://www.ossec.net/

PR:             ports/111944
Submitted by:   Valerio Daelli <valerio.daelli at gmail.com>

18:05 novel 

Add umit 0.9.3, UMIT is the nmap frontend developed with Python and
PyGTK.

PR:             ports/111959
Submitted by:   Elisey Savateev <b3k at mail.ru>

17:40 miwi 

2007-03-27 emulators/kmamerun: Project was abandoned 4 years ago and expects an
old version of XMAME, please use other frontends instead (like gxmame)
2007-03-28 graphics/hobbes-icons-xpm: Archaic port
2007-04-10 japanese/firefox-ja: Incomplete pkg-plist
2007-04-10 japanese/lookup-xemacs: Does not install
2007-04-10 lang/linux-hla: Does not compile
2007-04-10 mail/vmailmgr: Incomplete pkg-plist
2007-04-10 multimedia/qvamps: Touches filesystem prior to 'make install'
2007-03-10 net-mgmt/sting: Broken on all supported versions of FreeBSD
2007-04-10 net-mgmt/tas: Incomplete pkg-plist
2007-04-10 net-p2p/verlihub-plugins: Does not configure, it needs at least
verlihub 1.0
2007-04-10 news/inn-stable: Fails to patch
2007-04-10 palm/malsync: Does not build with new pilot-link
2007-04-10 russian/elm.language: Leaves behind files on deinstall
2007-04-10 russian/pine.language: Leaves behind config file on deinstall
2007-04-01 science/py-scipy03: Replaced by py-scipy
2007-04-10 security/php4-cryptopp: Does not compile

10:15 vanilla 

Add xyssl 0.6, a liteweight SSL and TLS toolkit for C developers.

PR:             ports/111279
Submitted by:   mdh <mdh at solitox.net>

06:19 lwhsu 

Add py-gnutls 1.0.0, python wrapper for the GNUTLS library.

Approved by:    clsung (mentor)

13:09 rafan 

Add phpsecinfo 0.2.0, a PHP environment security auditing toool.

PR:             ports/111040
Submitted by:   chinsan

09:48 rafan 

- Add www/drupal5
- Rename drupal-* to drupal4-*

04:13 clsung 

Add cryptstring 0.2, crypto Strings for PHP.

PR:             ports/110764
Submitted by:   Gea-Suan Lin <gslin at gslin.org>

11:57 miwi 

ocaml-ssl is a set of OCaml bindings for openssl.

WWW: http://savonet.sourceforge.net/wiki/OCamlLibs

PR:             ports/110303
Submitted by:   Jaap Boender <jaapb at kerguelen.org>

10:20 miwi 

F-Prot Antivirus BSD Mail Servers utilizes the renowned F-Prot Antivirus
scanning engine for primary scan but has in addition to that a system of
system of internal heuristics devised to search for unknown viruses.

Please note that the license explicitly permits that F-Prot Antivirus BSD
Mail Servers be used for evaluation purposes only, without charge for a
period of no more than 60 days.  If you use this software after the 60 day
evaluation period, then you must register and pay a license fee.

WWW: http://www.f-prot.com/

PR:             ports/110107
Submitted by:   Scot W. Hetzel <swhetzel at gmail.com>

13:49 miwi 

py-bcrypt is a Python wrapper of OpenBSDs Blowfish password hashing code,
as described in A Future-Adaptable Password Scheme by Niels Provos and
David Mazières.

WWW:    http://www.mindrot.org/projects/py-bcrypt/

05:36 clsung 

Move zzuf-0.8.1 from devel/, transparent application input fuzzer.

Noted by:       kris
PR:             ports/109829
Submitted by:   Peter Johnson <johnson.peter at gmail.com>

01:36 clsung 

Add sshguard 0.91, protect networked hosts from brute force attacks
against ssh.

PR:             ports/109439
Submitted by:   Mij <mij at bitchx.it>

07:06 ale 

This is a library for the Java platform which makes PKCS#11 (also known
as Cryptoki) modules accessible from within Java. A PKCS#11 module is a
software library with a defined API which allows access to cryptographic
hardware. It usually comes with hardware security modules (HSM), smart
cards and crypto tokens (e.g. USB tokens). Thus, the PKCS#11 Wrapper
provides Java software access to almost any crypto hardware. For
example, a Java application can use it to integrate a HSM or a smart
card to create digital signatures, to decrypt data or to unwrap keys.

WWW: http://jce.iaik.tugraz.at/sic/products/core_crypto_toolkits/pkcs_11_wrapper

12:44 sat 

Add port security/jeta:

Jeta is the Horde wrapper around various Java SSH applets.  It allows users
to login via a terminal window to the server on which the Horde application is
running.

WWW: http://www.horde.org/jeta/

PR:             ports/109095
Submitted by:   Beech Rintoul <beech@alaskaparadise.com>

05:42 rafan 

Add p5-Authen-PluggableCaptcha 0.04, a pluggable Captcha framework for
Perl.

PR:             ports/109383
Submitted by:   chinsan