05:37 aaron 

Adding port security/p5-Authen-Simple-Passwd, Passwd extension for
security/p5-Authen-Simple.

Approved by:    tobez (implicit)

05:27 aaron 

Adding port security/p5-Authen-Simple-HTTP, HTTP extension for
security/p5-Authen-Simple.

Approved by:    tobez (implicit)

05:19 aaron 

Adding port security/p5-Authen-Simple-Net, extension for
security/p5-Authen-Simple allowing authentication via FTP, POP3, or SMTP.

Approved by:    tobez (implicit)

05:07 aaron 

Adding port security/p5-Authen-Simple-DBI, DBI extension for security/p5-Authen-
Simple.

Approved by:    tobez (implicit)

01:10 aaron 

Adding port security/p5-Authen-Simple-LDAP, LDAP and ActiveDirectory extension
to security/p5-Authen-Simple.

Approved by:    tobez (implicit)

00:52 aaron 

Adding port security/p5-Authen-Simple, a consistent and simple framework for
authentication.

Approved by:    tobez (implicit)

10:44 sat 

Add py-cerealizer: Secure pickle-like module

PR:             ports/96944
Submitted by:   Jose Alonso Cardenas Marquez <acardenas@bsd.org.pe>
Approved by:    krion (mentor)

15:34 garga 

PAM module for per-user authentication

PR:             ports/97158
Submitted by:   Jim Pirzyk <pirzyk@freebsd.org>

16:33 aaron 

Add ipfwcount 0.2.1, summarise ipfw logs by counting and sorting the
fields.

PR:             ports/92454
Submitted by:   Robert Archer <freebsd@deathbeforedecaf.net>
Approved by:    tobez

12:08 jeh 

Since the DAT files are so short lived on the server, have this port
automatically fetch the current DAT file.  The uvscan-dat port will
be removed shortly.

11:46 itetcu 

TrustedPickle is a Python module that can save most any arbitrary Python object
in a signed pickle file. There are two big differences between this module and
the standard pickle module. First, TrustedPickle can pickle a module, but the
standard pickle module cannot. Second, TrustedPickle includes a signature that
can verify the data's origin before the data is unpickled.

WWW: http://trustedpickle.sourceforge.net/index.html

PR:             ports/96691
Submitted by:   Alexander Botero-Lowry <alex@foxybanana.com>
Approved by:    lawrance (mentor)

14:06 sat 

Add parano: A Gnome program to deal with hashfiles

PR:             ports/96710
Submitted by:   sat
Approved by:    krion (mentor)

00:52 ehaupt 

Add rainbowcrack 1.2, a hash cracker that precomputes plaintext -
ciphertext pairs in advance.

PR:             96664
Submitted by:   bryan@freshdns.net

07:36 clsung 

Add medusa 1.0, a speedy, massively parallel, modular, login
brute-forcer.

PR:             ports/96641
Submitted by:   David Thiel <lx@redundancy.redundancy.org>

20:46 pav 

courierpasswd is an authentication and password changing utility
that uses the courier-authlib authentication library to find user credentials.

Its interface follows that of Daniel J. Bernstein's checkpassword program.

WWW: http://www.arda.homeunix.net/store/

PR:             ports/96572
Submitted by:   Andrew St. Jean <andrew@arda.homeunix.net>

04:04 ijliao 

add p5-Authen-TypeKey 0.05
TypeKey authentication verification

PR:             94679
Submitted by:   Gea-Suan Lin <gslin@gslin.org>

15:55 pav 

Tcl SASL provides a Tcl interface to the Cyrus SASLv2 library.

WWW: http://beepcore-tcl.sourceforge.net/tclsasl.html

PR:             ports/96359
Submitted by:   Denis Shaposhnikov <dsh@vlink.ru>

15:44 pav 

Password Manager helps to manage large numbers of passwords and related
information and simplifies the tasks of searching and entering password data.

KedPM is written as an extensible framework, which allows users to plug in
custom password database back-ends and custom user interface front-ends.
Currently, only the Figaro PM back-end supported. To control KedPM user can
choose between CLI and GTK2 based GUI front-ends.

WWW: http://kedpm.sourceforge.net

PR:             ports/96321
Submitted by:   Tim Welch <twelch@thepentagon.org>

01:55 jmelo 

- New port:
fswatch is a utility to guard changes in a file system. fswatch is composed
of three simple programs: fswbuild, fswcmp, fswshow. fswbuild builds file
system information database. fswcmp compairs two database files and returns
what changes a in file system have been introduced. fswshow shows contents of
database file. a file information database is platform independend.

fswatch can collect the following information about files (and directories):
inode, links, uid, gid, mode, size, flags, ctime, checksum (sha1) ; and can
show which files were added, deleted or changed.

PR:             ports/95973
Submitted by:   dominik karczmarski <dominik@karczmarski.com> (maintainer)
Reworked by:    jmelo
Approved by:    mnag (mentor)

07:19 vd 

Remove expired ports:
2006-04-17 security/nessus-devel
2006-04-17 security/nessus-libnasl-devel
2006-04-17 security/nessus-libraries-devel
2006-04-17 security/nessus-plugins-devel

13:54 archie 

Remove the skip port. Created before there was an IPSec implementation on
FreeBSD, it is now extremely obsolete. In any case it doesn't compile. Earlier
version of this port can still be used on older versions of FreeBSD of course.

17:07 sem 

UPEK TouchChip TFM/ESS Fingerprint BSP is a (binary only) BioAPI BSP which
provides support for UPEKs fingerprint sensors.

PR:             ports/93035
Submitted by:   Fredrik Lindberg <fli@shapeshifter.se>

09:57 tobez 

Add security/p5-GSSAPI 0.20, a Perl extension providing access to the
GSSAPIv2 library.

12:32 sem 

Anti-bruteforce PAM module for authentification services. It can be used to
prevent brute-force attacks on services like SSH or Telnet. It's highly
configurable and very fast.

WWW: http://mbsd.msk.ru/pam_af.html

PR:             ports/94113
Submitted by:   Stanislav Sedov <ssedov@mbsd.msk.ru>

19:20 pav 

Password Gorilla is cross-platform Password Manager.
It uses TCL/Tk and runs on most platforms supported by Tcl/Tk.

WWW:    http://www.fpx.de/fp/Software/Gorilla

PR:             ports/93179
Submitted by:   Kay Lehmann <kay_lehmann@web.de>

23:11 jylefort 

Add silktools.

SiLK, the System for Internet-Level Knowledge, is a collection of
netflow tools developed by the CERT/NetSA (Network Situational
Awareness) Team to facilitate security analysis in large networks.

SiLK consists of a suite of tools which collect and examine netflow
data, allowing analysts to rapidly query large sets of data.

WWW: http://silktools.sourceforge.net

PR:             ports/94623
Submitted by:   David Thiel <lx@redundancy.redundancy.org>

15:54 arved 

Add matrixssl, a small GPL'd SSL implementation.

21:40 mnag 

- Add port security/pecl-gnupg

This extension provides methods to PHP interact with gnupg.

WWW:    http://pecl.php.net/package/gnupg

20:00 linimon 

Remove hpn-ssh; the functionality is now an option when building the
openssh-portable port.

Pointy hat to:  brooks

11:37 garga 

The Authen::Libwrap module allows you to access the hosts_ctl()
function from the popular TCP Wrappers security package.  This
allows validation of network access from perl programs against
the system-wide hosts.allow file.

WWW: http://search.cpan.org/dist/Authen-Libwrap

PR:             ports/92855
Submitted by:   Zach Thompson <hideo@lastamericanempire.com>

10:56 pav 

New slave port to security/barnyard - adds patches for sguil6

PR:             ports/92241
Submitted by:   Paul Schmehl <pauls@utdallas.edu>

17:09 garga 

We all know that you should always check input variables, but PHP does not
offer really good functionality for doing this in a safe way.
The Input Filter extension is meant to address this issue by implementing
a set of filters and mechanisms that users can use to safely access their
input data.

WWW: http://pecl.php.net/package/filter

PR:             ports/92198
Submitted by:   Alexander Zhuravlev <zaa@zaa.pp.ru>

07:27 pav 

Net::SFTP is a pure Ruby implementation of the SFTP client protocol
(versions 1 through 5).

PR:             ports/91829
Submitted by:   Roderick van Domburg <r.s.a.vandomburg@student.utwente.nl>

07:20 pav 

Net::SSH is a pure-Ruby implementation of the SSH2 client protocol. It
supports the following features:

 - User authentication via explicit username/password, or using a
public-key/private-key pair.
 - Port forwarding, both from the local host to a remote computer via
the remote host, and from the remote host to the local host.
 - Execute processes on the remote machine, both interactively and
non-interactively ("batch").

PR:             ports/91828
Submitted by:   Roderick van Domburg <r.s.a.vandomburg@student.utwente.nl>

23:19 brooks 

Add drupal-ldap_integration.

The ldap_integration Drupal module allows users to authenticate against
a LDAP directory.  Additionally, users can read and modify their data in
the LDAP directory subject to administrative restrictions.

15:24 pav 

ClamCour is a filter for courier MTA using ClamAV for scanning mails for
viruses.

PR:             ports/91740
Submitted by:   Milan Obuch <bsd@dino.sk>

10:12 pav 

The (BSD) BioAPI service module for PAM provides authentication management
through BioAPI BSPs.

PR:             ports/91750
Submitted by:   Fredrik Lindberg <fli@shapeshifter.se>

10:11 pav 

bioapitool is a small BioAPI management utility which allows enrollment and
verification of BIR entries.  It only implements a subset of the BioAPI
specification but should provide enough functionallity for basic account
management.

PR:             ports/91749
Submitted by:   Fredrik Lindberg <fli@shapeshifter.se>

09:29 pav 

BioAPI (Biometric Application Programming Interface) brings platform and device
independence to application programmers and biometric service providers.

PR:             ports/91734
Submitted by:   Fredrik Lindberg <fli@shapeshifter.se>

08:31 pav 

- Move databases/pecl-hash to security/pecl-hash

PR:             ports/91680
Submitted by:   Alexander Zhuravlev <zaa@zaa.pp.ru> (maintainer)
Repocopies by:  marcus

12:33 edwin 

New port: security/expiretable Utility used to remove entries from the pf(4)
table based on their age

        Expiretable is a utility used to remove entries from the pf(4) table
        based on their age.

        The age in question being the amount of time that has passed since
        the statistics for each entry in the target table was last cleared.

        WWW: http://expiretable.fnord.se/

PR:             ports/91481
Submitted by:   cris <cris@gufi.org>

07:57 edwin 

Update: security/samhain 2.0.10 -> 2.1.0

        Updating the Samhain integrity checking system to 2.1.0, a
        bugfix release.

        It's been requested by several people to break Samhain out
        into separate client and server ports. This PR does that,
        with a samhain-client and samhain-server port, as slave
        ports off of samhain. I'm not sure the best way to submit
        a PR to do this kind of action, but here is a shar of all
        three ports. If another format is desired, please let me
        know.  I'm also interested in feedback on the approach used
        for splitting these out.

PR:             ports/90305
Submitted by:   David Thiel <lx@redundancy.redundancy.org>

07:56 edwin 

Update: security/samhain 2.0.10 -> 2.1.0

        Updating the Samhain integrity checking system to 2.1.0, a
        bugfix release.

        It's been requested by several people to break Samhain out
        into separate client and server ports. This PR does that,
        with a samhain-client and samhain-server port, as slave
        ports off of samhain. I'm not sure the best way to submit
        a PR to do this kind of action, but here is a shar of all
        three ports. If another format is desired, please let me
        know.  I'm also interested in feedback on the approach used
        for splitting these out.

PR:             ports/90305
Submitted by:   David Thiel <lx@redundancy.redundancy.org>

04:38 edwin 

[NEW PORT]: security/cutlass

        The attached shar is for security/cutlass - an encrypted
        peer-to-peer voice, text, and file transmission protocol
        entended to bring encrypted Internet use to the masses.
        Also included is a sample application using the protocol.

Please note that the patch ommited from the PR will have to be added
when ports/91035 : [UPDATE]: security/botan is commited.

PR:             ports/91072
Submitted by:   Wesley Shields <wxs@csh.rit.edu>

15:52 foxfair 

Add ipfcount 0.1, summarise ipf logs by counting and sorting the fields.

PR:             ports/90811
Submitted by:   Robert Archer <freebsd@deathbeforedecaf.net>

09:58 garga 

Add openvpn-admin 1.9.2, GUI frontend to openvpn.

PR:             ports/90176
Submitted by:   Remington Lang <MrL0Lz@gmail.com>

09:27 erwin 

This is not C-code interface (like `Digest::MD5') but a Perl-only
implementation of MD4 (like `Digest::Perl::MD5'). Because of this, it is
slow but avoids platform specific complications. For efficiency you
should use `Digest::MD4' instead of this module if it is available.

WWW: http://search.cpan.org/dist/Digest-Perl-MD4

PR:             ports/90771
Submitted by:   Gabor Kovesdan

09:25 erwin 

Digest::SHA::PurePerl is a complete implementation of the NIST
Secure Hash Standard.  It gives Perl programmers a convenient way
to calculate SHA-1, SHA-224, SHA-256, SHA-384, and SHA-512 message
digests.  The module can handle all types of input, including
partial-byte data.
Digest::SHA::PurePerl is written entirely in Perl.  If your platform
has a C compiler, you should install the functionally-equivalent
(but much faster) Digest::SHA module.

WWW: http://search.cpan.org/dist/Digest-SHA-PurePerl

PR:             ports/90773
Submitted by:   Gabor Kovesdan

09:24 erwin 

This is not an interface (like "Digest::MD5") but a Perl implementation
of MD5. It is written in perl only and because of this it is slow but it
works without C-Code. You should use "Digest::MD5" instead of this
module if it is available. This module is only usefull for
computers where you cannot install "Digest::MD5" (e.g. lack of a
C-Compiler).

WWW: http://search.cpan.org/dist/Digest-Perl-MD5

PR:             ports/90772
Submitted by:   Gabor Kovesdan

09:19 erwin 

Digest::Pearson::PurePerl is an implementation of Peter K. Pearson's hash
algorithm presented in "Fast Hashing of Variable Length Text Strings"
- ACM 1990. This hashing technique yields good distribution of hashed results
for variable length input strings on the range 0-255, and thus, it is well
suited for data load balancing.
If you prefer a fast implementation, you might want to
consider Digest::Pearson instead.

WWW: http://search.cpan.org/dist/Digest-Pearson-PurePerl

PR:             ports/90770
Submitted by:   Gabor Kovesdan

17:39 erwin 

TEA is a 64-bit symmetric block cipher with a 128-bit key and a variable number
of rounds (32 is recommended). It has a low setup time, and depends on a
large number of rounds for security, rather than a complex algorithm. It was
developed by David J. Wheeler and Roger M. Needham, and is described at
http://www.ftp.cl.cam.ac.uk/ftp/papers/djw-rmn/djw-rmn-tea.html .

WWW: http://search.cpan.org/dist/Crypt-TEA

PR:             ports/90717
Submitted by:   Gabor Kovesdan

17:38 erwin 

Crypt::X509 parses X.509 certificates. Methods are provided for accessing most
certificate elements. It is based on the generic ASN.1 module by Graham Barr,
on the x509decode example by Norbert Klasen and contributions on the
perl-ldap-dev-Mailinglist by Chriss Ridd.

WWW: http://search.cpan.org/dist/Crypt-X509

PR:             ports/90716
Submitted by:   Gabor Kovesdan

16:37 erwin 

The Crypt::SaltedHash module provides an object oriented interface to create
salted (or seeded) hashes of clear text data. The original formalization of
this concept comes from RFC-3112 and is extended by the use of different
digital agorithms.

WWW: http://search.cpan.org/dist/Crypt-SaltedHash

PR:             ports/90698
Submitted by:   Gabor Kovesdan

16:35 erwin 

Shark is 64-bit block cipher that accepts a 128-bit key. It was
designed by Vincent Rijmen, Joan Daemen, Bart Preneel, Antoon
Bosselaers, and Erik De Win.

WWW: http://search.cpan.org/dist/Crypt-Shark

PR:             ports/90699
Submitted by:   Gabor Kovesdan

16:31 erwin 

The single exported subroutine in this module is for generating a salt
suitable for being fed to crypt() and other similar functions.

WWW: http://search.cpan.org/dist/Crypt-Salt

PR:             ports/90696
Submitted by:   Gabor Kovesdan

15:40 erwin 

This module contains a simple S/Key calculator (as described in RFC
1760) implemented in Perl. It exports the function `key' by default, and
may optionally export the function `compute'.
`compute_md4', `compute_md5', `key_md4', and `key_md5' are provided as
convenience functions for selecting either MD4 or MD5 hashes. The
default is MD4; this may be changed with with the `$Crypt::SKey::HASH'
variable, assigning it the value of `MD4' or `MD5'. You can access any
of these functions by exporting them in the same manner as `compute' in
the above example.
Most S/Key systems use MD4 hashing, but a few (notably OPIE) use MD5.

WWW: http://search.cpan.org/dist/Crypt-SKey

PR:             ports/90695
Submitted by:   Gabor Kovesdan

15:39 erwin 

Loki97 is 128-bit block cipher that accepts a variable-length key. It was
designed by Lawrie Brown, Josef Pieprzyk, and Jennifer Seberry. The default
key length in this implementation is 128 bits. Loki97 was one of the 15
candidates for the AES.

WWW: http://search.cpan.org/dist/Crypt-Loki97

PR:             ports/90694
Submitted by:   Gabor Kovesdan

15:37 erwin 

Crypt::License decodes an encrypted file and attempts to decrypt it by first,
looking for a hash pointer in the caller program called $ptr2_License. The
hash contains the path to the License file and an optional 'private' key list
of modules which will decrypt only with the 'private' key. OR, a hash key of
'next' with no particular value that indicates to look to the next caller on
the stack for the License pointer. If the pointer is not present or the
License file is not found successfully, then no further action is taken. If the
License file is successfully opened, and the contents validated then the
attached encrypted module is loaded and the seconds remaining until License
expiration are returned or now() in the case of no expiration. Undef is
returned for an expired license (module fails to load).

WWW: http://search.cpan.org/dist/Crypt-License

PR:             ports/90693
Submitted by:   Gabor Kovesdan

15:30 erwin 

Khazad is a 128-bit key, 64-bit block cipher. Designed by Vincent Rijmen and
Paulo S. L. M. Barreto, Khazad is a NESSIE finalist for legacy-level block
ciphers. Khazad has many similarities with Rijndael, and has an extremely
high rate of diffusion.

WWW: http://search.cpan.org/dist/Crypt-Khazad

PR:             ports/90692
Submitted by:   Gabor Kovesdan

08:35 erwin 

This module is a complete working Perl implementation of the Enigma Machine
used during World War II. The cipher calculations are based on actual Enigma
values and the resulting ciphered values are as would be expected from an
Enigma Machine.
The implementation allows for all of the Rotors and Reflectors available to the
real world Enigma to be used. A Steckerboard has also been implemented,
allowing letter substitutions to be made.

WWW: http://search.cpan.org/dist/Crypt-Enigma

PR:             ports/90683
Submitted by:   Gabor Kovesdan

20:47 edwin 

[new port] security/chroot_safe

        chroot_safe, a tool to chroot any application in a sane
        manner without requring binaries, shared libraries etc
        within the chroot or any support from the application. Works
        with any dynamically linked application.

        WWW: http://sourceforge.net/projects/chrootsafe

PR:             ports/90341
Submitted by:   Gabor Kovesdan <gabor.kovesdan@t-hosting.hu>

15:51 erwin 

This package is used to encrypt and decrypt passwords generated by IMail.
See: http://www.ipswitch.com/products/imail_server/

WWW: http://search.cpan.org/dist/Crypt-Imail

PR:             ports/90686
Submitted by:   Gabor Kovesdan

15:51 erwin 

Crypt::GOST_PP is a pure perl implementation of GOST, a 64-bit
symmetrical block cipher with a 256-bit key from the former Soviet
Union. Please read the Pod documentation contained in the module
itself for additional information, including the rationale behind
the writing of this module.

WWW: http://search.cpan.org/dist/Crypt-GOST_PP

PR:             ports/90685
Submitted by:   Gabor Kovesdan

15:50 erwin 

GOST 28147-89 is a 64-bit symmetric block cipher with a 256-bit
key developed in the former Soviet Union. Some information on it
is available at http://vipul.net/gost/ .
This module implements GOST encryption. It supports the Crypt::CBC
interface, with the functions described below. It also provides
an interface that is backwards- compatible with Crypt::GOST 0.41,
but its use in new code is discouraged.

WWW: http://search.cpan.org/dist/Crypt-GOST

PR:             ports/90684
Submitted by:   Gabor Kovesdan

14:49 erwin 

The Data Encryption Standard (DES), also known as Data
Encryption Algorithm (DEA) is a semi-strong encryption and
decryption algorithm.
The module is 100 % compatible to Crypt::DES but is implemented
entirely in Perl. That means that you do not need a C compiler
to build and install this extension.

WWW: http://search.cpan.org/dist/Crypt-DES_PP

PR:             ports/90682
Submitted by:   Gabor Kovesdan

14:42 erwin 

The Chimera key exchange protocol generates a shared key between two parties.
The protocol was shown to be INSECURE. This module is therefore released for
purely academic curiosity.

WWW: http://search.cpan.org/dist/Crypt-Chimera

PR:             ports/90681
Submitted by:   Gabor Kovesdan

09:51 anray 

Added p5-Crypto-MySQL, perl extension to compare MySQL passwords without
libmysqlclient.

PR:             ports/90590
Submitted by:   Gabor Kovesdan <gkovesdan@t-hosting.hu>
Approved by:    sem(mentor)

09:35 anray 

Added p5-Crypt-HCE_MD5, perl extension implementing one way hash chaining
encryption using MD5.

PR:             ports/90589
Submitted by:   Gabor Kovesdan <gkovesdan@t-hosting.hu>
Approved by:    sem(mentor)

09:16 anray 

Added p5-Crypt-HCE_MD5, perl extension implementing one way hash chaining
encryption using MD5.

PR:             ports/90589
Submitted by:   Gabor Kovesdan <gkovesdan@t-hosting.hu>
Approved by:    sem(mentor)

22:13 erwin 

Rabbit is a new stream cipher based on the properties of counter assisted
stream ciphers, invented by Martin Boesgaard, Mette Vesterager,
Thomas Pedersen, Jesper Christiansen, and Ove Scavenius of Cryptico A/S.

WWW: http://search.cpan.org/dist/Crypt-Rabbit

PR:             ports/90615
Submitted by:   Gabor Kovesdan

22:06 erwin 

Sometimes it's necessary to protect some certain data against plain reading
or you intend to send information through the Internet. Another reason might
be to assure users cannot modify their previously entered data in a follow-up
step of a long Web transaction where you don't want to deal with server-side
session data. The goal of Crypt::Lite was to have a pretty simple way to
encrypt and decrypt data without the need to install and compile huge
packages with lots of dependencies.
Crypt::Lite generates every time a different encrypted hash when you
re-encrypt the same data with the same secret string. Nevertheless you
are able to make double or tripple-encryption with any data to increase
the security. Decryption works also on hashes that have been encrypted
on a foreign host (try this with an unpatched IDEA installation ;-).

WWW: http://search.cpan.org/dist/Crypt-Lite

PR:             ports/90614
Submitted by:   Gabor Kovesdan

21:59 erwin 

Generic Counter Mode implementation in pure Perl. The Counter Mode module
constructs a stream cipher from a block cipher or cryptographic hash funtion
and returns it as an object. Any block cipher in the Crypt:: class can be
used, as long as it supports the blocksize and keysize methods. Any hash
function in the Digest:: class can be used, as long as it supports
the add method.

WWW: http://search.cpan.org/dist/Crypt-Ctr

PR:             ports/90613
Submitted by:   Gabor Kovesdan

21:56 erwin 

Crypt::Caesar - Decrypt rot-N strings

WWW: http://search.cpan.org/dist/Caesar

PR:             ports/90612
Submitted by:   Gabor Kovesdan

21:55 erwin 

Generic CFB implementation in pure Perl. The Cipher Feedback Mode module
constructs a stream cipher from a block cipher or cryptographic hash funtion
and returns it as an object. Any block cipher in the Crypt:: class can be
used, as long as it supports the blocksize and keysize methods. Any hash
function in the Digest:: class can be used, as long as it supports the
add method.

WWW: http://search.cpan.org/dist/Crypt-CFB

PR:             ports/90611
Submitted by:   Gabor Kovesdan

21:53 erwin 

This code appears to have only cursory resemblance to Bruce Schneier's
blowfish and twofish algorithms in that it too has a table-based decoder.
Derivation from FairKeys code by Jon Lech Johanson at nanocrew.net.
If you don't know what that is, don't bother looking here further. This is
a Pure Perl implementation. I doubt there is any need for xs coding for
what would mainly be processing 16 bytes at a time. This code is part of an
ongoing effort to clone portions of the Apple iTMS in Perl for portability.
See www.hymn-project.org for prior efforts by others.

WWW: http://search.cpan.org/dist/Crypt-AppleTwoFish

PR:             ports/90610
Submitted by:   Gabor Kovesdan

16:03 vanilla 

Add sshit 0.5, checks for SSH/FTP bruteforce and blocks given IPs.

PR:             ports/90603
Submitted by:   Jui-Nan Lin <jnlin@csie.nctu.edu.tw>

21:50 erwin 

Digest::Pearson is an implementation of Peter K. Pearson's hash algorithm
presented in "Fast Hashing of Variable Length Text Strings" - ACM 1990. This
hashing technique yields good distribution of hashed results for variable
length input strings on the range 0-255, and thus, it is well suited for
data load balancing.
The implementation is in C, so it is fast. If you prefer a pure Perl version
and can tolerate slower speed, you might want to consider
Digest::Pearson::PurePerl instead.

WWW: http://search.cpan.org/dist/Digest-MD5-Pearson

PR:             ports/90578
Submitted by:   Gabor Kovesdan

21:46 erwin 

Digest::ManberHash - a Perl package to calculate Manber Hashes

WWW: http://search.cpan.org/dist/Digest-ManberHash

PR:             ports/90577
Submitted by:   Gabor Kovesdan

21:45 erwin 

MD5 sums (see RFC 1321 - The MD5 Message-Digest Algorithm) are used as a
one-way hash of data. Due to the nature of the formula used, it is impossible
to reverse it.
This module provides functions to search several online MD5 hashes database and
return the results (or return undefined if no match found).

WWW: http://search.cpan.org/dist/Digest-MD5-Reverse

PR:             ports/90576
Submitted by:   Gabor Kovesdan

16:22 erwin 

Get MD5 sums for files of a given path or content of a given url.

WWW: http://search.cpan.org/dist/Digest-MD5-File

PR:             ports/90567
Submitted by:   Gabor Kovesdan

16:16 erwin 

The Digest::JHash module allows you to use the fast JHash hashing algorithm
developed by Bob Jenkins from within Perl programs. The algorithm takes as
input a message of arbitrary length and produces as output a 32-bit
"message digest" of the input in the form of an unsigned long integer.
See http://burtleburtle.net/bob/hash/doobs.html for more information.

WWW: http://search.cpan.org/dist/Digest-JHash

PR:             ports/90564
Submitted by:   Gabor Kovesdan

16:15 erwin 

Digest::FNV is an implementation for the 32-bit version of Fowler/Noll/Vo
hashing algorithm which allows variable length input strings to be quickly
hashed into unsigned integer values. For more information about this hash,
please visit http://www.isthe.com/chongo/tech/comp/fnv/.

WWW: http://search.cpan.org/dist/Digest-FNV

PR:             ports/90563
Submitted by:   Gabor Kovesdan

16:02 erwin 

Digest::Elf provides an XS based implementation of the ElfHash algorithm.
ElfHash generates resonably 32 bit integer value from a string in a
reasonably short period of time.

WWW: http://search.cpan.org/dist/Digest-Elf

PR:             ports/90561
Submitted by:   Gabor Kovesdan

16:00 erwin 

This is Encrypted MAC (EMAC), formerly known as Double MAC (DMAC).
Unlike HMAC, which reuses an existing one-way hash function, such as
MD5, SHA-1 or RIPEMD-160, EMAC reuses an existing block cipher to
produce a secure message authentication code (MAC).

WWW: http://search.cpan.org/dist/Digest-EMAC

PR:             ports/90560
Submitted by:   Gabor Kovesdan

15:22 erwin 

This is Encrypted MAC (EMAC), formerly known as Double MAC (DMAC).
Unlike HMAC, which reuses an existing one-way hash function, such as
MD5, SHA-1 or RIPEMD-160, EMAC reuses an existing block cipher to
produce a secure message authentication code (MAC).

WWW: http://search.cpan.org/dist/Digest-DMAC

PR:             ports/90550
Submitted by:   Gabor Kovesdan

14:50 erwin 

Digest::DJB is an implementation of D. J. Bernstein's hash which returns a
32-bit unsigned value for any variable-length input string. An equivalent pure
Perl version is also available: Digest::DJB::PurePerl.

WWW: http://search.cpan.org/dist/Digest-DJB

PR:             ports/90549
Submitted by:   Gabor Kovesdan

14:44 erwin 

This module implements the hashcash hash (or digest, although it's not
clearly a digest). For all your information needs please
visit http://www.hashcash.org.

WWW: http://search.cpan.org/dist/Digest-Hashcash

PR:             ports/90548
Submitted by:   Gabor Kovesdan

14:16 erwin 

This module provides a perl implementation to generate 32 bits CRC digests for
buffers and files.

WWW: http://search.cpan.org/dist/Digest-Crc32

PR:             ports/90547
Submitted by:   Gabor Kovesdan

14:06 erwin 

The Digest::CRC module calculates CRC sums of all sorts. It contains wrapper
functions with the correct parameters for CRC-CCITT, CRC-16 and CRC-32.

WWW: http://search.cpan.org/dist/Digest-CRC

PR:             ports/90546
Submitted by:   Gabor Kovesdan

13:53 erwin 

The Digest::Adler32 module implements the Adler-32 checksum as specified
in RFC 1950. The interface provided by this module is specified in Digest,
but no functional interface is provided.

WWW: http://search.cpan.org/dist/Digest-Adler32

PR:             ports/90545
Submitted by:   Gabor Kovesdan

12:09 erwin 

Digest::SV1 - Cryptosleazically strong message digest format

WWW: http://search.cpan.org/dist/Digest-SV1

PR:             ports/90539
Submitted by:   Gabor Kovesdan

11:54 erwin 

A perl module that implements the tiger hash, which is believed to be secure
and runs quickly on 64-bit processors.

WWW: http://search.cpan.org/dist/Digest-Tiger

PR:             ports/90537
Submitted by:   Gabor Kovesdan

11:21 erwin 

Digest::Whirlpool - A 512-bit, collision-resistant, one-way hash function
developed by Paulo S. L. M. Barreto and Vincent Rijmen.

WWW: http://search.cpan.org/dist/Digest-Whirlpool

PR:             ports/90536
Submitted by:   Gabor Kovesdan

10:30 erwin 

Haval is a variable-length, variable-round one-way hash function designed by
Yuliang Zheng, Josef Pieprzyk, and Jennifer Seberry. The number of rounds can
be 3, 4, or 5, while the hash length can be 128, 160, 192, 224, or 256 bits.
Thus, there are a total of 15 different outputs. For better security, however,
this module implements the 5-round, 256-bit output.

WWW: http://search.cpan.org/dist/Digest-Haval256

PR:             ports/90534
Submitted by:   Gabor Kovesdan

20:15 ehaupt 

Add, security/fiked, a fake IKE PSK+XAUTH daemon based on VPNC.

This is a fake IKE daemon supporting just enough of the standards and Cisco
extensions to attack commonly found insecure Cisco PSK+XAUTH VPN setups.

If you know the pre-shared key, also known as shared secret or group password,
you can impersonate the VPN gateway in IKE phase 1, and learn XAUTH user
credentials in phase 2.

PR:             90372
Submitted by:   Daniel Roethlisberger <daniel@roe.ch>

09:50 barner 

Add symbion-sslproxy 1.0.5, an SSL proxy for securing unsecure
connections.

PR:             ports/90216
Submitted by:   Gabor Kovesdan

10:07 novel 

Add gnutls-devel - development version of gnutls.

01:04 edwin 

Add security/tor-devel

02:31 edwin 

[NEW PORT] security/jailaudit: Generate portaudit reports for jails from the
hostsystem

        This port contains a script for generating portaudit reports
        for jails running on a FreeBSD system.

        Jailaudit runs in the Host-system and uses portaudit to
        create reports for every jail currently running.

        It can also be used to send specific report-mails to the
        owner of a jail by running it as a cronjob.

        /etc/crontab example:
        0   4   *   *   *   *   root   /usr/local/bin/jailaudit mail
admin@foo.bar "foo.example.com bar.example.com"

        Sends reports-mails of the jails with the hostnames
        foo.example.com and bar.example.com to the mailaddr.
        admin@example.com.

        WWW: http://outpost.h3q.org/software/jailaudit/

PR:             ports/87581
Submitted by:   Philipp Wuensche <cryx-ports@h3q.com>

21:03 edwin 

New port: security/klamav

        KlamAV - Clam Anti-Virus on the KDE Desktop

        KlamAV is a KDE 3 front-end to Clam Anti-Virus.  It includes
        the following features:

        - 'On Access' Scanning
        - Manual Scanning
        - Quarantine Management
        - Downloading Updates
        - Mail Scanning (KMail/Evolution)

PR:             ports/84342
Submitted by:   Anderson S. Ferreira <anderson@cnpm.embrapa.br>