05:16 lioux 

New port md4coll version 0.1: Fast MD4 collision generator

05:15 lioux 

New port md5coll version 0.1: Fast MD5 collision generator

13:25 sergei 

- Disconnect security/prelude-nids from the parent Makefile
  prior to deletion

14:20 sumikawa 

Racoon is now maintained in security/ipsec-tools.

08:35 az 

- Move securiy/hping -> net/hping

16:28 lawrance 

Add amavisd-milter 1.0.2, milter for amavisd-new.

PR:             ports/82427
Submitted by:   Petr Rehor <prehor@gmail.com>

11:50 pav 

Sud is a daemon to execute interactive and non-interactive processes with
special (and customizable) privileges in a nosuid environment. It is based on a
client/server model and on the ability to pass file descriptors between
processes.

PR:             ports/88354
Submitted by:   Vaida Bogdan <vaidab@phenix.rootshell.be>

13:45 tobez 

Add security/p5-Authen-Htpasswd 0.12, a Perl module to read and modify
apache-style .htpasswd files.

06:45 vanilla 

Add denyhosts 1.1.2, script to thwart ssh attacks.

PR:             ports/88781
Submitted by:   Janos Mohacsi <janos.mohacsi.at.bsd.hu>

11:49 skv 

Add p5-Authen-SASL-Cyrus 0.12, XS SASL Authentication.

22:08 linimon 

Remove opensc-esteid.  The functionality has been merged into the
masterport.

PR:             ports/88008
Submitted by:   maintainer

01:33 nork 

Add java_policy 1.4.2, which provides JCE(Java Cryptography
Extension) Unlimited Strength Jurisdiction Policy Files.

WWW:                    http://java.sun.com/products/jce/index-14.html
I was cheated by:       ume

17:36 ehaupt 

Add p5-GD-SecurityImage, a Perl5 module for creating CAPTCHA security images

PR:             87494
Submitted by:   Rod Taylor <ports@rbt.ca>
Approved by:    novel (mentor) (implicit)

18:18 sergei 

Add security/libpreludedb:

This library provides a framework for easy access to the Prelude database.

WWW:    http://www.prelude-ids.org/

06:08 dinoex 

- create slave port for openssl 0.9.7

02:16 edwin 

New port: security/webfwlog Web-based firewall log analyzer

        Webfwlog is a web-based firewall log analysis and reporting
        tool, and supports ipfilter and ipfw log file formats.  It
        is interactive and allow the user to "drill-down" from a
        summary report to packet details logged.  It also has great
        flexibility in the format of the output and which logged
        records are included.  Sample report definitions are included
        and are saved in a database (MySQL or PostgreSQL) and can
        be modified by the user.

        More info at: http://www.webfwlog.net

PR:             ports/80352
Submitted by:   Bob Hockney <zeus@ix.netcom.com>

18:21 ehaupt 

Add gwee, a tool to exploit command execution vulnerabilities in web scripts.

PR:             80639
Submitted by:   chinsan <chinsan@mail2000.com.tw>
Approved by:    novel (mentor)

16:31 mnag 

New port

The Authen::CyrusSASL module provides a simple class that allows you
to send request to the cyrus-sasl's authen daemon.
This module is based on the Authen::Radius module with the similar interface.

PR:             86943
Submitted by:   Attila Nagy <bra@fsn.hu>
Approved by:    pav (mentor)

13:54 garga 

Add tthsum 1.1.0, a command-line utility for generating and checking TTH
message digests.

PR:             ports/86555
Submitted by:   Emanuel Haupt <ehaupt@critical.ch>

13:50 pav 

Pamsfs is a PAM module that logs a user into a SFS server on
system login. The primary reason for doing this is to allow users'
home-directories to be located on a SFS server.

PR:             ports/86095
Submitted by:   David Thiel <lx@redundancy.redundancy.org>

16:43 lth 

Add p5-Digest-SHA 5.31, Perl extension for SHA-1/224/256/384/512.

PR:             ports/84570
Submitted by:   Travis Campbell <hcoyote@ghostar.org>

23:42 pav 

ClusterSSH controls a number of xterm windows via a single graphical
console window to allow commands to be interactively run on multiple
servers over an ssh connection.

PR:             ports/84970
Submitted by:   David Thiel <lx@redundancy.redundancy.org>

15:02 lth 

Add p5-Crypt-NULL 1.02, perl implementation of the NULL encryption
algorithm.

PR:             ports/84629
Submitted by:   TAKAHASHI Kaoru <kaoru@kaisei.org>

23:14 pav 

- Remove security/pf and security/authpf ports. They were only useful on
  FreeBSD 5.0 - 5.2.1.

Requested by:   mlaier (maintainer) via linimon

00:06 jylefort 

Add signing-party.

signing-party is a collection for all kinds of PGP/GnuPG related things,
including signing scripts, party preparation scripts, etc.

 * caff: CA - Fire and Forget signs and mails a key
 * pgp-clean: removes all non-self signatures from key
 * pgp-fixkey: removes broken packets from keys
 * gpg-mailkeys: simply mail out a signed key to its owner
 * gpg-key2ps: generate PostScript file with fingerprint paper strips
 * gpglist: show who signed which of your UIDs
 * gpgsigs: annotates list of GnuPG keys with already done signatures
 * keylookup: ncurses wrapper around gpg --search

WWW: http://pgp-tools.alioth.debian.org/

PR:             ports/86077
Submitted by:   Johan van Selst <johans@stack.nl>

12:49 garga 

Add ncrypt 0.7.0, advanced AES file encryption tool.

PR:             ports/85486
Submitted by:   Frank Laszlo <laszlof@vonostingroup.com>

14:13 vsevolod 

Add IPSec tools port - the new "official" version of racoon,
is the only one which is maintained and have lots of new features.

PR:             85544
Submitted by:   VANHULLEBUS Yvan <vanhu@netasq.com>
Approved by:    perky (mentor)

19:03 sem 

Bcrypt is a blowfish file encryption utility which aims for cross-platform
portability.

PR:             ports/84798
Submitted by:   Emanuel Haupt <ehaupt@critical.ch>

18:51 sem 

ipguard listens network for ARP packets. All permitted MAC/IP pairs
listed in 'ethers' file. If it recieves one with MAC/IP pair, which is
not listed in 'ethers' file, it will send ARP reply with configured
fake address. This will prevent not permitted host to work properly
in this ethernet segment. Especially Windows(TM) hosts.

PR:             ports/84627, ports/85671
Submitted by:   SeaD <sead@mail.ru>

16:29 garga 

Add p5-Net-Daemon-SSL 1.0, perl5 extension for portable daemons.

PR:             ports/85125
Submitted by:   Simon Dick <simond@irrelevant.org>

01:52 jylefort 

Add p5-Net-OpenID-Server.

OpenID is a decentralized identity system, but one that's actually
decentralized and doesn't entirely crumble if one company turns evil
or goes out of business.

An OpenID identity is just a URL. You can have multiple identities in
the same way you can have multiple URLs. All OpenID does is provide a
way to prove that you own a URL (identity).

Anybody can run their own site using OpenID, and anybody can be an
OpenID server, and they all work with each other without having to
register with or pay anybody to "get started". An owner of a URL can
pick which OpenID server to use.

WWW: http://www.openid.net

PR:             ports/85284
Submitted by:   Alex Kapranoff <kappa@rambler-co.ru>

01:34 jylefort 

Add p5-Data-Password.

Data::Password checks potential passwords for crackability. It checks that the
password has the appropriate length, that it has enough character groups, that
it does not contain the same characters repeatedly, that it does not contain
ascending or descending characters, or characters close to each other on the
keyboard. It also searches for the password in the ispell word file.

WWW: http://search.cpan.org/~razinf/Data-Password/

PR:             ports/84513
Submitted by:   ports@c0decafe.net

14:10 sergei 

- Disconnect gnutls-devel from the parent Makefile prior to removal

10:32 garga 

This package implements an algorithm for breaking the PkZip cipher that was
devised by Eli Biham and Paul Kocher.

This program applies a known plaintext attack to an encrypted file.
A known-plaintext-attack recovers a password using the encrypted file and
(part of) the unencrypted file.

Please note that cryptographers use the word 'plaintext' for any kind of
unencrypted data - not necessarily readable ASCII text.

Before you ask why somebody may want to know the password when he already knows
the plaintext think of the following situations:

 - Usually there's a large number of files in a ZIP-archive. Usually all these
   files are encrypted using the same password. So if you know one of the files,
   you can recover the password and decrypt the other files.
 - You need to know only a part of the plaintext (at least 13 bytes). Many files
   have commonly known headers, like DOS .EXE-files. Knowing a reasonably long
   header you can recover the password and decrypt the entire file.

WWW: http://www.unix-ag.uni-kl.de/~conrad/krypto/pkcrack.html

PR:             ports/84192
Submitted by:   Emanuel Haupt <ehaupt@critical.ch>

03:37 ade 

Add courierpasswd, a user authentication and password changing utility
for the courier imap/pop3 system.

18:47 garga 

TLSWrap is a TLS/SSL FTP wrapper/proxy for UNIX and Windows, allowing you to
use your favourite FTP client with any TLS/SSL-enabled FTP server.

WWW: http://tlswrap.sunsite.dk/

PR:             ports/84028
Submitted by:   Daniel J. O'Connor <darius@dons.net.au>
Thanks to:      novel

17:13 se 

New port: Yersinia

Yersinia is a layer 2 vulnerability scanner with support for the
following protocols:

- Cisco Discovery Protocol (CDP)
- Dynamic Host Configuration Protocol (DHCP)
- Dynamic Trunking Protocol (DTP)
- Hot Standby Router Protocol (HSRP)
- IEEE 802.1q
- Spanning Tree Protocol (STP, RSTP)
- Virtual Trunking Protocol (VTP)

17:10 garga 

BSDsfv is a flexible and highly compatible SFV checksum utility.

Features:

  - create SFV files, verify downloaded single files or whole releases
  - add banners to your SFV files
  - very flexible and compatible with all other SFV tools currently known,
    including SFVNIX compatibility mode concerning SFV files created
  - easy to console application
  - plug & play support for glFTPd and other demons including
    count-missing-files feature for race scripts

WWW: http://bsdsfv.sourceforge.net/

PR:             ports/84108
Submitted by:   Emanuel Haupt <ehaupt@critical.ch>
Approved by:    flz (mentor)

17:08 garga 

This utility creates .SFV (Simple File Verify) and .PAR (Parity Archive) data
files.

Features:

  * Recursive directories handling
  * Automatic checksum file naming ability in create mode
  * Meaningful and documented exit values for easy scripting
  * Wildcards for file names
  * Creation of PAR (Parity Archive) files
  * Create Multiple recovery sets if number of files in SFV greater than 255

WWW: http://pure-sfv.sourceforge.net/

PR:             ports/84127
Submitted by:   Emanuel Haupt <ehaupt@critical.ch>
Approved by:    flz (mentor)

17:43 garga 

Bridge betwean ClamAV antivirus software and Squid caching proxy.

Squidclam is a replacement for SquidClamAV-Redirector.py written
in C using libclamav and libcurl

Author: squidclam@users.sourceforge.net
WWW:    http://sourceforge.net/projects/squidclam/

PR:             ports/82652
Submitted by:   Alexander Novitsky <alecn2002@yandex.ru>
Approved by:    flz (mentor)

12:28 pav 

- Revive security/ruby-acl port and unbreak it
- Reset maintainership

PR:             ports/76917
Submitted by:   IWATSUKI Hiroyuki <don@na.rim.or.jp>

16:29 pav 

This module brings to Python programs the capability of evaluating password
strength. To achieve this noble aim it uses the well known cracklib toolkit,
hence the name.

PR:             ports/83603
Submitted by:   Vsevolod Stakhov <vsevolod@highsecure.ru>

13:58 pav 

NewPKI is a PKI based on the OpenSSL low-level API, all the datas are handled
through a database, which provides a much more flexible PKI than with OpenSSL,
such as seeking a certificate with a search engine.

CA implementation.

PR:             ports/83387
Submitted by:   Vsevolod Stakhov <vsevolod@highsecure.ru>

13:24 pav 

NewPKI is a PKI based on the OpenSSL low-level API, all the datas are handled
through a database, which provides a much more flexible PKI than with OpenSSL,
such as seeking a certificate with a search engine.

GUI client that uses wxWidgets.

PR:             ports/83386
Submitted by:   Vsevolod Stakhov <vsevolod@highsecure.ru>

13:01 pav 

NewPKI is a PKI based on the OpenSSL low-level API, all the datas are handled
through a database, which provides a much more flexible PKI than with OpenSSL,
such as seeking a certificate with a search engine.

PR:             ports/83385
Submitted by:   Vsevolod Stakhov <vsevolod@highsecure.ru>

14:35 pav 

OpenCT, a middleware framework for smart card terminals.
It all started with a reader driver library to provide a framework for people
writing drivers for smart card readers. The idea was to provide all the usual
stuff (T=0, T=1, serial vs. USB device handling, etc) in a single place, and
reduce driver writing to interaction with the device itself.

OpenCT provides a native OpenCT, CT-API and PC/SC Lite IFD interface with an
OpenCT ifdhandler resource manager.

PR:             ports/82990
Submitted by:   Janos Mohacsi <janos.mohacsi@bsd.hu>

02:33 erwin 

Add calife-devel

Forgotten by:   roberto
Committed from: Las Vegas, NV

06:57 ahze 

- Add sasp
This is a tool that uses ARP poisoning  to  have  a  scenario
like this: we have a LAN and we want offer connectivity to every-
one coming here with his laptop for example. It could happen that
our  customer  has  his  network parameters already configured to
work correctly in his own LAN, but not working here. We can  have
then this scenario:
Customer's  host (10.0.0.2/8 and default gateway set to 10.0.0.1)
Our LAN (192.168.0.0/24 with real gateway 192.168.0.254).
All that we want is that our customer plugs his laptop  and  joins
the  internet without changing nothing of his network parameters.
Here comes this tool installed in my real gw(192.168.0.254)  It's
a  sort  of sniffer, because it sniffs broadcast ARP requests for
the gateway and answers that the gateway is itself In our example
our  customer's  laptop  sends  this request: arp who-has 10.0.0.1
tell 10.0.0.2 Now our gateway does the following: 1)  Sends  back
this  reply to 10.0.0.2: arp reply 10.0.0.1 is-at his_mac_address
2)Create the alias 10.0.0.254 (ARP is not routable so we need one
alias  for each subnet that is not our one) 3)Sends itself an ARP
reply to refresh his ARP cache
It is different from proxy arp for two reasons: first it runs  in
user  space,  then in this case we can plug machines belonging to
whatever subnet, while proxy arp is used in the case of only  two
different ones.

PR:             ports/79676
Submitted by:   Luigi Pizzirani <sviat@opengeeks.it>

20:01 niels 

New port: Create HOME directory with a PAM module on demand

Based on submission via the following PR:

PR:             ports/82032
Submitted by:   Martin Mersberger
Approved by:    nectar (mentor)

20:56 niels 

New port based on submission by Paul Schmehl

Sancp is a network security tool designed to collect
statistical information regarding network traffic, as
well as, collect the traffic itself in pcap format, all
for the purpose of: auditing, historical analysis, and
network activity discovery.

PR:             ports/77426
Submitted by:   Paul Schmehl
Approved by:    nectar (mentor)

13:36 niels 

New port: BitDefender Console Antivirus 7.0.1
Based on submission via PR:

PR:             ports/75424
Submitted by:   Adrian Pircalabu
Approved by:    nectar (mentor)

20:01 thierry 

Add snortsms 0.11.3, a Snort Sensor Management System web interface
and monitoring console.

PR:             81425
Submitted by:   J. Randolph <snortsms (at) servangle.net>

09:48 thierry 

Add pamtester 0.1.0, a command line pam authentication tester.

PR:             81427
Submitted by:   andy (at) fud.org.nz

11:06 pav 

An inline IPS system based on snort using ipfw.

PR:             ports/81378
Submitted by:   Nick Rogness <nick@rogness.net>

21:14 pav 

bruteforceblocker is a script that checks sshd's auth.log for Failed
login attemtps and cooperates with pf firewall. When given IP gains
specific number of fails, bruteforceblocker adds this IP to the pf's
table. This is useful for people who are getting large number of
these attempts.

PR:             ports/80211
Submitted by:   Daniel Gerzo <danger@rulez.sk>

13:10 erwin 

Add p5-Digest-SHA256 0.01b, perl5 interface to the SHA256 algorithm.

PR:             ports/79211
Submitted by:   Christopher Nehren

21:52 pav 

This is a port of tinysu, a featureless replacement for su and sudo. tinysu is
installed setuid root and executable by members of a particular group. It is
intended to be used in situations where an unprivileged user is being granted
full root access, but wants the convenience of a sudo-style log.

PR:             ports/80752
Submitted by:   Zak Johnson <zakj@nox.cx>

22:21 jylefort 

Add openscep.

OpenSCEP is an open source implementation of the SCEP protocol used by Cisco
routers for certificate enrollment to build VPNs. It implements most of the
draft specification.

OpenSCEP includes a client and a server implementation, as well as some CGI
programs to simplify certificate and revocation list management.

WWW: http://openscep.othello.ch/

PR:             ports/81264
Submitted by:   Vsevolod Stakhov <vsevolod@highsecure.ru>

17:46 pav 

New port: security/pear-Crypt_RSA PEAR class allows you to use two-key strong
cryptography

PEAR::Crypt_RSA allows you to use two-key strong cryptography like RSA with
arbitrary key length.

PR:             ports/80939
Submitted by:   Antonio Carlos Venancio Junior <antonio@php.net>

16:44 ume 

New port -- SASL LDAPDB auxprop plugin
Though this is actually part of Cyrus SASL2, we cannot simply
enable it in security/cyrus-sasl2 to avoid dependency loop with
net/openldap.

23:51 jylefort 

Add p5-CSP.

CSP is a Perl class and script for running multiple CAs. OpenSSL is used
for all operations. CSP can also generate a small CA website used to
distribute certificates and CRLs.

WWW: http://devel.it.su.se/projects/CSP/

PR:             ports/79885
Submitted by:   David Thiel <lx@redundancy.redundancy.org>

17:49 alfred 

p5-Business-PayPal-EWP

19:51 thierry 

Add pear-Crypt_Blowfish 1.0.0, PEAR class for blowfish encryption.

PR:             80404
Submitted by:   Antonio Carlos Venancio Junior (<antonio (at) php.net>)

19:17 oliver 

move mail/courier-authlib to security/courier-authlib which is a meta-port now.

Submitted by:           Yarema <yds@CoolRat.org>
In corporation with:    Jose M Rodriguez <josemi@freebsd.jazztel.es>, Milan
Obuch <ports@dino.sk>, myself

20:11 netchild 

PHP bindings to the libssh2 library which provide access to resources
(shell, remote exec, tunneling, file transfer) on a remote machine using a
secure cryptographic transport.

20:09 netchild 

libssh2 is a library implementing the SSH2 protocol as defined by
Internet Drafts: SECSH-TRANS(22), SECSH-USERAUTH(25), SECSH-CONNECTION(23),
SECSH-ARCH(20), SECSH-FILEXFER(06)*, SECSH-DHGEX(04), and SECSH-NUMBERS(10).

09:14 danfe 

Add libotr 2.0.1, the portable OTR Messaging Library and toolkit.

PR:             ports/79100
Submitted by:   Conor McDermottroe <ports(at)mcdermottroe.com>

19:05 pav 

Development version of distributed session caching tools and APIs, primarily
for SSL/TLS servers though perhaps useful for other (non-SSL/TLS)
circumstances.

Also includes a self-contained network abstraction library (libnal), and the
sslswamp SSL/TLS benchmark/test utility.

PR:             ports/79879
Submitted by:   Marcel Prisi <marcel.prisi@virtua.ch>

19:04 pav 

Distributed session caching tools and APIs, primarily for SSL/TLS servers
though perhaps useful for other (non-SSL/TLS) circumstances.

Also includes a self-contained network abstraction library (libnal), and the
sslswamp SSL/TLS benchmark/test utility.

PR:             ports/79878
Submitted by:   Marcel Prisi <marcel.prisi@virtua.ch>

18:41 sem 

A web frontend for the pf firewall wrote in PHP.

PR:             ports/79907
Submitted by:   Renato Botelho <freebsd@galle.com.br>

04:57 flz 

- Add py-twistedConch, an SSH and SFTP protocol implementation
together with clients and servers.

PR:             ports/79921
Submitted by:   Neal Nelson <neal@nelson.name>

22:52 pav 

New port: security/pear-Auth_PrefManager PEAR preferences management class

Preference Manager is a class to handle user preferences in a web application,
looking them up in a table using a combination of their userid, and the
preference name to get a value, and (optionally) returning a default value for
the preference if no value could be found for that user.

It is designed to be used alongside the PEAR Auth class, but can be used with
anything that allows you to obtain the user's id - including your own code.

PR:             ports/79556
Submitted by:   Antonio Carlos Venancio Junior <antonio@php.net>

10:31 danfe 

Add gaim-otr 1.0.1, allows deniable private conversations using GAIM.

PR:             ports/75352
Submitted by:   Conor McDermottroe <ports(at)mcdermottroe.com>

21:07 pav 

DMitry (Deepmagic Information Gathering Tool) is a UNIX/Linux command line
program coded purely in C with the ability to gather as much information as
possible about a host.

PR:             ports/77142
Submitted by:   Vaida Bogdan <vaidab@phenix.rootshell.be>,
                James Greig <james@mor-pah.net>

21:54 flz 

- Add dissembler 0.9, Tiny and clever tool to convert shellcode to ASCII.

PR:             ports/78783
Submitted by:   Jonathan <onatan@gmail.com>

21:19 pav 

New port: security/pear-File_SMBPasswd PEAR class for managing SAMBA style
password files

With PEAR::File_SMBPasswd you can maintain smbpasswd-files, usualy used by
SAMBA.

PR:             ports/78642
Submitted by:   Antonio Carlos Venancio Junior <antonio@php.net>

21:12 pav 

PEAR::Crypt_CHAP provides Classes for generating CHAP packets.
Currently these types of CHAP are supported:
* CHAP-MD5
* MS-CHAPv1
* MS-CHAPv2

PR:             ports/78641
Submitted by:   Antonio Carlos Venancio Junior <antonio@php.net>

20:30 pav 

New port: security/pear-File_HtAccess PEAR class to manipulate .htaccess files

Provides methods to create and manipulate .htaccess files.

PR:             ports/78603
Submitted by:   Antonio Carlos Venancio Junior <antonio@php.net>

10:06 flz 

- Add aimsniff 0.9d, an AOL Instant Messanger Sniffing and Reading Tool.

PR:             ports/63936
Submitted by:   Andrew Marks <spam@amrx.net>
Approved by:    pav (mentor)

22:43 flz 

Add secure_delete 3.1, a secure data deletion toolkit.

PR:             ports/69556
Submitted by:   bugghy <bugghy@phenix.rootshell.be>
Approved by:    pav (mentor)

16:04 pav 

Wipe is a file and block device wiping utility

PR:             ports/77108
Submitted by:   Edson Brandi <ebrandi@fugspbr.org>,
                Mark Laws <mdl@60hz.org>

22:51 thierry 

Add pear-Crypt_HMAC 1.0.1, PEAR class to calculate RFC 2104
compliant hashes.

PR:             77853
Submitted by:   Antônio Carlos Venâncio Júnior

00:17 sergei 

Add security/base:

BASE is the Basic Analysis and Security Engine. It is based on the code
from the ACID project. This application provides a PHP-based web front-end
to query and analyze the alerts coming from a Snort IDS system.

BASE is a web interface to perform analysis of intrusions that Snort has
detected on your network. It uses a user authentication and role-base
system, so that you as the security admin can decide what and how much
information each user can see. It also has a simple to use, web-based
setup program for people not comfortable with editing files directly.

WWW:    http://secureideas.sourceforge.net/

PR:             ports/74492 [1], ports/77103 [2]
Submitted by:   Linh Pham <question+fbsdports@closedsrc.org> [1],
                Paul Schmhel <pauls@utdallas.edu> [2]

00:05 roam 

Add poly1305-20050218, Prof. Daniel J. Bernstein's public domain message
authenticator library.

23:44 kris 

As previously announced, remove ports that have reached their expiry date,
and the handful of ports that depended on them.

21:46 sem 

SSCEP is a client-only implementation of the SCEP (Cisco System's Simple
Certificate Enrollment Protocol). SSCEP is designed for OpenBSD's isakmpd,
but it will propably work with any Unix system with a recent compiler and
OpenSSL toolkit libraries installed.

PR:             ports/77595
Submitted by:   Vsevolod Stakhov <vsevolod(at)highsecure.ru>

10:02 pav 

amavis-stats is a simple AMaViS statistics generator based on rrdtool.  It
produces graphs of clean emails, spam emails and infected emails broken down by
virus, from amavis log entries. RRD files are created and updated by a perl
script run from cron. Graphs are generated by a php script and viewed with a
web browser.

PR:             ports/68934
Submitted by:   Mantas Kaulakys <stone@tainet.lt>

19:19 skv 

security/rng_82802 is obsolete

00:16 pav 

Barnyard is output spool reader for Snort! It decouples output overhead
from the Snort network intrusion detection system and allows Snort to
run at full speed. It accepts binary inputs from snort and outputs
human readable files to disc or to a database.  At present, barnyard
is designed to accept binary inputs from snort and produce either human
readable files for parsing by log parsers or feed data directly to a
database (either mysql or postgresql at present.).

PR:             ports/77044, ports/77322
Submitted by:   Paul Schmehl <pauls@utdallas.edu>

14:53 sergei 

Add security/ppars - Proactive Abuse Reporting System:

In an effort to be proactive in doing my part to stop the massive
quantities of internet traffic probing for open ports or more
specifically the probing for known ports that MS Windows spyware,
Trojans, and whatever other MS Windows ports are commonly probed
which result in increasing my bandwidth usage charges, I wrote this
perl application for reporting that abuse to the sender's ISP, with
the hopes they will monitor the abuser and terminate the abuser's
internet account and or take legal action.

WWW:    http://www.dshield.org/linux_clients.php#freebsd
Author: Joe Barbish <fbsd_user@a1poweruser.com>

PR:             ports/68662
Submitted by:   Joe Barbish <fbsd_user@a1poweruser.com>

14:20 sergei 

Add security/ipfilter2dshield:

This perl script is an official DShield client whose purpose is to
read your FreeBSD ipfilter firewall ipmon log file and convert the
log records to the standard DShield reporting record format, and
embed the converted log records into the body of an email that gets
sent to DShield for automatic addition to their database and abuse
reporting to the offenders ISP if you are an subscribed DShield member.

PR:             ports/68661
Submitted by:   Joe Barbish <fbsd_user@a1poweruser.com>

18:59 sumikawa 

"racoon2" is a system to exchange and to install security parameters
for the IPsec.

Currently the system supports the following specification:

        Internet Key Exchange (IKEv2) Protocol
        draft-ietf-ipsec-ikev2-17.txt
        (The IKE daemon is not included in the current release due to IPR issue)

        Kerberized Internet Negotiation of Keys (KINK)
        draft-ietf-kink-kink-06.txt

        PF_KEY Key Management API, Version 2
        RFC2367

The following protocols will be supported soon.

        The Internet Key Exchange (IKE)
        RFC2409

WWW: http://www.kame.net/

This port was repocopied from secutiry/racoon.
PR:             ports/76814

13:07 pav 

cryptopp-php is a cryptography extension for PHP based on Wei Dai's
Crypto++, a free C++ crypto library.

PR:             ports/76810
Submitted by:   Thomas Melzer <tmelzer@tomesoft.de>

18:43 pav 

PEAR user authentication and permission management framework

LiveUser_Admin is meant to be used with the LiveUser package.
It is composed of all the classes necessary to administrate
data used by LiveUser.

PR:             ports/76677
Submitted by:   Antonio Carlos Venancio Junior <antonio@php.net>

17:57 adamw 

libgnomesu is a library for providing superuser privileges to GNOME
applications. It supports consolehelper, PAM and su.

libgnomesu will use one the following services (in order of priority),
depending on which one is available:
- consolehelper
- PAM
- su

libgnomesu will use the su-based backend as final fallback, if no other
services are available. This service uses a backend which is a modified
version of GNU su.

libgnomesu comes with the GUI frontend 'gnomesu' and a Nautilus component
for Nautilus integration.

WWW: http://members1.chello.nl/~h.lai/libgnomesu/

16:55 niels 

Added p5-SAVI-Perl, a perl interface module to Sophos Anti virus.

PR:             ports/65310
Approved by:    nectar (mentor)
Submitted by:   Gary Hayers <gary(at)hayers.net>

10:24 niels 

New port: unicornscan, a UDP and TCP portscanner that can be used
for information gathering using fingerprinting (p0f based) and
banner grabbing techniques.

PR:             ports/72752
Submitted by:   Jon Passki <cykyc(at)yahoo.com>
Approved by:    nectar (mentor)

17:28 sem 

New port: security/py-clamav A python binding to libclamav written in C

PR:             ports/75539
Submitted by:   Marcus Grando <marcus(at)corp.grupos.com.br>

01:42 lioux 

New port gnu-crypto version 2.0.1: Java cryptographic primitives
and tools

21:52 sem 

This is the Metasploit Project.

PR:             ports/74558
Submitted by:   Yonatan <onatan(at)gmail.com>