AAFID (Autonomous Agents for Intrusion Detection) is a distributed monitoring architecture with an orientation towards Intrusion Detection developed at the CERIAS at Purdue University. AAFID2 is a prototype implementation of the architecture that includes several ready-to-work agents, plus development facilities for writing your own.
Angst is an active sniffer, based on libpcap and libnet. It dumps into a file the payload of all the TCP packets received on the specified ports. It implements two methods for active sniffing. Angst is able to monitor ARP requests, and after enabling IP forwarding on the local host, it sends ARP replies mapping all IPs to the local MAC address. Also, it can flood the local network with random MAC addresses (like macof), causing switches to send packets to all ports.
Automated Password Generator is a set of tools for random password generation including a standalone password generator, an RFC972 password generation server, and a Perl client for the password generation server. These feature a built-in X9.17 random number generator, and 35 modes of password generation, including pronounceable password generation.
Big Brother is a combination of monitoring methods. Unlike SNMP where information is just collected and devices polled, Big Brother is designed in such a way that each local system broadcasts its own information to a central location. Simultaneously, Big Brother also polls all networked systems from a central location. This creates a highly efficient and redundant method for proactive network monitoring.
C-Kermit is a combined serial and network communication software package offering a consistent, medium-independent, cross-platform approach to connection establishment, terminal sessions, file transfer, character-set translation, numeric and alphanumeric paging, and automation of communication tasks. Recent versions include FTP and HTTP clients as well as an SSH interface, all of which can be scripted and aware of character-sets. It supports built-in security methods, including Kerberos IV, Kerberos V, SSL/TLS, and SRP, FTP protocol features such as MLSD, and source-code parity with Kermit 95 2.1 for Windows and OS/2.
CDSA stands for Common Data Security Architecture. It provides a security framework that includes cryptographically signed modules to present an abstracted unified API to the application developer to perform cryptographic and security related operations. It also includes hardware support for cryptographic tokens and biometric devices, such as thumbprint scanners. Intel has implemented the CDSA 2 specification and released it as open source.
distributed.net is a loosely knit group of computer users from all of the world that is taking up challenges requiring lots of computing power (most notably the RC5, DES, and OGR cracking contests). It is simple to participate in the challenges by downloading and running their client software (which uses idle CPU time to complete its tasks).
Ebola is used as a bridge between AV engines (e.g., Sophos) and scanning scripts (e.g., Inflex and AMaViS) to provide much-improved performance by handling file scanning requests on behalf of the scripts while keeping a SINGLE session of the AV engine open, rather than restarting one each time.