RSS 48 projects tagged "Security"

No download Website Updated 03 Nov 2008 sniffy

Screenshot
Pop 25.14
Vit 44.69

The sniffy project can trace/log the data of any pseudo terminal in the system. Due to the way the terminal works, such a terminal trace provides complete information of what happened on the terminal screen, and sniffy is able to display/replay this information. It consists of a kernel module able to connect/hook on the pseudo terminal, a program to display the contents of any pseudo terminal on the fly, a daemon process tracing the pseudo terminal content into the file, and a replay program to replay any stored pseudo terminal session.

Download Website Updated 23 Aug 2009 Ksplice

Screenshot
Pop 61.19
Vit 3.07

Ksplice is practical technology for updating the Linux kernel without rebooting. It enables you to avoid the disruptive process of rebooting for kernel security updates and bugfixes. By making it easy to keep your systems up to date, Ksplice helps you avoid the security and stability risks of running out-of-date software.

Download Website Updated 14 Feb 2011 ctunnel

Screenshot
Pop 102.06
Vit 3.24

ctunnel is a program for tunneling and proxying TCP or UDP connections via a cryptographic tunnel. ctunnel can be used to secure any existing TCP or UDP based protocol, such as HTTP, Telnet, FTP, RSH, MySQL, VNC, DNS, XDMCP, NFS, etc. You can also chain or bounce connections to any number of intermediary hosts.

Download Website Updated 01 Mar 2013 Tin Hat

Screenshot
Pop 113.68
Vit 10.00

Tin Hat is a Linux distribution derived from hardened Gentoo. It aims to provide a very secure, stable, and fast desktop environment that lives purely in RAM. Tin Hat boots from CD, or optionally USB pen drive, but it is not a LiveCD in that it does not mount any file system from the boot device. Rather, Tin Hat employs a massive squashfs image which expands into tmpfs upon booting. This makes for long boot times, but remarkable speeds during human-computer interaction.

Download No website Updated 16 Feb 2014 ipt_pkd

Screenshot
Pop 436.83
Vit 23.93

ipt_pkd is an iptables extension implementing port knock detection with SPA (single packet authorization). This project provides 3 parts: the kernel module ipt_pkd, the iptables user space module libipt_pkd.so, and a user space client knock program. For the knock packet, it uses a UDP packet sent to a random port that contains a SHA-256 of a timestamp, small header, random bytes, and a shared key. ipt_pkd checks the time window of the packet and does the SHA-256 to verify the packet. The shared key is never sent.

Download Website Updated 15 Jul 2007 UidSEC

Screenshot
Pop 15.49
Vit 49.75

UidSEC is an LSM (Linux Security Module) that extends the standard UN*X "resource protection" model by adding some features useful for untrusted multiuser systems. It can deny usage of dmesg to unprivileged users, hide processes of "other users" to unprivileged users, deny access to /sys and /config to unprivileged users, and protect usage of the bind() syscall using UidBIND.

Download Website Updated 10 Jun 2007 UidBind

Screenshot
Pop 18.00
Vit 1.00

UidBind is a simple LSM module that restricts calls to the bind() function to the UID/GID defined in a configfs tree.

No download Website Updated 12 Jan 2007 PowerPack ;] Patchset

Screenshot
Pop 33.47
Vit 2.05

PowerPack ;] Patchset is a Linux kernel 2.6 patch set designed for servers and network gateways. It includes: grsecurity, openswan, p-o-m, cks, imq, layer7, esfq, wrr, srr, tproxy2, and many other enhancements over the vanilla kernel.

Download Website Updated 12 Jul 2006 HAVEGE

Screenshot
Pop 29.10
Vit 1.00

HAVEGE (HArdware Volatile Entropy Gathering and Expansion) is a user-level software unpredictable random number generator for general-purpose computers that exploits modifications of the internal volatile hardware states as a source of uncertainty. It combines on-the-fly hardware volatile entropy gathering with pseudo-random number generation. The internal state includes thousands of internal volatile hardware states and is merely unmonitorable. It can support several hundreds of megabits per second on current workstations and PCs.

No download Website Updated 07 Jun 2006 Real-Time Proactive Secret Sharing Library

Screenshot
Pop 18.65
Vit 1.00

The Real-Time Proactive Secret Sharing Library is an implementation of the Shamir's secret sharing scheme and Herzberg's proactive secret sharing algorithm. The library targets the RTAI OS. It includes a port of GNU GMP to RTAI, which is used for multiple precision arithmetic operations.

Screenshot

Project Spotlight

Devel Live CD

A Live CD to compile programs.

Screenshot

Project Spotlight

Docvert

Converts MS Word files to open document formats.