Secure Remote Password (SRP) is a password-based authentication and key exchange mechanism where no information about the password is leaked during the authentication process. It does not require any public key cryptography, yet even if one were to eavesdrop on the authentication process, no information which would aid in guessing the password can be obtained (in theory). There are some reworked Telnet and FTP clients and servers available already.
SecureNet PRO is a network monitoring and intrusion detection platform. It combines powerful scripting functionality with real-time session viewing and control capabilities. It goes beyond network-grep and signature-based intrusion detection offerings, offering a combination of true state-based decoding of application-layer protocol traffic and high-speed pattern matching. It offers full IP fragment reassembly functionality, TCP session reconstruction, and an advanced TCP/IP stack emulation facility.
Sendmail-TLS is a wrapper for Sendmail which allows for clients to make a secure (SSL) connection to their mailserver as described in RFC 2487. The connection is internally forwarded to sendmail and does not require sendmail to be running on port 25. Clients which support this currently are Netscape Messenger, Microsoft Outlook, and Microsoft Outlook Express.
Sentinel is a fast file scanner similar to Tripwire or Viper with built in authentication using the RIPEMD 160 bit MAC hashing function. It uses a single database similar to Tripwire, maintains file integrity using the RIPEMD algorithm and also produces secure, signed logfiles. Its main design goal is to detect intruders modifying files. It also prevents intruders with root/superuser permissions from tampering with its log files and database. Disclaimer: this is not a security toolkit. It is a single purpose file/drive scanning program. Available versions are for linux (tested on all current Slackware and RedHat releases), with Irix versions soon to be added on.
shash is a program which produces message digests for files, and checks whether the digest remains the same (i.e., whether the files changed). Since anyone can generate the message digest, it may not be suitable for some security-related applications. Because of this, shash also supports HMAC (rfc2104), which is a mechanism for message authentication using cryptographic hash functions. shash can use a key with a hash algorithm to produce hashes that can only be verified with the same key. This way, you can securely check whether files in a filesystem were altered.
shsecret takes a file and splits it into N parts of equal size such that any M parts can be used to reconstruct the secret, but fewer than M will give absolutely no information about the secret. This program is written in strict ANSI C, so it should be completely portable. It is also hopefully simpler and more efficient than other implementations of the same algorithm.
SIDEN is a distributed network discovery tool used for intrusion detection research. The current SIDEN architecture allows you to simulate coordinated/distributed network probes by a group of attackers. Using it, you can simulate such probes against one target or many targets. The point of this is to generate the traffic caused by distributed network probes, so that it can be analyzed for better understanding of distributed network probes. This will hopefully help us to improve how Intrusion Detection Systems are written.