18:48 sat 

Add port security/p5-Net-Server-Mail-ESMTP-AUTH:

Net::Server::Mail::ESMTP::AUTH is an extension to provide
support for SMTP authentication with Net::Server::Mail::ESMTP
module.

Currently only LOGIN and PLAIN methods are supported.

WWW: http://search.cpan.org/dist/Net-Server-Mail-ESMTP-AUTH/
Author: Sylvain Cresto <scresto [_at_] gmail.com>

PR:             ports/114785 (with corrections)
Submitted by:   Zane C. Bowers <vvelox@vvelox.net>

09:22 sat 

Add port security/clamtk:

ClamTk is a GUI front-end for ClamAV using gtk2-perl. It is designed to
be an easy-to-use frontend for Unix systems.

WWW: http://clamtk.sourceforge.net/
Author: Dave M <dave.nerd@gmail.com>

23:21 pav 

Shibboleth is standards-based, open source middleware software which
provides Web Single SignOn (SSO) across or within organizational
boundaries. It allows sites to make informed authorization decisions
for individual access of protected online resources in a
privacy-preserving manner.

This software is a C++ implementation of the Service Provider
component of the Shibboleth can be used in Apache Web servers.  The
service provider manages secured resources. User access to resources
is based on assertions received by the service provider (SP) from
an identity provider.

WWW:    http://shibboleth.internet2.edu/

PR:             ports/114663
Submitted by:   Janos Mohacsi <janos.mohacsi@bsd.hu>

15:32 miwi 

2007-07-31 x11-fm/endeavour: Development ceased, this port should be updated to
Endeavour Mark II
2007-08-01 security/p5-openxpki-client-soap-lite: No longer maintained by
Developers.
2007-06-26 net-mgmt/aircrack: Please use net-mgmt/aircrack-ng.

14:41 chinsan 

Add chntpw 070409, utility to set the password and edit registry on
Microsoft NT system.

PR:             ports/114897
Submitted by:   buganini at gmail.com
Approved by:    rafan (mentor, implicit)

07:18 clsung 

Lasso is a free software C library aiming to implement the Liberty
Alliance standards; it defines processes for federated identities,
single sign-on and related protocols. Lasso is built on top of
libxml2, XMLSec and OpenSSL and is licensed under the GNU General
Public License  (with an OpenSSL exception).

WWW:    http://lasso.entrouvert.org/

PR:             ports/114639
Submitted by:   Gea-Suan Lin <gslin at gslin.org>

02:11 rafan 

- Retire security/metasploit-devel since security/metasploit is now
  up-to-date

PR:             ports/114196
Submitted by:   Yonatan <onatan at gmail.com> (maintainer)

18:35 csjp 

Hook bsmtrace into build for the security category

Reminded by:    Pav

18:37 miwi 

Crypt::Camellia_PP is a pure perl implementation of Camellia, a 128-bit
symmetrical block cipher with 128-bit, 192-bit, and 256-bit key from
NTT and Mitsubishi Electric Corporation.  It is one of the approved
encryption methods to be used by European Union as well as specified
in several Internet RFCs.

See also: http://info.isl.ntt.co.jp/crypt/eng/camellia/index.html
WWW: http://search.cpan.org/dist/Crypt-Camellia_PP/

PR:             ports/114525
Submitted by:   Yoshisato YANAGISAWA

02:24 clsung 

ZXID aims at full stack implementation of all federated identity
management and identity web services protocols. Initial goal is
supporting SP role, followed by ID-WSF WSC and IdP roles.

ZXID is light weight, has a small foot print, and is implemented in C.
It is suitable for both high performance and embedded applications.
Scripting languages are supported using SWIG, including Perl, PHP and
Java. The "full stack" nature of ZXID means it's self contained and
has minimal external library dependencies (see downloads).

WWW:    http://zxid.org/

PR:             ports/114346
Submitted by:   Gea-Suan Lin <gslin at gslin.org>

02:16 clsung 

This module priovides an Object Oriented interface for Yahoo!
Browser-Based Authentication.

This module is ported from the official PHP class which is located on
this page: http://developer.yahoo.com/php

WWW:    http://search.cpan.org/dist/Yahoo-BBAuth/

PR:             ports/114345
Submitted by:   Gea-Suan Lin <gslin at gslin.org>

21:37 brooks 

Add ca_root_nss:

Root certificates from certificate authorities included in the Mozilla
NSS library and thus in Firefox and Thunderbird.

00:06 brooks 

Add pssh:

This package provides parallel versions of the openssh tools. Included
in the distribution:

 - Parallel ssh (pssh)
 - Parallel scp (pscp)
 - Parallel rsync (prsync)
 - Parallel nuke (pnuke)
 - Parallel slurp (pslurp)

What are these tools good for? Mainly for controlling large collections
of nodes in the wide-area.

WWW: http://www.theether.org/pssh/

01:00 clsung 

Add p5-Sudo 0.31, perl extension for running a command line sudo.

PR:             ports/113056
Submitted by:   Gea-Suan Lin <gslin at gslin.org>

12:34 garga 

Scanhill is a Microsoft Messenger Protocol Sniffer. Currently it can only
intercept Instant Text Messaging. Optionally, intercepted text messages can be
stored onto an RDMBS (Only mySQL is supported for now). Given that mySQL is
used, stored instant messages can be read through a browser interface that is
written in PHP language. Please see the INSTALL.txt file for instructions on
how to install, configure and run EnderUNIX scanhill.

WWW:    http://www.enderunix.org/scanhill/

15:53 sat 

Add port security/execwrap:

ExecWrap is a super-user exec wrapper for the lighttpd web-server, but
it can be used in any environment as long as arguments can be passed
from the server to its children via the environment.

WWW: http://cyanite.org/execwrap/
Author: Sune Foldager <cryo@cyanite.org>

08:06 beech 

- Ports renamed for consistency

PR:             ports/112327
Repocopy by:    marcus
Approved by:    sat (maintainer)

11:30 miwi 

- Connect security/pidgin-encryption
- Fix category by pidgin-otr

11:07 miwi 

- Update to 3.0.1
- Update pkg-descr
- Update MASTER_SITES
- Connect to build

PR:             112651
Submitted by:   Mike Smith<perlfu@gmail.com>

02:41 clsung 

Add php-Auth_OpenID 1.2.2, PHP OpenID library.

PR:             ports/112079
Submitted by:   Gea-Suan Lin <gslin at gslin.org>

20:15 itetcu 

Add slave port sshguard-ipfw, protect networked hosts from brute force attacks
against ssh using ipfw.

PR:             ports/112760
Submitted by:   Mij <mij at bitchx.it>

20:10 itetcu 

Add slave port sshguard-pf, protect networked hosts from brute force attacks
against ssh usinh pf

PR:             ports/112759
Submitted by:   Mij <mij at bitchx.it>

09:11 leeym 

- add Crypt::OpenSSL::X509 0.5

  This implement a large majority of OpenSSL's useful X509 API.

  The email() method supports both certificates where the
  subject is of the form:
  "... CN=Firstname lastname/emailAddress=user@domain", and also
  certificates where there is a X509v3 Extension of the form
  "X509v3 Subject Alternative Name: email=user@domain".

Submitted by:   kftseng@iyard.org

10:33 miwi 

This plugin enables Off-The-Record encryption for
Kopete.

WWW: http://kopete-otr.follefuder.org/

PR:             ports/112575
Submitted by:   Dave Grochowski <malus.x at gmail.com>

20:46 sobomax 

Re-add pvk under proper name.

19:51 sobomax 

Add pvt 20070406, tool to convert a RSA key in PEM format into a PVK
file and vice versa.

15:01 gabor 

Remove expired ports:

2007-04-27 security/op: no longer available from any mastersite
2007-05-15 shells/bash2: Old, unmaintained version, use shells/bash instead
2007-05-19 sysutils/xperfmon: irrelevant for supported FreeBSD releases

22:16 edwin 

New port: security/smap

    smap is a simple scanner for SIP enabled devices

    smap sends off various SIP requests awaiting responses from SIP
    enabled DSL router, proxies and user agents. It could be considered
    a mashup of nmap and sipsak ;)

    WWW: http://www.wormulon.net/
    Author: Hendrik Scholz <hscholz@raisdorf.net>

08:00 clsung 

Add aespipe , an AES encrypting or decrypting pipe.

PR:             ports/112056
Submitted by:   Ekkehard 'Ekki' Gehm <gehm at physik.tu-berlin.de>

14:01 tobez 

Resurrect p5-Crypt-OpenPGP, now with a patch for CVE-2005-0366.

Seems OK:       simon, lth

21:33 miwi 

- Add ossec-hids-client as slave port.
PR:             ports/111944
Submitted by:   Valerio Daelli <valerio.daelli at gmail.com>

21:32 miwi 

- Add ossec-hids-local as slave port

PR:             ports/111944
Submitted by:   Valerio Daelli <valerio.daelli at gmail.com>

21:29 miwi 

OSSEC is an Open Source Host-based Intrusion Detection System.
It performs log analysis, integrity checking, Windows registry
monitoring, rootkit detection, time-based alerting and active
response.

WWW: http://www.ossec.net/

PR:             ports/111944
Submitted by:   Valerio Daelli <valerio.daelli at gmail.com>

18:05 novel 

Add umit 0.9.3, UMIT is the nmap frontend developed with Python and
PyGTK.

PR:             ports/111959
Submitted by:   Elisey Savateev <b3k at mail.ru>

17:40 miwi 

2007-03-27 emulators/kmamerun: Project was abandoned 4 years ago and expects an
old version of XMAME, please use other frontends instead (like gxmame)
2007-03-28 graphics/hobbes-icons-xpm: Archaic port
2007-04-10 japanese/firefox-ja: Incomplete pkg-plist
2007-04-10 japanese/lookup-xemacs: Does not install
2007-04-10 lang/linux-hla: Does not compile
2007-04-10 mail/vmailmgr: Incomplete pkg-plist
2007-04-10 multimedia/qvamps: Touches filesystem prior to 'make install'
2007-03-10 net-mgmt/sting: Broken on all supported versions of FreeBSD
2007-04-10 net-mgmt/tas: Incomplete pkg-plist
2007-04-10 net-p2p/verlihub-plugins: Does not configure, it needs at least
verlihub 1.0
2007-04-10 news/inn-stable: Fails to patch
2007-04-10 palm/malsync: Does not build with new pilot-link
2007-04-10 russian/elm.language: Leaves behind files on deinstall
2007-04-10 russian/pine.language: Leaves behind config file on deinstall
2007-04-01 science/py-scipy03: Replaced by py-scipy
2007-04-10 security/php4-cryptopp: Does not compile

10:15 vanilla 

Add xyssl 0.6, a liteweight SSL and TLS toolkit for C developers.

PR:             ports/111279
Submitted by:   mdh <mdh at solitox.net>

06:19 lwhsu 

Add py-gnutls 1.0.0, python wrapper for the GNUTLS library.

Approved by:    clsung (mentor)

13:09 rafan 

Add phpsecinfo 0.2.0, a PHP environment security auditing toool.

PR:             ports/111040
Submitted by:   chinsan

09:48 rafan 

- Add www/drupal5
- Rename drupal-* to drupal4-*

04:13 clsung 

Add cryptstring 0.2, crypto Strings for PHP.

PR:             ports/110764
Submitted by:   Gea-Suan Lin <gslin at gslin.org>

11:57 miwi 

ocaml-ssl is a set of OCaml bindings for openssl.

WWW: http://savonet.sourceforge.net/wiki/OCamlLibs

PR:             ports/110303
Submitted by:   Jaap Boender <jaapb at kerguelen.org>

10:20 miwi 

F-Prot Antivirus BSD Mail Servers utilizes the renowned F-Prot Antivirus
scanning engine for primary scan but has in addition to that a system of
system of internal heuristics devised to search for unknown viruses.

Please note that the license explicitly permits that F-Prot Antivirus BSD
Mail Servers be used for evaluation purposes only, without charge for a
period of no more than 60 days.  If you use this software after the 60 day
evaluation period, then you must register and pay a license fee.

WWW: http://www.f-prot.com/

PR:             ports/110107
Submitted by:   Scot W. Hetzel <swhetzel at gmail.com>

13:49 miwi 

py-bcrypt is a Python wrapper of OpenBSDs Blowfish password hashing code,
as described in A Future-Adaptable Password Scheme by Niels Provos and
David Mazières.

WWW:    http://www.mindrot.org/projects/py-bcrypt/

05:36 clsung 

Move zzuf-0.8.1 from devel/, transparent application input fuzzer.

Noted by:       kris
PR:             ports/109829
Submitted by:   Peter Johnson <johnson.peter at gmail.com>

01:36 clsung 

Add sshguard 0.91, protect networked hosts from brute force attacks
against ssh.

PR:             ports/109439
Submitted by:   Mij <mij at bitchx.it>

07:06 ale 

This is a library for the Java platform which makes PKCS#11 (also known
as Cryptoki) modules accessible from within Java. A PKCS#11 module is a
software library with a defined API which allows access to cryptographic
hardware. It usually comes with hardware security modules (HSM), smart
cards and crypto tokens (e.g. USB tokens). Thus, the PKCS#11 Wrapper
provides Java software access to almost any crypto hardware. For
example, a Java application can use it to integrate a HSM or a smart
card to create digital signatures, to decrypt data or to unwrap keys.

WWW: http://jce.iaik.tugraz.at/sic/products/core_crypto_toolkits/pkcs_11_wrapper

12:44 sat 

Add port security/jeta:

Jeta is the Horde wrapper around various Java SSH applets.  It allows users
to login via a terminal window to the server on which the Horde application is
running.

WWW: http://www.horde.org/jeta/

PR:             ports/109095
Submitted by:   Beech Rintoul <beech@alaskaparadise.com>

05:42 rafan 

Add p5-Authen-PluggableCaptcha 0.04, a pluggable Captcha framework for
Perl.

PR:             ports/109383
Submitted by:   chinsan

14:47 rafan 

Add p5-HTML-Email-Obfuscate 1.00, obfuscates HTML email addresses that
look normal.

PR:             ports/109381
Submitted by:   chinsan

23:12 rafan 

Add opensaml 1.1, open source implentation of SAML.

PR:             ports/109113
Submitted by:   Tony Maher

23:10 rafan 

Add apache-xml-security-c 1.3.1, apache XML security libraries C
version.

PR:             ports/109112
Submitted by:   Tony Maher

23:36 miwi 

snoopy is merely a shared library that is used as a wrapper
to the execve() function provided by libc as to log every call
to syslog (authpriv).  system administrators may find snoopy
useful in tasks such as light/heavy system monitoring, tracking other
administrator's actions as well as getting a good 'feel' of
what's going on in the system (for example apache running cgi
scripts).

WWW: http://sourceforge.net/projects/snoopylogger/

PR:             ports/108691
Submitted by:   Philippe Audeoud <jadawin at tuxaco.net>

11:49 skv 

Add keepassx 0.2.2, Cross Platform Password Manager.

01:08 pav 

Populate a new ports-mgmt category. List of moved ports:

  devel/portcheckout -> ports-mgmt/portcheckout
  devel/portlint -> ports-mgmt/portlint
  devel/portmk -> ports-mgmt/portmk
  devel/porttools -> ports-mgmt/porttools
  misc/instant-tinderbox -> ports-mgmt/instant-tinderbox
  misc/porteasy -> ports-mgmt/porteasy
  misc/portell -> ports-mgmt/portell
  misc/portless -> ports-mgmt/portless
  misc/tinderbox -> ports-mgmt/tinderbox
  security/jailaudit -> ports-mgmt/jailaudit
  security/portaudit -> ports-mgmt/portaudit
  security/portaudit-db -> ports-mgmt/portaudit-db
  security/vulnerability-test-port -> ports-mgmt/vulnerability-test-port
  sysutils/barry -> ports-mgmt/barry
  sysutils/bpm -> ports-mgmt/bpm
  sysutils/kports -> ports-mgmt/kports
  sysutils/managepkg -> ports-mgmt/managepkg
  sysutils/newportsversioncheck -> ports-mgmt/newportsversioncheck
  sysutils/pib -> ports-mgmt/pib
  sysutils/pkgfe -> ports-mgmt/pkgfe
  sysutils/pkg-orphan -> ports-mgmt/pkg-orphan
  sysutils/pkg_cutleaves -> ports-mgmt/pkg_cutleaves
  sysutils/pkg_install -> ports-mgmt/pkg_install
  sysutils/pkg_install-devel -> ports-mgmt/pkg_install-devel
  sysutils/pkg_remove -> ports-mgmt/pkg_remove
  sysutils/pkg_rmleaves -> ports-mgmt/pkg_rmleaves
  sysutils/pkg_trackinst -> ports-mgmt/pkg_trackinst
  sysutils/pkg_tree -> ports-mgmt/pkg_tree
  sysutils/portbrowser -> ports-mgmt/portbrowser
  sysutils/portconf -> ports-mgmt/portconf
  sysutils/portdowngrade -> ports-mgmt/portdowngrade
  sysutils/portcheck -> ports-mgmt/portcheck
  sysutils/portmanager -> ports-mgmt/portmanager
  sysutils/portmaster -> ports-mgmt/portmaster
  sysutils/portscout -> ports-mgmt/portscout
  sysutils/portsearch -> ports-mgmt/portsearch
  sysutils/portsman -> ports-mgmt/portsman
  sysutils/portsnap -> ports-mgmt/portsnap
  sysutils/portsopt -> ports-mgmt/portsopt
  sysutils/portupgrade -> ports-mgmt/portupgrade
  sysutils/portupgrade-devel -> ports-mgmt/portupgrade-devel
  sysutils/port-authoring-tools -> ports-mgmt/port-authoring-tools
  sysutils/port-maintenance-tools -> ports-mgmt/port-maintenance-tools
  sysutils/psearch -> ports-mgmt/psearch
  sysutils/p5-FreeBSD-Portindex -> ports-mgmt/p5-FreeBSD-Portindex
  sysutils/qtpkg -> ports-mgmt/qtpkg
  textproc/p5-FreeBSD-Ports -> ports-mgmt/p5-FreeBSD-Ports

Repocopies by:  marcus

14:13 gabor 

This AOLserver module performs SHA1 hashes.

WWW: http://www.aolserver.com/

- Martin Matuska
martin@matuska.org

PR:             ports/105781
Submitted by:   Martin Matuska <martin@matuska.org>
Approved by:    erwin (mentor)

14:09 gabor 

An AOLserver socket driver module which implements SSL/TLS encryption on
incomming sockets, and also adds an https client API.

WWW: http://www.aolserver.com/

- Martin Matuska
martin@matuska.org

PR:             ports/105781
Submitted by:   Martin Matuska <martin@matuska.org>
Approved by:    erwin (mentor)

14:06 gabor 

AOLserver interface to mhash library

WWW: http://www.aolserver.cz/

- Martin Matuska
martin@matuska.org

PR:             ports/105781
Submitted by:   Martin Matuska <martin@matuska.org>
Approved by:    erwin (mentor)

14:02 gabor 

AOLserver interface to mcrypt library

WWW: http://www.aolserver.cz/

- Martin Matuska
martin@matuska.org

PR:             ports/105781
Submitted by:   Martin Matuska <martin@matuska.org>
Approved by:    erwin (mentor)

13:57 gabor 

This module Uses OpenSSL to encrypt using the
AES, Blowfish, Cast5, IDEA and DES cyphers.

WWW: http://www.aolserver.com/

- Martin Matuska
martin@matuska.org

PR:             ports/105781
Submitted by:   Martin Matuska <martin@matuska.org>
Approved by:    erwin (mentor)

13:09 rafan 

Add p5-Authen-Bitcard 0.86, bitcard authentication verification.

PR:             ports/107968
Submitted by:   chinsan

09:12 ale 

pkcs11-helper is a library that simplifies the interaction
with PKCS#11 providers for end-user applications.

pkcs11-helper allows using multiple PKCS#11 providers at
the same time, enumerating available token certificates, or
selecting a certificate directly by serialized id, handling
card removal and card insert events, handling card re-insert
to a different slot, supporting session expiration and much
more all using a simple API.

pkcs11-helper is not designed to manage card content, since
object attributes are usually vendor specific, and 99% of
application need to access existing objects in order to
perform signature and decryption.

WWW:    http://www.opensc-project.org/pkcs11-helper/

18:42 miwi 

2007-01-01 graphics/teddy: No new releases in the past 4 years
2007-01-01 net/arla: "does not compile"
2007-01-02 sysutils/lsmlib: distfile and homepage disappeared
2007-01-02 security/ifd-gpr400: distfile and homepage disappeared
2007-01-04 science/mmtk: distfile and homepage disappeared
2007-01-04 print/xtem: distfile and homepage disappeared
2007-01-04 net/mrt: distfile and homepage disappeared

16:54 miwi 

2006-12-01 net-p2p/gnome-btdownload: does not run with BitTorrent 4.x yet
2006-12-01 print/ec-fonts-mftraced: Installs files before 'make install'
2006-12-01 print/yatex-xemacs-mule: hangs during build
2006-12-01 security/gnu-crypto: Does not compile
2006-12-01 www/linux-beonex: Security issues. From http://www.beonex.com/ 'The
currently available Beonex Communicator 0.8 builds have several known security
bugs'

07:31 clsung 

Text::Password::Pronounceable - Generate pronounceable passwords

This module generates pronuceable passwords, based the the
English digraphs by D Edwards.

WWW: http://search.cpan.org/dist/Text-Password-Pronounceable/

12:41 itetcu 

Vinetto extracts the thumbnails and associated metadata from the Thumbs.db
files.

The Windows systems (98, ME, 2000, XP and 2003 Server) can store thumbnails
and metadata of the picture files contained in the directories of its FAT32
or NTFS filesystems.

The thumbnails and associated metadata are stored in Thumbs.db files.
The Thumbs.db files are undocumented OLE structured files.

Once a picture file has been deleted from the filesystem, the related thumbnail
and associated metada remain stored in the Thumbs.db file. So, the data
contained in those Thumbs.db files are an helpful source of information
for the forensics investigator.

WWW:    http://vinetto.sourceforge.net/

PR:             ports/107235
Submitted by:   Aleksander Fafula <alex at BSDGuru.org>

20:08 gabor 

Overview:
Pantera uses an improved version of SpikeProxy to provide a powerful web
application analysis engine.

Goals:
The primary goal of Pantera is to combine automated capabilities with complete
manual testing to get the best penetration testing results.

WWW:
http://www.owasp.org/index.php/Category:OWASP_Pantera_Web_Assessment_Studio_Project

PR:             ports/105291
Submitted by:   Yonatan <onatan at gmail.com>

00:54 ade 

Fix Makefile now that gnupg-devel has disappeared, and gnupg1 has been
repocopied.  Takes care of current INDEX breakage.

Submitted by:   various scripts

11:41 clsung 

OpenID is a decentralized identity system, but one that's actually
decentralized and doesn't entirely crumble if one company turns evil
or goes out of business.

An OpenID identity is just a URL. You can have multiple identities in
the same way you can have multiple URLs. All OpenID does is provide a
way to prove that you own a URL (identity).

Anybody can run their own site using OpenID, and anybody can be an
OpenID server, and they all work with each other without having to
register with or pay anybody to "get started". An owner of a URL can
pick which OpenID server to use.

WWW: http://www.openidenabled.com/openid/libraries/perl/

09:53 clsung 

Python OpenID library implements recent changes to the OpenID
specification as well as making API changes that should make
integration with applications easier.

This library allows the use of XRI as OpenID identifiers, allowing users
to log in with their i-names.  For full XRI compatibility,
relying parties integrating this library should take note of the user's
CanonicalID, as described in the "Identifying the End User" section of
the OpenID 2.0 specification.

WWW: http://www.openidenabled.com/openid/libraries/python/

05:47 clsung 

Add phpmyid 0.3, a single user Identity Provider for the OpenID
framework.

PR:             ports/106874
Submitted by:   Gea-Suan Lin <gslin at gslin.org>

20:29 alepulver 

MyPasswordSafe is a straight-forward, easy-to-use password manager that
maintains compatibility with Password Safe files. MyPasswordSafe has the
following features:

* Safes are encrypted when they are stored to disk.
* Passwords never have to be seen, because they are copied to the clipboard.
* Random passwords can be generated.
* Window size, position, and column widths are remembered.
* Passwords remain encrypted until they need to be decrypted at the dialog and
  file levels.
* A safe can be made active so it will always be opened when MyPasswordSafe
  starts.
* Supports Unicode in the safes.
* Languages supported: English and French.

WWW: http://www.semanticgap.com/myps/

03:19 alexbl 

 - Add hashlib-20060408a

 Python secure hash and message digest module MD5, SHA1, SHA224, SHA256,
 SHA384 and SHA512 (backported from Python 2.5 for use on 2.3 and 2.4)

 WWW: http://code.krypto.org/python/hashlib/

22:33 miwi 

The tool is a simple flow-analyzing passive L7 fingerprinter. It
examines the sequence of client-server exchanges, their relative
layer 7 payload sizes, and transmission intervals (as opposed to
inspecting the contents, which is what most passive fingerprinters
and "smart" sniffers would do to analyze transmissions). This is
then matched against a database of traffic pattern signatures to
infer some interesting facts about the traffic.

PR:             ports/106351
Submitted by:   trasz <trasz at pin.if.uz.zgora.pl>

22:25 anders 

Add sshblock, a tool to block abusive SSH login attempts.

23:08 miwi 

A library for connecting to and sending commands to a local
ClamAV clamd service - an anti-virus daemon process.

You can find more information about clam anti-virus at
WWW: http://www.clamav.net/

File::Scan::ClamAV was originally based on the Clamd module

Submitted by:   Jan-Peter Koopmann <Jan-Peter.Koopmann at seceidos.de>

21:33 miwi 

Sguil (pronounced "sgweel") is a graphical interface to snort,
an open source intrusion detection system.
The actual interface and GUI server are written in tcl/tk.
Sguil also relies on other open source software
in order to function properly.

The client requires gpg, iwidgets and other tcl packages and may
also use wireshark, festival and tls depending on your selection
of options.  Run "make config" in the port to see what options
are available.

Sguil currently functions as an analysis interface and has
no snort sensor or rule management capabilities.

WWW: http://sguil.sourceforge.net/index.php
pauls@utdallas.edu

PR:             ports/105496
Submitted by:   Paul Schmehl <pauls at utdallas.edu>

13:55 laszlof 

New Port: security/osslsigncode

Platform-independent tool for Authenticode signing of EXE/CAB files - uses
OpenSSL and libcurl. It also supports timestamping.

PR:     ports/105353
Submitted By:   Nick Barkas <snb@threerings.net>
Approved By:    flz (mentor)

02:43 alepulver 

Sguil is an open source tool to implement Network
Security Monitoring (NSM).  NSM is the collection,
analysis, and escalation of indications and warnings
to detect and respond to intrusions.  NSM tools are
used more for network audit and specialized
applications than traditional alert-centric "intrusion
detection" systems.

Want to learn more about Network Security Monitoring
(NSM)? Then check out Richard Bejtlich's recently
released book, The Tao of Network Security Monitoring:
Beyond Intrusion Detection. An excerpt reads:

"Network security monitoring (NSM) equips security
staff to deal with the inevitable consequences of too
few resources and too many responsibilities. NSM collects
the data needed to generate better assessment, detection,
and response processes--resulting in decreased impact from
unauthorized activities."

WWW: http://sguil.sourceforge.net/index.php
pauls@utdallas.edu

PR:             ports/104227
Submitted by:   Paul Schmehl <pauls at utdallas.edu>

09:10 mezz 

Simple commandline wrapper around gpg that makes it store its passphrase
in gnome-keyring.  It is a direct competitor to (the unmaintained)
quintuple-agent.

Submitted by:   ahze
Approved by:    portmgr (kris and marcus)

19:04 bsam 

Sguil (pronounced "sgweel") is a graphical interface to snort
(www.snort.org), an open source intrusion detection system.
The actual interface and GUI server are written in tcl/tk
(www.tcl.tk). Sguil also relies on other open source software
in order to function properly.

The sensor list includes security/barnyard, security/snort,
security/sancp, tcpdump (a part of the OS) and devel/tcltls as
well as lang/tcl84 and lang/tclX.  Care has been taken to ensure
that everything you need to build a working sguil operation is
in the FreeBSD ports system or part of the OS already.

Sguil currently functions as an analysis interface and has
no snort sensor or rule management capabilities.

WWW: http://sguil.sourceforge.net/index.php
pauls@utdallas.edu

PR:             ports/95018
Submitted by:   Paul Schmehl <pauls at utdallas.edu>

12:32 rafan 

Add p5-openxpki-deployment 0.9.543, perl based enterprise class
trustcenter software for PKI.

PR:             ports/103949
Submitted by:   Sergei Vyshenski <svysh at cryptocom.ru>

12:31 rafan 

Add p5-openxpki-i18n 0.9.538, perl based trustcenter software for PKI:
i18n tools.

PR:             ports/103948
Submitted by:   Sergei Vyshenski <svysh at cryptocom.ru>

12:31 rafan 

Add p5-openxpki-client-soap-lite 0.9.421, SOAP-Lite toolkit for
openxpki.

PR:             ports/103947
Submitted by:   Sergei Vyshenski <svysh at cryptocom.ru>

12:30 rafan 

Add p5-openxpki-client-scep 0.9.421, client for SCEP requests to
openxpki server.

PR:             ports/103946
Submitted by:   Sergei Vyshenski <svysh at cryptocom.ru>

12:30 rafan 

Add p5-openxpki-client-html-mason 0.9.546, web interface for local
openxpki daemon.

PR:             ports/103945
Submitted by:   Sergei Vyshenski <svysh at cryptocom.ru>

12:29 rafan 

Add p5-openxpki-client-cli 0.9.459, command line interface for local
openxpki daemon.

PR:             ports/103944
Submitted by:   Sergei Vyshenski <svysh at cryptocom.ru>

12:29 rafan 

Add p5-openxpki-client 0.9.450, perl based trustcenter software for PKI:
base class for actual clients.

PR:             ports/103943
Submitted by:   Sergei Vyshenski <svysh at cryptocom.ru>

04:58 clsung 

Add p5-Crypt-GCrypt 1.15, perl interface to the GNU Cryptographic
library.

PR:             ports/103767
Submitted by:   TAKAHASHI Kaoru <kaoru at kaisei.org>

00:05 alepulver 

The Metasploit Project

This is the Metasploit Project. The goal is to provide useful
information to people who perform penetration testing, IDS signature
development, and exploit research. This site was created to fill the
gaps in the information publicly available on various exploitation
techniques and to create a useful resource for exploit developers. The
tools and information on this site are provided for legal penetration
testing and research purposes only.

This port is an in-development version of the upcoming Metasploit Framework.
It is based on Ruby instead of perl, and has a different license.

WWW: http://www.metasploit.org

PR:             ports/101280
Submitted by:   Yonatan <onatan at gmail.com>

15:36 sat 

- Separate sinfp into library (p5-Net-SinFP) and binary+db (sinfp)
- Use latest db snapshot

07:30 miwi 

PBNJ is a network suite to monitor changes that occur on a network
over time. It does this by checking for changes on the target
machine(s), which includes the details about the services running on
them as well as the service state. PBNJ parses the data from a scan
and stores it in a database. PBNJ uses Nmap to perform scans.

WWW: http://www.sf.net/projects/pbnj

PR:             ports/100904
Submitted by:   Joshua D. Abraham <jabra(at)ccs.neu.edu>

10:26 clsung 

Add blocksshd 0.8, protects computers from SSH brute force attacks.

PR:             ports/102367
Submitted by:   Gea-Suan Lin <gslin at gslin.org>

21:19 miwi 

Fwipe is a secure file erasing program. fwipe0, which actually erases
your files, is immune to filenames containing spaces, carriage returns,
dashes, or any other special characters. You can use it in place of rm
in cron jobs, together with "find ... -print0". The output of fwipe0 is
specially designed to be parsed easily by machine, so it can be embedded
in other applications which need secure file erasure.

WWW: http://jeenyus.net/~budney/linux/software/fwipe.html

PR:             ports/103488
Submitted by:   David Thiel <lx(at)redundancy.redundancy.org>

20:18 sat 

Add port security/shttpscanner:

Simple HTTP Scanner is a creation made for web site pen testing. You can
check for directories and files on the remote web server and get some
server information like the webserver running.

WWW: http://sourceforge.net/projects/shttpscanner/
Author: Paisterist <paisterist@users.sourceforge.net>

21:40 acm 

- Remove security/fpc-md5. It was renamed to security/fpc-hash

Approved by:    garga (mentor, implicit)

21:09 acm 

- New port:

05:23 novel 

TLS Lite is a free python library that implements SSL 3.0, TLS 1.0, and TLS
1.1. TLS Lite supports non-traditional authentication methods such as SRP,
shared keys, and cryptoIDs in addition to X.509 certificates. TLS Lite is pure
Python, however it can access OpenSSL, cryptlib, pycrypto, and GMPY for faster
crypto operations. TLS Lite integrates with httplib, xmlrpclib, poplib,
imaplib, smtplib, SocketServer, asyncore, and Twisted.

WWW: http://trevp.net/tlslite/

PR:             ports/102923
Submitted by:   Alexander Botero-Lowry <alex at foxybanana.com>

08:02 ale 

Suhosin is an advanced protection system for PHP installations.
It was designed to protect servers and users from known and
unknown flaws in PHP applications and the PHP core.
Suhosin comes in two independent parts, that can be used
separately or in combination. The first part is a small patch
against the PHP core, that implements a few low-level
protections against bufferoverflows or format string
vulnerabilities and the second part is a powerful PHP extension
that implements all the other protections.

Suhosin is binary compatible to normal PHP installation,
which means it is compatible to 3rd party binary extension
like ZendOptimizer.

WWW: http://www.suhosin.org/

23:31 kris 

Remove expired ports

18:34 pav 

The pam_abl provides auto blacklisting of hosts and users
responsible for repeated failed authentication attempts.

WWW: http://www.hexten.net/pam_abl/

PR:             ports/100635
Submitted by:   Petr Rehor <prehor@gmail.com>