18:34 pav 

The pam_abl provides auto blacklisting of hosts and users
responsible for repeated failed authentication attempts.

WWW: http://www.hexten.net/pam_abl/

PR:             ports/100635
Submitted by:   Petr Rehor <prehor@gmail.com>

19:47 novel 

GnuTLS is a portable ANSI C based library which implements the TLS 1.0 and
SSL 3.0 protocols. The library does not include any patented algorithms and
is available under the GNU Lesser GPL license.

Important features of the GnuTLS library include:
- Thread safety
- Support for both TLS 1.0 and SSL 3.0 protocols
- Support for both X.509 and OpenPGP certificates
- Support for basic parsing and verification of certificates
- Support for SRP for TLS authentication
- Support for TLS Extension mechanism
- Support for TLS Compression Methods

Additionaly GnuTLS provides an emulation API for the widely used
OpenSSL library, to ease integration with existing applications.

WWW:    http://www.gnutls.org/

13:13 rafan 

Add mosref 2.0.b3, a secure remote execution framework using a compact
Scheme-influenced VM.

PR:             ports/102238
Submitted by:   Piet Delport

07:46 sat 

Add port security/sinfp:

SinFP is a new approach to OS fingerprinting, which bypasses
limitations that nmap has.

Nmap approaches to fingerprinting as shown to be efficient for years.
Nowadays, with the omni-presence of stateful filtering devices,
PAT/NAT configurations and emerging packet normalization technologies,
its approach to OS fingerprinting is becoming to be obsolete.

SinFP uses the aforementioned limitations as a basis for tests to be
obsolutely avoided in used frames to identify accurately the remote
operating system. That is, it only requires one open TCP port, sends
only fully standard TCP packets, and limits the number of tests to 2
or 3 (with only 1 test giving the OS reliably in most cases).

WWW: http://www.gomor.org/sinfp

12:09 itetcu 

VNCcrack is a fast offline password cracker for VNC passwords.
By sniffing a VNC challenge-response sequence off the network
(typically when VNC is used without a decent cryptographic
wrapper like SSH or SSL), you can recover the password fairly
easily and quickly by letting VNCcrack pound on it.

WWW: http://www.randombit.net/projects/vnccrack/

PR:             ports/102279
Submitted by:   Pankov Pavel <pankov_p at mail.ru>

15:15 shaun 

Finish adding security/openvpn-devel after repocopy.

08:27 rafan 

Add bruteblock 0.0.4, software for blocking bruteforce attacks with
ipfw.

PR:             ports/101254
Submitted by:   Dmitry Marakasov <amdmi3 at mail.ru>

02:57 acm 

- Remove security/linux-krb5-libs, it was integrated to linux_base-fc4.

Approved by:    garga (mentor)

15:47 clsung 

- ruby-crypt is a pure-ruby implementation of a number of popular
  encryption algorithms.

03:51 clsung 

Add p5-PerlCryptLib 1.03, perl interface to Peter Guttman cryptlib API.

PR:             ports/101658
Submitted by:   Gea-Suan Lin <gslin at gslin.org>

16:25 itetcu 

This library implements Blowfish, DES, and Triple-DES.

Author: Gerd Stolpmann
WWW:    http://www.ocaml-programming.de/packages/

PR:             ports/101213
Submitted by:   Stanislav Sedov <ssedov at mbsd.msk.ru>

15:03 acm 

- New port: security/linux-krb5-libs

Kerberos V5 is an authentication system developed at MIT.

(Linux version)

WWW: http://web.mit.edu/kerberos/

- New port: security/linux-openssl

The OpenSSL Project is a collaborative effort to develop a robust,
commercial-grade, full-featured, and Open Source toolkit implementing
the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security
(TLS v1) protocols with full-strength cryptography world-wide. The
project is managed by a worldwide community of volunteers that use
the Internet to communicate, plan, and develop the OpenSSL tookit
and its related documentation.

OpenSSL is based on the excellent SSLeay library developed by Eric
A. Young and Tim J. Hudson. The OpenSSL toolkit is licensed under
an Apache-style licence, which basically means that you are free
to get and use it for commercial and non-commercial purposes subject
to some simple license conditions.

(Linux version)

WWW: http://www.openssl.org/

Approved by:    garga (mentor)

17:22 rafan 

Add p5-Crypt-OICQ, cryptographic algorithm used by OICQ protocol.
This is for chinese/oicq.

13:42 clsung 

Add pecl-tcpwrap 1.0, a PECL extension which provides tcpwrappers
binding.

PR:             ports/101136
Submitted by:   chinsan <chinsan.tw at gmail.com>

13:06 rafan 

Add httprint 301, web server fingerprinting tool.

PR:             ports/101004
Submitted by:   Yonatan <onatan at gmail.com>

11:12 acm 

New port: security/gpass

The GNOME Password Manager - GPass for short - is a simple
application, written for the GNOME 2 desktop, that lets you manage a
collection of passwords.  The password collection is stored in an
encrypted file, protected by a master-password.

GPass is released under the GNU GPL2 licence.

Features:

    * Clean and easy-to-use user interface.
    * Quick-search facility.
    * Username and password may easily be copied to the clipboard.
    * Encryption is done using the OpenSSL cryptographics library.
    * The built-in password generator helps you generate secure passwords.
    * You can launch a website and the associated username/passwords
      direct from GPass

Author: Kouji TAKAO <kouji -at- netlab.jp>
WWW:    http://projects.netlab.jp/gpass/

PR:             ports/100845
Submitted by:   ports_at_c0decafe.net <ports at c0decafe.net>
Approved by:    garga (mentor)

18:15 rafan 

Add isnprober 1.02, penTest tool for TCP Initial Sequence Numbers
research.

PR:             ports/101005
Submitted by:   Yonatan <onatan at gmail.com>

08:07 clsung 

Add courieruserinfo 1.1.2, user account information retrieval utility.

PR:             ports/100900
Submitted by:   Andrew St. Jean <andrew at arda.homeunix.net>

09:56 miwi 

Add trans-proxy-tor,  transparent proxy used to redirect TCP
connections into Tor.

trans-proxy-tor is a transparent proxy
that uses PF to redirect TCP connections
through Tor (http://tor.eff.org/).

Programs that aren't aware of Tor
will use it without their knowledge,
and their traffic no longer leaves the
system unencrypted.

PR:             ports/99034
Submitted by:   Fabian Keil <fk at fabiankeil.de>

09:47 miwi 

Add dns-proxy-tor, resolves DNS requests through Tor.

dns-proxy-tor is a DNS server that stops
DNS leaks with applications that don't support
or aren't configured to use socks4a or Tor's DNS
resolution.

WWW: http://http://p56soo2ibjkx23xo.onion/

PR:             ports/99033
Submitted by:   Fabian Keil <fk at fabiankeil.de>

01:21 clsung 

Add p5-Data-Entropy 0.000, entropy (randomness) management.

PR:             ports/100547
Submitted by:   Gea-Suan Lin <gslin at gslin.org>

15:45 erwin 

This is a pure perl implementation of the new AES Rijndael. You want
to use Crypt::Rijndael where available. This implementation is really
slow, but I am working on it.

WWW:    http://search.cpan.org/dist/Crypt-Rijndael_PP/

PR:             ports/100262
Submitted by:   Gea-Suan Lin <gslin at gslin.org>

18:03 shaun 

Add a port of "knock" - a flexible port-knocking server and client.

PR:             ports/94626
Submitted by:   shaun (me)
Approved by:    ahze (mentor, implicit)

15:41 garga 

This package provides an interface to the cracklib (libcrack) libraries that
come standard on most unix-like distributions. This allows you to check
passwords against dictionaries of words to ensure some minimal level of
password security.

From the cracklib README
CrackLib makes literally hundreds of tests to determine whether you've
chosen a bad password.

* It tries to generate words from your username and gecos entry to tries
to match them against what you've chosen.

* It checks for simplistic patterns.

* It then tries to reverse-engineer your password into a dictionary
word, and searches for it in your dictionary.

- after all that, it's PROBABLY a safe(-ish) password. 8-)

WWW: http://pecl.php.net/package/crack

PR:             ports/94244
Submitted by:   Bill Moran <wmoran at collaborativefusion.com>

19:21 novel 

Remove gnutls-devel since the development version of gnutls is not
active yet.

14:04 vd 

Remove expired leaf ports:
2006-07-01 emulators/linux_base-fc3
2006-06-15 misc/linux-opengroupware
2006-07-01 net/opengk
2006-07-01 security/p5-Crypt-OpenPGP
2006-07-01 textproc/sed_inplace
2006-07-01 textproc/xml4j
2006-07-01 x11-wm/aewm++

21:08 itetcu 

Kovpn is a really simple OpenVPN GUI for everyday use. It is a client only GUI,
meaning that you cannot administrate an OpenVPN server with it (Look for kvpnc
if you want such a program). You can use it to connect and disconnect without
needing to open a console. You can also input username and/or password that
might be needed.
In Short: It can do everything an end-user want's for his everyday work with
OpenVPN.

WWW: http://www.enlighter.de/

--Anderson S. Ferreira <anderson@cnpm.embrapa.br>

PR:             ports/95709
Submitted by:   anderson@cnpm.embrapa.br

12:52 erwin 

Add p5-openxpki 0.9.342, perl based enterprise class trastcenter
software for PKI.

PR:             ports/99317
Submitted by:   Sergei Vyshenski <svysh@cryptocom.ru>

05:00 aaron 

Adding port security/p5-Authen-PAAS, Perl Authentication & Authorization
Service

Approved by:    tobez (implicit)

11:51 flz 

Add OpenBSM 1.0a6, the Open Source Basic Security Module (BSM) Audit
Implementation.

17:04 ale 

Engine_pkcs11 is an implementation of an engine for OpenSSL.
It can be loaded using code, config file or command line and
will pass any function call by openssl to a PKCS#11 module.
Engine_pkcs11 is meant to be used with smart cards and software
for using smart cards in PKCS#11 format, such as OpenSC.

WWW:    http://www.opensc-project.org/engine_pkcs11/

Note: the port requires the OpenSSL installed from ports,
since dynamic engine loading is disabled in base system.
See PR bin/79570 for details.

17:00 ale 

Pam_p11 is a plugable authentication module (pam) package
for using crpytographic tokens such as smart cards and
usb crypto tokens for authentication.

Pam_p11 uses libp11 to access any PKCS#11 module.
It should be compatible with any implementation, but it
is primarely developed using OpenSC.

Pam_p11 implements two authentication modules:
 * pam_p11_openssh authenticates the user using his
   openssh ~/.ssh/authorized_keys file.
 * pam_p11_opensc authenticates the user using
   certificates found in ~/.eid/authorized_certificates.

Pam_p11 is very simple, it has no config file, no options
other than the PKCS#11 module file, does not know about
certificate chains, certificate authorities, revocation
lists or OCSP. Perfect for the small installation with no
frills.

WWW:    http://www.opensc-project.org/pam_p11/

16:58 ale 

Libp11 is a library implementing a small layer
on top of PKCS#11 API to make using PKCS#11
implementations easier.

WWW:    http://www.opensc-project.org/libp11/

09:44 erwin 

The NTLM (Windows NT LAN Manager) authentication scheme is the
authentication algorithm used by Microsoft.

NTLM authentication scheme is used in DCOM and HTTP environment. It is
used to authenticate DCE RPC packets in DCOM. It is also used to
authenticate HTTP packets to MS Web Proxy or MS Web Server.

Currently, it is the authentication scheme Internet Explorer chooses to
authenticate itself to proxies/web servers that supports NTLM.

WWW: http://search.cpan.org/dist/Authen-NTLM/

PR:             ports/98684
Submitted by:   James Thomason <james@divide.org>

08:49 clsung 

Add p5-Nmap-Parser 1.05, parse nmap scan data with perl.

PR:             ports/98576
Submitted by:   Joshua D. Abraham <jabra@ccs.neu.edu>

13:00 garga 

PAM module for TIS authsrv authentication

The pam_authsrv module provides TIS authsrv authentication to PAM-aware
applications. It has been tested under AIX 4.3.3 (using the Linux-PAM for
AIX patch) and 5.1, Solaris 8 and 9, RedHat Linux 7.2, and HP-UX 11.00.

The pam_authsrv source code is available from:

    ftp://ftp.feep.net/pub/software/PAM/pam_authsrv/pam_authsrv-1.0.2.tar.gz

Binaries of pam_authsrv are available as Encap packages for a variety of
platforms.

For further information, please see the enclosed README file.

WWW: http://www.feep.net/PAM/pam_authsrv/

PR:             ports/97157
Submitted by:   Jim Pirzyk <pirzyk@FreeBSD.org>

10:09 itetcu 

Translated manual pages for security/nmap.  Current list of
translations includes Spanish, French, Croatian, Japanese,
Polish, Portuguese, Romanian, Slovak and Chinese.

WWW: http://www.insecure.org/nmap/

PR:             ports/93598
Submitted by:   Daniel Roethlisberger <daniel@roe.ch>
Approved by:    lawrance (mentor, implicit)

21:33 jmelo 

- Remove this port, the version was included in base system.

Approved by:    mnag (mentor)

15:22 pav 

- Rename ports

  security/gnomekeyring -> security/gnome-keyring
  security/gnomekeyringmanager -> security/gnome-keyring-manager

14:26 johans 

Let's not forget to update Makefile when adding new port (reminded by flz)

Approved by:    flz (mentor)

20:05 aaron 

Adding port security/p5-Crypt-Dining, The Dining Cryptographers' ProtocoAdding
port security/p5-Crypt-Dining, The Dining Cryptographers' Protocoll

Approved by:    tobez (implicit)

18:04 sem 

A PAM module that allows you to require a special group or
user to access a service.

WWW: http://www.splitbrain.org/projects/pam_require/

PR:             ports/95187
Submitted by:   Chris Cowart <ccowart@rescomp.berkeley.edu>

18:20 aaron 

Adding port security/p5-Tree-Authz, a library implementing a Role-Based Access
Control authorization scheme.

Approved by:    tobez (implicit)

17:30 aaron 

Adding port security/p5-Authen-Simple-RADIUS, RADIUS extension for
security/p5-Authen-Simple.

Approved by:    tobez (implicit)

17:24 aaron 

Adding port security/p5-Authen-Simple-PAM, PAM extension for
security/p5-Authen-Simple.

Approved by:    tobez (implicit)

17:20 aaron 

Adding port security/p5-Authen-Simple-DBM, DBM extension for
security/p5-Authen-Simple.

Approved by:    tobez (implicit)

17:15 aaron 

Adding port security/p5-Authen-Simple-SMB, SMB extension for
security/p5-Authen-Simple.

Approved by:    tobez (implicit)

17:09 aaron 

Adding port security/p5-Authen-Simple-SSH, SSH protocol extension for
security/p5-Authen-Simple.

Approved by:    tobez (implicit)

11:50 garga 

PAM module for pseudouser authentication

PR:             ports/97159
Submitted by:   Jim Pirzyk <pirzyk@FreeBSD.org>

05:37 aaron 

Adding port security/p5-Authen-Simple-Passwd, Passwd extension for
security/p5-Authen-Simple.

Approved by:    tobez (implicit)

05:27 aaron 

Adding port security/p5-Authen-Simple-HTTP, HTTP extension for
security/p5-Authen-Simple.

Approved by:    tobez (implicit)

05:19 aaron 

Adding port security/p5-Authen-Simple-Net, extension for
security/p5-Authen-Simple allowing authentication via FTP, POP3, or SMTP.

Approved by:    tobez (implicit)

05:07 aaron 

Adding port security/p5-Authen-Simple-DBI, DBI extension for security/p5-Authen-
Simple.

Approved by:    tobez (implicit)

01:10 aaron 

Adding port security/p5-Authen-Simple-LDAP, LDAP and ActiveDirectory extension
to security/p5-Authen-Simple.

Approved by:    tobez (implicit)

00:52 aaron 

Adding port security/p5-Authen-Simple, a consistent and simple framework for
authentication.

Approved by:    tobez (implicit)

10:44 sat 

Add py-cerealizer: Secure pickle-like module

PR:             ports/96944
Submitted by:   Jose Alonso Cardenas Marquez <acardenas@bsd.org.pe>
Approved by:    krion (mentor)

15:34 garga 

PAM module for per-user authentication

PR:             ports/97158
Submitted by:   Jim Pirzyk <pirzyk@freebsd.org>

16:33 aaron 

Add ipfwcount 0.2.1, summarise ipfw logs by counting and sorting the
fields.

PR:             ports/92454
Submitted by:   Robert Archer <freebsd@deathbeforedecaf.net>
Approved by:    tobez

12:08 jeh 

Since the DAT files are so short lived on the server, have this port
automatically fetch the current DAT file.  The uvscan-dat port will
be removed shortly.

11:46 itetcu 

TrustedPickle is a Python module that can save most any arbitrary Python object
in a signed pickle file. There are two big differences between this module and
the standard pickle module. First, TrustedPickle can pickle a module, but the
standard pickle module cannot. Second, TrustedPickle includes a signature that
can verify the data's origin before the data is unpickled.

WWW: http://trustedpickle.sourceforge.net/index.html

PR:             ports/96691
Submitted by:   Alexander Botero-Lowry <alex@foxybanana.com>
Approved by:    lawrance (mentor)

14:06 sat 

Add parano: A Gnome program to deal with hashfiles

PR:             ports/96710
Submitted by:   sat
Approved by:    krion (mentor)

00:52 ehaupt 

Add rainbowcrack 1.2, a hash cracker that precomputes plaintext -
ciphertext pairs in advance.

PR:             96664
Submitted by:   bryan@freshdns.net

07:36 clsung 

Add medusa 1.0, a speedy, massively parallel, modular, login
brute-forcer.

PR:             ports/96641
Submitted by:   David Thiel <lx@redundancy.redundancy.org>

20:46 pav 

courierpasswd is an authentication and password changing utility
that uses the courier-authlib authentication library to find user credentials.

Its interface follows that of Daniel J. Bernstein's checkpassword program.

WWW: http://www.arda.homeunix.net/store/

PR:             ports/96572
Submitted by:   Andrew St. Jean <andrew@arda.homeunix.net>

04:04 ijliao 

add p5-Authen-TypeKey 0.05
TypeKey authentication verification

PR:             94679
Submitted by:   Gea-Suan Lin <gslin@gslin.org>

15:55 pav 

Tcl SASL provides a Tcl interface to the Cyrus SASLv2 library.

WWW: http://beepcore-tcl.sourceforge.net/tclsasl.html

PR:             ports/96359
Submitted by:   Denis Shaposhnikov <dsh@vlink.ru>

15:44 pav 

Password Manager helps to manage large numbers of passwords and related
information and simplifies the tasks of searching and entering password data.

KedPM is written as an extensible framework, which allows users to plug in
custom password database back-ends and custom user interface front-ends.
Currently, only the Figaro PM back-end supported. To control KedPM user can
choose between CLI and GTK2 based GUI front-ends.

WWW: http://kedpm.sourceforge.net

PR:             ports/96321
Submitted by:   Tim Welch <twelch@thepentagon.org>

01:55 jmelo 

- New port:
fswatch is a utility to guard changes in a file system. fswatch is composed
of three simple programs: fswbuild, fswcmp, fswshow. fswbuild builds file
system information database. fswcmp compairs two database files and returns
what changes a in file system have been introduced. fswshow shows contents of
database file. a file information database is platform independend.

fswatch can collect the following information about files (and directories):
inode, links, uid, gid, mode, size, flags, ctime, checksum (sha1) ; and can
show which files were added, deleted or changed.

PR:             ports/95973
Submitted by:   dominik karczmarski <dominik@karczmarski.com> (maintainer)
Reworked by:    jmelo
Approved by:    mnag (mentor)

07:19 vd 

Remove expired ports:
2006-04-17 security/nessus-devel
2006-04-17 security/nessus-libnasl-devel
2006-04-17 security/nessus-libraries-devel
2006-04-17 security/nessus-plugins-devel

13:54 archie 

Remove the skip port. Created before there was an IPSec implementation on
FreeBSD, it is now extremely obsolete. In any case it doesn't compile. Earlier
version of this port can still be used on older versions of FreeBSD of course.

17:07 sem 

UPEK TouchChip TFM/ESS Fingerprint BSP is a (binary only) BioAPI BSP which
provides support for UPEKs fingerprint sensors.

PR:             ports/93035
Submitted by:   Fredrik Lindberg <fli@shapeshifter.se>

09:57 tobez 

Add security/p5-GSSAPI 0.20, a Perl extension providing access to the
GSSAPIv2 library.

12:32 sem 

Anti-bruteforce PAM module for authentification services. It can be used to
prevent brute-force attacks on services like SSH or Telnet. It's highly
configurable and very fast.

WWW: http://mbsd.msk.ru/pam_af.html

PR:             ports/94113
Submitted by:   Stanislav Sedov <ssedov@mbsd.msk.ru>

19:20 pav 

Password Gorilla is cross-platform Password Manager.
It uses TCL/Tk and runs on most platforms supported by Tcl/Tk.

WWW:    http://www.fpx.de/fp/Software/Gorilla

PR:             ports/93179
Submitted by:   Kay Lehmann <kay_lehmann@web.de>

23:11 jylefort 

Add silktools.

SiLK, the System for Internet-Level Knowledge, is a collection of
netflow tools developed by the CERT/NetSA (Network Situational
Awareness) Team to facilitate security analysis in large networks.

SiLK consists of a suite of tools which collect and examine netflow
data, allowing analysts to rapidly query large sets of data.

WWW: http://silktools.sourceforge.net

PR:             ports/94623
Submitted by:   David Thiel <lx@redundancy.redundancy.org>

15:54 arved 

Add matrixssl, a small GPL'd SSL implementation.

21:40 mnag 

- Add port security/pecl-gnupg

This extension provides methods to PHP interact with gnupg.

WWW:    http://pecl.php.net/package/gnupg

20:00 linimon 

Remove hpn-ssh; the functionality is now an option when building the
openssh-portable port.

Pointy hat to:  brooks

11:37 garga 

The Authen::Libwrap module allows you to access the hosts_ctl()
function from the popular TCP Wrappers security package.  This
allows validation of network access from perl programs against
the system-wide hosts.allow file.

WWW: http://search.cpan.org/dist/Authen-Libwrap

PR:             ports/92855
Submitted by:   Zach Thompson <hideo@lastamericanempire.com>

10:56 pav 

New slave port to security/barnyard - adds patches for sguil6

PR:             ports/92241
Submitted by:   Paul Schmehl <pauls@utdallas.edu>

17:09 garga 

We all know that you should always check input variables, but PHP does not
offer really good functionality for doing this in a safe way.
The Input Filter extension is meant to address this issue by implementing
a set of filters and mechanisms that users can use to safely access their
input data.

WWW: http://pecl.php.net/package/filter

PR:             ports/92198
Submitted by:   Alexander Zhuravlev <zaa@zaa.pp.ru>

07:27 pav 

Net::SFTP is a pure Ruby implementation of the SFTP client protocol
(versions 1 through 5).

PR:             ports/91829
Submitted by:   Roderick van Domburg <r.s.a.vandomburg@student.utwente.nl>

07:20 pav 

Net::SSH is a pure-Ruby implementation of the SSH2 client protocol. It
supports the following features:

 - User authentication via explicit username/password, or using a
public-key/private-key pair.
 - Port forwarding, both from the local host to a remote computer via
the remote host, and from the remote host to the local host.
 - Execute processes on the remote machine, both interactively and
non-interactively ("batch").

PR:             ports/91828
Submitted by:   Roderick van Domburg <r.s.a.vandomburg@student.utwente.nl>

23:19 brooks 

Add drupal-ldap_integration.

The ldap_integration Drupal module allows users to authenticate against
a LDAP directory.  Additionally, users can read and modify their data in
the LDAP directory subject to administrative restrictions.

15:24 pav 

ClamCour is a filter for courier MTA using ClamAV for scanning mails for
viruses.

PR:             ports/91740
Submitted by:   Milan Obuch <bsd@dino.sk>

10:12 pav 

The (BSD) BioAPI service module for PAM provides authentication management
through BioAPI BSPs.

PR:             ports/91750
Submitted by:   Fredrik Lindberg <fli@shapeshifter.se>

10:11 pav 

bioapitool is a small BioAPI management utility which allows enrollment and
verification of BIR entries.  It only implements a subset of the BioAPI
specification but should provide enough functionallity for basic account
management.

PR:             ports/91749
Submitted by:   Fredrik Lindberg <fli@shapeshifter.se>

09:29 pav 

BioAPI (Biometric Application Programming Interface) brings platform and device
independence to application programmers and biometric service providers.

PR:             ports/91734
Submitted by:   Fredrik Lindberg <fli@shapeshifter.se>

08:31 pav 

- Move databases/pecl-hash to security/pecl-hash

PR:             ports/91680
Submitted by:   Alexander Zhuravlev <zaa@zaa.pp.ru> (maintainer)
Repocopies by:  marcus

12:33 edwin 

New port: security/expiretable Utility used to remove entries from the pf(4)
table based on their age

        Expiretable is a utility used to remove entries from the pf(4) table
        based on their age.

        The age in question being the amount of time that has passed since
        the statistics for each entry in the target table was last cleared.

        WWW: http://expiretable.fnord.se/

PR:             ports/91481
Submitted by:   cris <cris@gufi.org>

07:57 edwin 

Update: security/samhain 2.0.10 -> 2.1.0

        Updating the Samhain integrity checking system to 2.1.0, a
        bugfix release.

        It's been requested by several people to break Samhain out
        into separate client and server ports. This PR does that,
        with a samhain-client and samhain-server port, as slave
        ports off of samhain. I'm not sure the best way to submit
        a PR to do this kind of action, but here is a shar of all
        three ports. If another format is desired, please let me
        know.  I'm also interested in feedback on the approach used
        for splitting these out.

PR:             ports/90305
Submitted by:   David Thiel <lx@redundancy.redundancy.org>

07:56 edwin 

Update: security/samhain 2.0.10 -> 2.1.0

        Updating the Samhain integrity checking system to 2.1.0, a
        bugfix release.

        It's been requested by several people to break Samhain out
        into separate client and server ports. This PR does that,
        with a samhain-client and samhain-server port, as slave
        ports off of samhain. I'm not sure the best way to submit
        a PR to do this kind of action, but here is a shar of all
        three ports. If another format is desired, please let me
        know.  I'm also interested in feedback on the approach used
        for splitting these out.

PR:             ports/90305
Submitted by:   David Thiel <lx@redundancy.redundancy.org>

04:38 edwin 

[NEW PORT]: security/cutlass

        The attached shar is for security/cutlass - an encrypted
        peer-to-peer voice, text, and file transmission protocol
        entended to bring encrypted Internet use to the masses.
        Also included is a sample application using the protocol.

Please note that the patch ommited from the PR will have to be added
when ports/91035 : [UPDATE]: security/botan is commited.

PR:             ports/91072
Submitted by:   Wesley Shields <wxs@csh.rit.edu>

15:52 foxfair 

Add ipfcount 0.1, summarise ipf logs by counting and sorting the fields.

PR:             ports/90811
Submitted by:   Robert Archer <freebsd@deathbeforedecaf.net>

09:58 garga 

Add openvpn-admin 1.9.2, GUI frontend to openvpn.

PR:             ports/90176
Submitted by:   Remington Lang <MrL0Lz@gmail.com>

09:27 erwin 

This is not C-code interface (like `Digest::MD5') but a Perl-only
implementation of MD4 (like `Digest::Perl::MD5'). Because of this, it is
slow but avoids platform specific complications. For efficiency you
should use `Digest::MD4' instead of this module if it is available.

WWW: http://search.cpan.org/dist/Digest-Perl-MD4

PR:             ports/90771
Submitted by:   Gabor Kovesdan

09:25 erwin 

Digest::SHA::PurePerl is a complete implementation of the NIST
Secure Hash Standard.  It gives Perl programmers a convenient way
to calculate SHA-1, SHA-224, SHA-256, SHA-384, and SHA-512 message
digests.  The module can handle all types of input, including
partial-byte data.
Digest::SHA::PurePerl is written entirely in Perl.  If your platform
has a C compiler, you should install the functionally-equivalent
(but much faster) Digest::SHA module.

WWW: http://search.cpan.org/dist/Digest-SHA-PurePerl

PR:             ports/90773
Submitted by:   Gabor Kovesdan

09:24 erwin 

This is not an interface (like "Digest::MD5") but a Perl implementation
of MD5. It is written in perl only and because of this it is slow but it
works without C-Code. You should use "Digest::MD5" instead of this
module if it is available. This module is only usefull for
computers where you cannot install "Digest::MD5" (e.g. lack of a
C-Compiler).

WWW: http://search.cpan.org/dist/Digest-Perl-MD5

PR:             ports/90772
Submitted by:   Gabor Kovesdan

09:19 erwin 

Digest::Pearson::PurePerl is an implementation of Peter K. Pearson's hash
algorithm presented in "Fast Hashing of Variable Length Text Strings"
- ACM 1990. This hashing technique yields good distribution of hashed results
for variable length input strings on the range 0-255, and thus, it is well
suited for data load balancing.
If you prefer a fast implementation, you might want to
consider Digest::Pearson instead.

WWW: http://search.cpan.org/dist/Digest-Pearson-PurePerl

PR:             ports/90770
Submitted by:   Gabor Kovesdan

17:39 erwin 

TEA is a 64-bit symmetric block cipher with a 128-bit key and a variable number
of rounds (32 is recommended). It has a low setup time, and depends on a
large number of rounds for security, rather than a complex algorithm. It was
developed by David J. Wheeler and Roger M. Needham, and is described at
http://www.ftp.cl.cam.ac.uk/ftp/papers/djw-rmn/djw-rmn-tea.html .

WWW: http://search.cpan.org/dist/Crypt-TEA

PR:             ports/90717
Submitted by:   Gabor Kovesdan