20:01 thierry 

Add snortsms 0.11.3, a Snort Sensor Management System web interface
and monitoring console.

PR:             81425
Submitted by:   J. Randolph <snortsms (at) servangle.net>

09:48 thierry 

Add pamtester 0.1.0, a command line pam authentication tester.

PR:             81427
Submitted by:   andy (at) fud.org.nz

11:06 pav 

An inline IPS system based on snort using ipfw.

PR:             ports/81378
Submitted by:   Nick Rogness <nick@rogness.net>

21:14 pav 

bruteforceblocker is a script that checks sshd's auth.log for Failed
login attemtps and cooperates with pf firewall. When given IP gains
specific number of fails, bruteforceblocker adds this IP to the pf's
table. This is useful for people who are getting large number of
these attempts.

PR:             ports/80211
Submitted by:   Daniel Gerzo <danger@rulez.sk>

13:10 erwin 

Add p5-Digest-SHA256 0.01b, perl5 interface to the SHA256 algorithm.

PR:             ports/79211
Submitted by:   Christopher Nehren

21:52 pav 

This is a port of tinysu, a featureless replacement for su and sudo. tinysu is
installed setuid root and executable by members of a particular group. It is
intended to be used in situations where an unprivileged user is being granted
full root access, but wants the convenience of a sudo-style log.

PR:             ports/80752
Submitted by:   Zak Johnson <zakj@nox.cx>

22:21 jylefort 

Add openscep.

OpenSCEP is an open source implementation of the SCEP protocol used by Cisco
routers for certificate enrollment to build VPNs. It implements most of the
draft specification.

OpenSCEP includes a client and a server implementation, as well as some CGI
programs to simplify certificate and revocation list management.

WWW: http://openscep.othello.ch/

PR:             ports/81264
Submitted by:   Vsevolod Stakhov <vsevolod@highsecure.ru>

17:46 pav 

New port: security/pear-Crypt_RSA PEAR class allows you to use two-key strong
cryptography

PEAR::Crypt_RSA allows you to use two-key strong cryptography like RSA with
arbitrary key length.

PR:             ports/80939
Submitted by:   Antonio Carlos Venancio Junior <antonio@php.net>

16:44 ume 

New port -- SASL LDAPDB auxprop plugin
Though this is actually part of Cyrus SASL2, we cannot simply
enable it in security/cyrus-sasl2 to avoid dependency loop with
net/openldap.

23:51 jylefort 

Add p5-CSP.

CSP is a Perl class and script for running multiple CAs. OpenSSL is used
for all operations. CSP can also generate a small CA website used to
distribute certificates and CRLs.

WWW: http://devel.it.su.se/projects/CSP/

PR:             ports/79885
Submitted by:   David Thiel <lx@redundancy.redundancy.org>

17:49 alfred 

p5-Business-PayPal-EWP

19:51 thierry 

Add pear-Crypt_Blowfish 1.0.0, PEAR class for blowfish encryption.

PR:             80404
Submitted by:   Antonio Carlos Venancio Junior (<antonio (at) php.net>)

19:17 oliver 

move mail/courier-authlib to security/courier-authlib which is a meta-port now.

Submitted by:           Yarema <yds@CoolRat.org>
In corporation with:    Jose M Rodriguez <josemi@freebsd.jazztel.es>, Milan
Obuch <ports@dino.sk>, myself

20:11 netchild 

PHP bindings to the libssh2 library which provide access to resources
(shell, remote exec, tunneling, file transfer) on a remote machine using a
secure cryptographic transport.

20:09 netchild 

libssh2 is a library implementing the SSH2 protocol as defined by
Internet Drafts: SECSH-TRANS(22), SECSH-USERAUTH(25), SECSH-CONNECTION(23),
SECSH-ARCH(20), SECSH-FILEXFER(06)*, SECSH-DHGEX(04), and SECSH-NUMBERS(10).

09:14 danfe 

Add libotr 2.0.1, the portable OTR Messaging Library and toolkit.

PR:             ports/79100
Submitted by:   Conor McDermottroe <ports(at)mcdermottroe.com>

19:05 pav 

Development version of distributed session caching tools and APIs, primarily
for SSL/TLS servers though perhaps useful for other (non-SSL/TLS)
circumstances.

Also includes a self-contained network abstraction library (libnal), and the
sslswamp SSL/TLS benchmark/test utility.

PR:             ports/79879
Submitted by:   Marcel Prisi <marcel.prisi@virtua.ch>

19:04 pav 

Distributed session caching tools and APIs, primarily for SSL/TLS servers
though perhaps useful for other (non-SSL/TLS) circumstances.

Also includes a self-contained network abstraction library (libnal), and the
sslswamp SSL/TLS benchmark/test utility.

PR:             ports/79878
Submitted by:   Marcel Prisi <marcel.prisi@virtua.ch>

18:41 sem 

A web frontend for the pf firewall wrote in PHP.

PR:             ports/79907
Submitted by:   Renato Botelho <freebsd@galle.com.br>

04:57 flz 

- Add py-twistedConch, an SSH and SFTP protocol implementation
together with clients and servers.

PR:             ports/79921
Submitted by:   Neal Nelson <neal@nelson.name>

22:52 pav 

New port: security/pear-Auth_PrefManager PEAR preferences management class

Preference Manager is a class to handle user preferences in a web application,
looking them up in a table using a combination of their userid, and the
preference name to get a value, and (optionally) returning a default value for
the preference if no value could be found for that user.

It is designed to be used alongside the PEAR Auth class, but can be used with
anything that allows you to obtain the user's id - including your own code.

PR:             ports/79556
Submitted by:   Antonio Carlos Venancio Junior <antonio@php.net>

10:31 danfe 

Add gaim-otr 1.0.1, allows deniable private conversations using GAIM.

PR:             ports/75352
Submitted by:   Conor McDermottroe <ports(at)mcdermottroe.com>

21:07 pav 

DMitry (Deepmagic Information Gathering Tool) is a UNIX/Linux command line
program coded purely in C with the ability to gather as much information as
possible about a host.

PR:             ports/77142
Submitted by:   Vaida Bogdan <vaidab@phenix.rootshell.be>,
                James Greig <james@mor-pah.net>

21:54 flz 

- Add dissembler 0.9, Tiny and clever tool to convert shellcode to ASCII.

PR:             ports/78783
Submitted by:   Jonathan <onatan@gmail.com>

21:19 pav 

New port: security/pear-File_SMBPasswd PEAR class for managing SAMBA style
password files

With PEAR::File_SMBPasswd you can maintain smbpasswd-files, usualy used by
SAMBA.

PR:             ports/78642
Submitted by:   Antonio Carlos Venancio Junior <antonio@php.net>

21:12 pav 

PEAR::Crypt_CHAP provides Classes for generating CHAP packets.
Currently these types of CHAP are supported:
* CHAP-MD5
* MS-CHAPv1
* MS-CHAPv2

PR:             ports/78641
Submitted by:   Antonio Carlos Venancio Junior <antonio@php.net>

20:30 pav 

New port: security/pear-File_HtAccess PEAR class to manipulate .htaccess files

Provides methods to create and manipulate .htaccess files.

PR:             ports/78603
Submitted by:   Antonio Carlos Venancio Junior <antonio@php.net>

10:06 flz 

- Add aimsniff 0.9d, an AOL Instant Messanger Sniffing and Reading Tool.

PR:             ports/63936
Submitted by:   Andrew Marks <spam@amrx.net>
Approved by:    pav (mentor)

22:43 flz 

Add secure_delete 3.1, a secure data deletion toolkit.

PR:             ports/69556
Submitted by:   bugghy <bugghy@phenix.rootshell.be>
Approved by:    pav (mentor)

16:04 pav 

Wipe is a file and block device wiping utility

PR:             ports/77108
Submitted by:   Edson Brandi <ebrandi@fugspbr.org>,
                Mark Laws <mdl@60hz.org>

22:51 thierry 

Add pear-Crypt_HMAC 1.0.1, PEAR class to calculate RFC 2104
compliant hashes.

PR:             77853
Submitted by:   Antônio Carlos Venâncio Júnior

00:17 sergei 

Add security/base:

BASE is the Basic Analysis and Security Engine. It is based on the code
from the ACID project. This application provides a PHP-based web front-end
to query and analyze the alerts coming from a Snort IDS system.

BASE is a web interface to perform analysis of intrusions that Snort has
detected on your network. It uses a user authentication and role-base
system, so that you as the security admin can decide what and how much
information each user can see. It also has a simple to use, web-based
setup program for people not comfortable with editing files directly.

WWW:    http://secureideas.sourceforge.net/

PR:             ports/74492 [1], ports/77103 [2]
Submitted by:   Linh Pham <question+fbsdports@closedsrc.org> [1],
                Paul Schmhel <pauls@utdallas.edu> [2]

00:05 roam 

Add poly1305-20050218, Prof. Daniel J. Bernstein's public domain message
authenticator library.

23:44 kris 

As previously announced, remove ports that have reached their expiry date,
and the handful of ports that depended on them.

21:46 sem 

SSCEP is a client-only implementation of the SCEP (Cisco System's Simple
Certificate Enrollment Protocol). SSCEP is designed for OpenBSD's isakmpd,
but it will propably work with any Unix system with a recent compiler and
OpenSSL toolkit libraries installed.

PR:             ports/77595
Submitted by:   Vsevolod Stakhov <vsevolod(at)highsecure.ru>

10:02 pav 

amavis-stats is a simple AMaViS statistics generator based on rrdtool.  It
produces graphs of clean emails, spam emails and infected emails broken down by
virus, from amavis log entries. RRD files are created and updated by a perl
script run from cron. Graphs are generated by a php script and viewed with a
web browser.

PR:             ports/68934
Submitted by:   Mantas Kaulakys <stone@tainet.lt>

19:19 skv 

security/rng_82802 is obsolete

00:16 pav 

Barnyard is output spool reader for Snort! It decouples output overhead
from the Snort network intrusion detection system and allows Snort to
run at full speed. It accepts binary inputs from snort and outputs
human readable files to disc or to a database.  At present, barnyard
is designed to accept binary inputs from snort and produce either human
readable files for parsing by log parsers or feed data directly to a
database (either mysql or postgresql at present.).

PR:             ports/77044, ports/77322
Submitted by:   Paul Schmehl <pauls@utdallas.edu>

14:53 sergei 

Add security/ppars - Proactive Abuse Reporting System:

In an effort to be proactive in doing my part to stop the massive
quantities of internet traffic probing for open ports or more
specifically the probing for known ports that MS Windows spyware,
Trojans, and whatever other MS Windows ports are commonly probed
which result in increasing my bandwidth usage charges, I wrote this
perl application for reporting that abuse to the sender's ISP, with
the hopes they will monitor the abuser and terminate the abuser's
internet account and or take legal action.

WWW:    http://www.dshield.org/linux_clients.php#freebsd
Author: Joe Barbish <fbsd_user@a1poweruser.com>

PR:             ports/68662
Submitted by:   Joe Barbish <fbsd_user@a1poweruser.com>

14:20 sergei 

Add security/ipfilter2dshield:

This perl script is an official DShield client whose purpose is to
read your FreeBSD ipfilter firewall ipmon log file and convert the
log records to the standard DShield reporting record format, and
embed the converted log records into the body of an email that gets
sent to DShield for automatic addition to their database and abuse
reporting to the offenders ISP if you are an subscribed DShield member.

PR:             ports/68661
Submitted by:   Joe Barbish <fbsd_user@a1poweruser.com>

18:59 sumikawa 

"racoon2" is a system to exchange and to install security parameters
for the IPsec.

Currently the system supports the following specification:

        Internet Key Exchange (IKEv2) Protocol
        draft-ietf-ipsec-ikev2-17.txt
        (The IKE daemon is not included in the current release due to IPR issue)

        Kerberized Internet Negotiation of Keys (KINK)
        draft-ietf-kink-kink-06.txt

        PF_KEY Key Management API, Version 2
        RFC2367

The following protocols will be supported soon.

        The Internet Key Exchange (IKE)
        RFC2409

WWW: http://www.kame.net/

This port was repocopied from secutiry/racoon.
PR:             ports/76814

13:07 pav 

cryptopp-php is a cryptography extension for PHP based on Wei Dai's
Crypto++, a free C++ crypto library.

PR:             ports/76810
Submitted by:   Thomas Melzer <tmelzer@tomesoft.de>

18:43 pav 

PEAR user authentication and permission management framework

LiveUser_Admin is meant to be used with the LiveUser package.
It is composed of all the classes necessary to administrate
data used by LiveUser.

PR:             ports/76677
Submitted by:   Antonio Carlos Venancio Junior <antonio@php.net>

17:57 adamw 

libgnomesu is a library for providing superuser privileges to GNOME
applications. It supports consolehelper, PAM and su.

libgnomesu will use one the following services (in order of priority),
depending on which one is available:
- consolehelper
- PAM
- su

libgnomesu will use the su-based backend as final fallback, if no other
services are available. This service uses a backend which is a modified
version of GNU su.

libgnomesu comes with the GUI frontend 'gnomesu' and a Nautilus component
for Nautilus integration.

WWW: http://members1.chello.nl/~h.lai/libgnomesu/

16:55 niels 

Added p5-SAVI-Perl, a perl interface module to Sophos Anti virus.

PR:             ports/65310
Approved by:    nectar (mentor)
Submitted by:   Gary Hayers <gary(at)hayers.net>

10:24 niels 

New port: unicornscan, a UDP and TCP portscanner that can be used
for information gathering using fingerprinting (p0f based) and
banner grabbing techniques.

PR:             ports/72752
Submitted by:   Jon Passki <cykyc(at)yahoo.com>
Approved by:    nectar (mentor)

17:28 sem 

New port: security/py-clamav A python binding to libclamav written in C

PR:             ports/75539
Submitted by:   Marcus Grando <marcus(at)corp.grupos.com.br>

01:42 lioux 

New port gnu-crypto version 2.0.1: Java cryptographic primitives
and tools

21:52 sem 

This is the Metasploit Project.

PR:             ports/74558
Submitted by:   Yonatan <onatan(at)gmail.com>

13:46 niels 

PR: ports/71050
Submitted by: Philippe Rocques <phil(at)teaser.fr>
Approved by: nectar (mentor)

22:23 imp 

WPA supplicant daemon for 802.11 networks.

Submitted by: sam

22:16 imp 

Add hostapd, for software host 802.11 access points.

Submitted by: sam@

05:28 marcus 

Add gpgme03 after a repocopy from ports/security/gpgme.  Gpgme03 is the older
0.3.x version of gpgme needed by a few ports.  The security/gpgme port
itself will be updated to 1.0.x.

20:47 sem 

A command line idea encryption and decryption utility written by
Dr. Richard De Moliner.

Permission by the Author Dr. Richard De Moliner has been granted.

PR:             ports/72337
Submitted by:   Emanuel Haupt <ehaupt@critical.ch>

11:21 edwin 

New port: security/pear-LiveUser PEAR user authentication and
permission management framework

        LiveUser is a set of classes for dealing with user
        authentication and permission management. Basically, there
        are three main elements that make up this package:

        * The LiveUser class
        * The Auth containers
        * The Perm containers

        Currently available are containers using:
        PEAR::DB, PEAR::MDB, PEAR::MDB2, PEAR::XML_Tree and PEAR::Auth.

PR:             ports/74528
Submitted by:   Ant?nio Carlos Ven?ncio J?nior <antonio@php.net>

05:33 edwin 

New port: security/pear-Crypt_RC4 PEAR encryption class for RC4 encryption

        PEAR RC4 encryption class.

PR:             ports/74384
Submitted by:   Antônio Carlos Venâncio Júnior <antonio@php.net>

22:33 sem 

Obfuscates email addresses.

PR:             ports/73949
Submitted by:   Aaron Dalton <aaron(at)daltons.ca>

22:36 brooks 

Add security/hpn-ssh, a high performance SSH based on OpenSSH, after a
repo-copy from security/openssh-portable.

HPN-SSH is a set of patches to improve the perfomance of bulk transfers
such as scp over long-fat pipes.

Repocopy by:    marcus

21:10 pav 

Add spike-proxy, a professional-grade tool for looking for application-level
vulnerabilities in web applications. SPIKE Proxy covers the basics, such as SQL
Injection and cross-site-scripting, but it's completely open Python
infrastructure allows advanced users to customize it for web applications that
other tools fall apart on.

PR:             ports/69943
Submitted by:   Yonatan <Yonatan@Xpert.com>

00:20 pav 

Add pear-File_Passwd, class to manipulate and authenticate against standard
Unix,
SMB server, AuthUser (.htpasswd), AuthDigest (.htdigest), CVS pserver
and custom formatted password files.

PR:             ports/73716
Submitted by:   Antonio Carlos Venancio Junior <antonio@php.net>

16:39 sergei 

Add security/sks - SKS OpenPGP Key Server:

SKS is a new OpenPGP keyserver whose goal is to provide easy to deploy,
decentralized, and highly reliable synchronization. That means that a
key submitted to one SKS server will quickly be distributed to all key
servers; and even wildly out-of-date servers, or servers that experience
spotty connectivity, can fully synchronize with rest of the system.

Refer to the online wiki for pointers on downloading a full copy of the
public PGP databse (about 4Gb) and on customising the local configuration
http://documentation.penguin.de/cgi-bin/twiki/view/SKSKeyserver/WebHome

WWW:    http://www.nongnu.org/sks/

PR:             ports/72842
Submitted by:   Johan van Selst <johans@stack.nl>

13:43 skv 

Massive ports move to better categories.

18:03 trevor 

Remove the md5crk port.  The cracking effort was ended after a
method for generating messages with colliding MD5 digests was
published ("Collisions for Hash Functions MD5, MD5, HAVAL-128 and
RIPEMD" by Xiaoyun Wang, Dengguo Feng, Xuejia Lai and Hongbo Yu).

23:04 marcus 

Add gnomekeyringmanager.

13:45 skv 

Add p5-POE-Component-SSLify 0.03, integrate SSL into POE.

12:10 skv 

Add p5-Filter-Crypto 1.00,
create runnable Perl files encrypted
with OpenSSL libcrypto.

17:21 lofi 

Add pinentry-gtk2, a GTK+ 2.0 version of the GnuPG password dialog

PR: ports/73199
Submitted by:   Jean-Yves Lefort <jylefort@brutele.be>

20:04 cy 

Introduce sudosh (sudo shell) into the Ports Tree.

13:28 des 

Add Auth_HTTP 2.0 from PEAR.

01:26 leeym 

Add clamassassin

Clamassassin is a simple virus filter wrapper for ClamAV for use in procmail
filters and similiar applications. Clamassassin's interface is similiar to
that of spamassassin, making it easy to implement for those familiar with
that tool. Clamassassin is designed with an emphasis on security, robustness
and simplicity.

PR:             72698
Submitted by:   Matt <matt@xtaz.net>

08:39 clement 

Add security/pwauth 2.2.8,
A Unix Web Authenticator.

00:45 mharo 

Add opieprint

output postscript with 100 OPIE passwords credit card sized

18:49 marcus 

Add revelation, a password manager for the GNOME 2 desktop.  It stores all
your account and passwords in a single, secure, place, and give you access
to them all through a user-friendly graphical interface.

PR:             70653
Submitted by:   ports@c0decafe.net <ports@c0decafe.net>

17:27 sem 

Doorman is a port knocking implementation which allows a server to run
silently, invisibly, with all TCP ports closed except to those who know...
the secret knock!

PR:             ports/70186
Submitted by:   Aaron Dalton <aaron@daltons.ca>

08:18 krion 

Add pft 1.2,

libPJL- Printer Job Language library A library and a
command-line tool to use PJL- HP Printer Job Language

PR:             ports/69382
Submitted by:   Yonatan <Yonatan@xpert.com>

09:37 sem 

* lcrzoex tools was renamed to netwox
* update to 5.20.0 and move to net-mgmt category
* new maintainer

PR:             ports/69609
Submitted by:   Janos Mohacsi <janos.mohacsi@bsd.hu>

08:54 sem 

* lcrzo library was renamed to netwib
* update to 5.20.0 and move to net category
* new maintainer

PR:             ports/69608
Submitted by:   Janos Mohacsi <janos.mohacsi@bsd.hu>

00:35 vanilla 

Add clamsmtp 0.4, an ClamAV anti-virus SMTP Filter.

PR:             ports/69739
Submitted by:   Cheng-Lung Sung <clsung@dragon2.net>

13:40 mat 

Add p5-Crypt-SmbHash 0.02, Perl module implementing lanman and nt md4
hash functions.

PR:             ports/69640
Submitted by:   Florent Thoumie <flz@xbsd.org>

21:43 pav 

Add manipulate_data, a set of tools to search data on a
harddrive/partition/file,
extract the part you are interested in, and write it back after you modified it.

PR:             ports/69555
Submitted by:   bugghy <bugghy@phenix.rootshell.be>

09:19 ale 

Add a new shared extension for PHP.

09:19 ale 

Add a new shared extension for PHP.

09:18 ale 

Add a new shared extension for PHP.

08:31 ale 

Add a new shared extension for PHP.

08:30 ale 

Add a new shared extension for PHP.

08:29 ale 

Add a new shared extension for PHP.

08:28 ale 

Add a new shared extension for PHP.

06:04 edwin 

New port: devel/slb_rf60

        This is a pcsc-lite driver for the Schlumberger Reflex 62/64
        serial smartcard reader

        This port should be filed under "security/ifd-slb_rf60"
        because there are already some other pcsc-lite drivers
        follow this convention.

        I also made a few minor changes because of portlint warnings,
        so please apply this patch and rename the directory to
        "ifd-slb_rf60" before committing.

PR:             ports/63120
Submitted by:   Toni Andjelkovic <toni@soth.at>

13:11 krion 

Add fcrackzip 0.3,

Fcrackzip is a fast and featureful ZIP password cracker,
written in portable C (and optional x86 assembly). It allows
the user to recover forgotten ZIP archive passwords, using
either a brute force or dictionary attack on the provided
files.

PR:             ports/69159
Submitted by:   Stefan Walter <sw@gegenunendlich.de>

11:36 mat 

Add md5deep 1.3, program to compute MD5 and SHA1 message digests
recursively.

PR:             ports/69124
Submitted by:   Frank Laszlo <laszlof@vonostingroup.com>

15:08 pav 

Add gnome-password-generator, a small GUI utility to generate random passwords.

PR:             ports/68984
Submitted by:   Sergey Akifyev <asa@gascom.ru>

16:43 eik 

Add NetBSD rdigest from
  <ftp://ftp.netbsd.org/pub/NetBSD/packages/pkgsrc/pkgtools/rdigest/README.html>

09:35 linimon 

As previously announced, remove drwebd.  Its functionality is already
included in security/drweb.

15:34 lth 

Add p5-Digest-MD5-M4p 0.01,
Perl interface to a variant of the MD5 algorithm.

Approved by:    erwin (implicit)

02:37 lioux 

New port pam_pGina version 1.1.3: Daemon for allowing a pGina plugin
to authenticate against Unix PAM

11:10 vs 

Add dazuko 2.0.2, a common interface for 3rd party file access control.

PR:             ports/63624
Submitted by:   Rob Evers <rob@debank.tv>

23:40 kris 

Remove expired ports, plus the three ports that depended on them.

22:43 eik 

portaudit-db generates a portaudit database from a current
ports tree. It also features a file `database/portaudit.txt'
where UUIDs for vulnerabilities can be allocated quickly
before they are moved to the VuXML database.

Call `packaudit' after upgrading your ports tree.

13:51 pav 

Add ipfw2dshield, a script for parsing ipfw log messages and submitting reports
to dshield.org (visit http://www.dshield.org for more info).

PR:             ports/67754
Submitted by:   Frank W. Josellis <frank@dynamical-systems.org>

07:30 krion 

Add tor 0.0.6.2, an anonymizing overlay network for TCP.

Onion Routing is a connection-oriented anonymizing
communication service. Users choose a source-routed path
through a set of nodes, and negotiate a "virtual circuit"
through the network, in which each node knows its predecessor
and successor, but no others. Traffic flowing down the circuit
is unwrapped by a symmetric key at each node, which reveals the
downstream node.

WWW: http://freehaven.net/tor/

PR:             ports/67305
Submitted by:   freebsd-ports@rikrose.net