14:08 miwi 

Prelude is a new innovative hybrid Intrusion Detection system designed
to be very modular, distributed, rock solid and fast.

Prelude-PFlogger Listens at OpenBSD PF redirect logged packet, and
send alerts to the Prelude Manager.

WWW: http://www.prelude-ids.org/

PR:             ports/134746
Submitted by:   Anders Troback <freebsd at troback.com>

01:34 acm 

- New port: security/gambas2-gb-crypt

The gambas crypt encription component

17:51 glarkin 

This module comes with a set of methods to use with htaccess password
files. These files (and htaccess) are used to do Basic Authentication
on a web server.

The password file is a flat-file with login names and their associated
crypted password. You can use this for non-Apache files if you wish,
but it was written specifically for .htaccess style files.

WWW:    http://search.cpan.org/dist/Apache-Htpasswd/

23:21 miwi 

It will transparently hijack HTTP traffic on a network, watch for HTTPS links
and redirects, then map those links into either look-alike HTTP links or
homograph-similar HTTPS links. It also supports modes for supplying a
favicon which looks like a lock icon, selective logging, and session denial.

WWW:    http://www.thoughtcrime.org/software/sslstrip/

PR:             ports/134021
Submitted by:   Matt Donovan <kitchetech@gmail.com>

17:15 miwi 

py-pylibacl -- Manipulate the POSIX.1e Access Control Lists with python

WWW:    http://pylibacl.sourceforge.net/

PR:             ports/133846
Submitted by:   joris

13:20 wxs 

Download and install definition files for Clamav from the following sites:

sanesecurity.com
malware.com.br
msrbl.com
clamav.securiteinfo.com

WWW: https://sourceforge.net/projects/scamp/

PR:             ports/133248
Submitted by:   Gerard Seibert <gerard@seibercom.net>

17:47 lwhsu 

Add libssh 0.2, a library implementing the SSH1 and SSH2 protocol.

PR:             ports/133657
Submitted by:   Alexander Logvinov <ports at logvinov.com>

20:51 linimon 

Remove expired port security/cutlass: does not work with current version
of security/botan.

16:15 bsam 

Add linux-f8-nss 3.12.2, network Security Services (Linux Fedora 8).

16:09 bsam 

Add linux-f8-libssh2 0.18, the library implementing the SSH2 protocol
(Linux Fedora 8).

15:25 bsam 

Here are new Linux Fedora 8 infrastructure ports.

The recommended version of FreeBSD to use them is 8-CURRENT.
FreeBSD-7.x is not fully compatible with compat.linux.osrelease
2.6.16. Some syscalls cannot be MFCed due to native FreeBSD
ABI breakage.

Usage (and package building):
1. define compat.linux.osrelease=2.6.16;
2. add following variables to /etc/make.conf:
   . OVERRIDE_LINUX_BASE_PORT=f8;
   . OVERRIDE_LINUX_NONBASE_PORTS=f8.

Approved by:    bsam (me) ;-)

09:39 miwi 

Pairing-based cryptography is a relatively young area of cryptography
that revolves around a certain function with special properties.

The PBC (Pairing-Based Cryptography) library is a free C library
(released under the GNU Public License) built on the GMP library that
performs the mathematical operations underlying pairing-based
cryptosystems.

The PBC library is designed to be the backbone of implementations of
pairing-based cryptosystems, thus speed and portability are important
goals. It provides routines such as elliptic curve generation, elliptic
curve arithmetic and pairing computation. Thanks to the GMP library,
despite being written in C, pairings times are reasonable.

WWW:    http://crypto.stanford.edu/pbc/

PR:             ports/133172
Submitted by:   Wen Heping <wenheping at gmail.com>

12:01 makc 

connect qca-cyrus-sasl and qca-gnupg to build

00:31 wxs 

- Connect unhide to the build.

PR:             ports/132131
Submitted by:   Nikos Ntarmos <ntarmos@cs.uoi.gr>

07:45 miwi 

SSH key-based authentication is tried-and-true, but it lacks a true
Public Key Infrastructure for key certification, revocation and
expiration.  Monkeysphere is a framework that uses the OpenPGP web of
trust for these PKI functions.  It can be used in both directions: for
users to get validated host keys, and for hosts to authenticate users.

WWW: http://web.monkeysphere.info/

PR:             ports/128406
Submitted by:   Daniel Kahn Gillmor <dkg at fifthhorseman.net>

23:31 miwi 

- Connect security/py-pyclamd to the build

23:36 gabor 

HotSSH is an interface to Secure Shell, for GNOME and OpenSSH. It
intends to be a better experience than simply invoking "ssh" from an
existing terminal window.

   * Fast search-based interface for new connections
   * Also display and search of local (Avahi) SSH servers
   * Tabbed display with automatic session saving (Firefox style)
   * Status bar with information like latency to server and output of
     remote uptime
   * Close integration with OpenSSH features like connection sharing
     (near-instant new tabs)
   * NetworkManager integration to easily reconnect after a network
     change, great for laptops

WWW:    http://projects.gnome.org/hotssh/

PR:             ports/131133
Submitted by:   Ashish Shukla <wahjava at gmail.com>

11:27 miwi 

The OpenPGP SDK project provides an open source library, written in C,
which implements the OpenPGP specification.

WWW:    http://openpgp.nominet.org.uk/

21:25 miwi 

py-PF is a pure-Python module for managing OpenBSD's Packet Filter. It aims
to combine the flexibility of PF's C API and the power of Python, making it
easier to manage PF data and to integrate firewalling capabilities in more
complex applications.

WWW:    http://www.kernel-panic.it/software/py-pf/

PR:             ports/131463
Submitted by:   Sofian Brabez <sbrabez at gmail.com>

16:52 miwi 

The Nmap::Parser library provides a Ruby interface to
Nmap's scan data.  It can run Nmap and parse its XML
output directly from the scan, parse a file containing
the XML data from a separate scan, parse a String of
XML data from a scan, or parse XML data from an object
via its read() method.  This information is presented
in an easy-to-use and intuitive fashion for storage
and manipulation.

WWW: http://rubynmap.sourceforge.net/

PR:             ports/131516
Submitted by:   Daniel Roethlisberger <daniel at roe.ch>

12:46 gabor 

Crypt::Juniper - Encrypt/decrypt Juniper $9$ secrets

WWW:    http://search.cpan.org/dist/Crypt-Juniper/

PR:             ports/131126
Submitted by:   Tsung-Han Yeh <snowfly at yuntech.edu.tw>

12:45 gabor 

The Mcrypt modules provides and simple and inuitive perl abstraction of the
libmcrypt cryptography library.  It provide mechanisms for encoding and
decoding perl scalars.

WWW: http://search.cpan.org/dist/Mcrypt/

PR:             ports/131051
Submitted by:   Tatsuki Makino <tatsuki_makino@hotmail.com>

22:38 miwi 

2009-01-19 games/emacs-chess: has been broken for more than 6 months
2009-02-01 devel/subversion-devel: Use devel/subversion or
devel/subversion-freebsd instead of this port
2009-01-19 devel/hs-hat: has been broken for more than 6 months
2009-01-19 devel/hs-hpl: has been broken for more than 6 months
2009-01-19 databases/mysqlbigram: has been broken for more than 6 months
2009-01-19 mail/claws-mail-clamav: has been broken for more than 6 months
2009-01-19 mail/sylpheed2-devel: has been broken for more than 6 months
2009-01-19 www/pecl-mnogosearch: has been broken for more than 6 months
2009-01-31 x11-fonts/mathfonts: This port was supported by Mozilla 1.8
(including Firefox 2.0) - to be replaced by  STIX fonts for Firefox 3.x
2009-01-19 x11-wm/fluxspace: has been broken for more than 6 months
2009-01-31 x11-wm/expocity: project has been abandoned
2009-01-19 x11/bbuname: has been broken for more than 6 months
2009-01-19 security/squidclam: has been broken for more than 6 months
2009-01-19 print/virtualpaper: depends on broken, expired port
2009-01-19 print/ifhp: has been broken for more than 6 months
2009-01-19 net-p2p/peercast: has been forbidden for more than 6 months
2009-01-19 palm/pdbc: has been broken for more than 6 months
2009-01-19 net-mgmt/NeTraMet: has been broken for more than 6 months
2009-01-19 net-im/sulci: has been broken for more than 6 months
2009-01-19 multimedia/mjpegtools-yuvfilters: has been broken for more than 6
months
2009-01-19 multimedia/helixplayer: has been broken for more than 6 months
2009-01-19 lang/quack: has been broken for more than 6 months
2009-01-19 misc/pybliographer: has been broken for more than 6 months
2009-01-19 net/versuch: has been broken for more than 6 months
2009-01-19 net/py-mantissa: has been broken for more than 6 months
2009-01-19 net/libunpipc: has been broken for more than 6 months
2009-01-19 net/gnometelnet: has been broken for more than 6 months
2009-01-19 net/gacxtool: depends on expired, broken port
2009-01-19 devel/py-coro: has been broken for more than 6 months
2009-01-19 chinese/stardict2-dict-zh_TW: has been broken for more than 6 months
2009-01-19 x11-themes/gtk-industrial-theme: has been broken for more than 6
months

23:47 pgj 

This package provides efficient cryptographic hash implementations for
strict and lazy bytestrings for the functional programming language
Haskell.

WWW: http://hackage.haskell.org/cgi-bin/hackage-scripts/package/digest

Reviewed by:    gabor
Approved by:    tabthorpe

16:06 cy 

Add sudosh2.

18:22 pgollucci 

Fail2ban scans log files like /var/log/pwdfail or /var/log/apache/error_log
and bans IP that makes too many password failures. It updates
firewall rules to reject the IP address.

WWW: http://www.fail2ban.org/wiki/index.php/Main_Page

05:22 marcus 

Presenting GNOME 2.24 for FreeBSD.

See http://library.gnome.org/misc/release-notes/2.24/ for the general
release notes.  On the FreeBSD front, this release introduces Fuse support
in HAL, adds multi-CPU support to libgtop, WebKit updates, and fixes some
long-standing seahorse and gnome-keyring bugs.  The documentation updates
to the website are forthcoming.

This release features commits by adamw, ahze, kwm, mezz, and myself.  It would
not have been possible without are contributors and testers:

Alexander Loginov
Craig Butler [1]
Dmitry Marakasov [6]
Eric L. Chen
Joseph S. Atkinson
Kris Moore
Lapo Luchini [7]
Nikos Ntarmos
Pawel Worach
Romain Tartiere
TAOKA Fumiyoshi [3]
Yasuda Keisuke
Zyl
aZ [4]
bf [2] [5]
Florent Thoumie
Peter Wemm
pluknet

PR:             125857 [1]
                126993 [2]
                130031 [3]
                127399 [4]
                127661 [5]
                124302 [6]
                129570 [7]
                129936
                123790

16:35 dinoex 

- disconnect openssl-beta

07:21 novel 

Re-add gnutls-devel port at version 2.7.4.

13:49 dinoex 

- disconnect openssl-stable

11:27 johans 

PyMe is a Python interface to GPGME library.

PyMe's development model is GPGME + Python + SWIG (just like m2crypto is
an OpenSSL + Python + SWIG) combination which means that most of the
functions and types are converted from C into Python automatically by SWIG.
In short, to be able to use PyMe you need to be familiar with GPGME.

WWW:    http://pyme.sourceforge.net/

09:05 ale 

Remove pecl-filter in favour of php5-filter.

Approved by:    maintainer

09:01 ale 

Add php5 filter extension.

08:58 ale 

Add php5 hash extension.

15:57 miwi 

- Connect security/opensaml2

00:20 amdmi3 

Lynis is an auditing tool for Unix (specialists). It scans the
system and available software, to detect security issues. Beside
security related information it will also scan for general system
information, installed packages and configuration mistakes.

This software aims in assisting automated auditing, software patch
management, vulnerability and malware scanning of Unix based systems.
It can be run without prior installation, so inclusion on read only
storage is no problem (USB stick, cd/dvd).

WWW: http://www.rootkit.nl/projects/lynis.html
Author: Michael Boelen

PR:             128909
Submitted by:   Cory McIntire <loon at noncensored dot com>

01:09 cy 

Retire fwbuilder and libfwbuilder version 2. They are no longer supported
by their developer.

16:08 araujo 

- libpwstor is a library implementing a password storage format
for C programmers.  This format provides a reasonable level of
security by utilizing SHA-256 in addition to a random salt to
mitigate dictionary and rainbow table attacks.

WWW: http://sourceforge.net/projects/kageki

PR:             ports/128328
Submitted by:   Matt D. Harris <mattdharris@users.sourceforge.net>
Reworked by:    myself

21:43 miwi 

Tuntun is an applet for Gnome panel that manage a list of vpn connections
through the OpenVPN Management Interface.

Main features

 * Simple & lightweight just a client GUI to start/stop your OpenVPN tunnels
   and nothing more
 * Integrated with the Gnome Desktop (support for the Keyring and notification
   daemon)
 * Support for Auth and Private-Key OpenVPN authentication methods

 WWW:   http://code.google.com/p/tuntun/

PR:             ports/128097
Submitted by:   Anderson S. Ferreira <anderson at cnpm.embrapa.br>

14:09 roam 

Initial import of paperkey-0.8, a simple tool for extracting the truly
secret parts of a PGP secret key for backup purposes.

Obtained from:  http://www.jabberwocky.com/software/paperkey/
Author:         David Shaw <dshaw@jabberwocky.com>

14:03 ehaupt 

Add op 1.32, controlled privilege escalation tool

08:09 miwi 

HTML_Crypt provides methods to encrypt text, which can be later be decrypted
using JavaScript on the client side.

This is very useful to prevent spam robots collecting email addresses from your
site, included is a method to add mailto links to the text being generated.

WWW:    http://pear.php.net/package/HTML_Crypt

08:08 miwi 

This package allows you to encrypt and decrypt strings or long integer arrays
with the XXTEA encryption algorithm, which is secure, fast and suitable for web
development.

WWW:    http://pear.php.net/package/Crypt_XXTEA

08:07 miwi 

Provides methods needed to generate and verify MicroIDs.

WWW:    http://pear.php.net/package/Crypt_MicroID/

14:23 miwi 

pycryptopp is a set of Python wrappers for a few of
the best crypto algorithms from the Crypto++ library.

WWW:   http://allmydata.org/trac/pycryptopp

PR:             ports/126977
Submitted by:   Wen Heping <wenheping at gmail.com>

23:03 jmelo 

- Add entry for security/snortsam.

21:32 cy 

Welcome fwbuilder and libfwbuilder 3.0.0, replacing 2.1.19. The old version
is deprecated and scheduled for deletion as it is no longer supported by its
author.

07:26 miwi 

This is a Camellia package for Ruby. Camellia engine is implemented in "C".
Supported key length : 128bit/192bit/256bit
Supported modes of operation : ECB/CFB/CBC

WWW:    http://info.isl.ntt.co.jp/crypt/eng/camellia/index.html

PR:             ports/126390
Submitted by:   Yoshisato YANAGISAWA <osho at pcc-software.org>

07:53 marcus 

Add pam_helper, a small utility which allows non-PAM or non-setuid
applications to make use of PAM's authentication services.

10:17 danfe 

Switzerland is a tool for testing networks, ISPs, and firewalls developed
by the Electronic Frontier Foundation (www.eff.org).

WWW: http://www.eff.org/testyourisp/switzerland

00:12 miwi 

Taking a hint from the similarly-named Java Cryptography Architecture,
QCA aims to provide a straightforward and cross-platform crypto
API, using Qt datatypes and conventions. QCA separates the API from
the implementation, using plugins known as Providers. The advantage
of this model is to allow applications to avoid linking to or
explicitly depending on any particular cryptographic library. This
allows one to easily change or upgrade crypto implementations
without even needing to recompile the application. QCA should work
everywhere Qt does, including Windows/Unix/MacOSX.

Capabilities:
TLS, CMS, X.509, RSA, DSA, Diffie-Hellman, PKCS#7, PKCS#12, SHA0,
SHA1, SHA224, SHA256, SHA384, SHA512, MD2, MD4, MD5, RIPEMD160,
Blowfish, DES, 3DES, AES128, AES192, AES256, CAST5, HMAC(SHA1, MD5,
RIPEMD160), PBKDF1(MD2, SHA1), PBKDF2(SHA1)

WWW: http://delta.affinix.com/qca/

13:54 lwhsu 

Add sshguard-ipfilter, protect hosts from brute force attacks against
ssh and other services using ipfilter.

PR:             ports/125975
Submitted by:   Mij <mij at bitchx.it>

03:19 beech 

ssl-admin was designed to create a user-friendly, menu-driven interface
to the OpenSSL programs.

ssl-admin will help you do the following tasks with SSL certificates:
  * Create your own CA certificate.
  * Create new Certificate Signing Requests
  * Sign existing Certificate Signing Requests
  * Manage Certificate Revokation Lists
  * Export configurations and certificates for OpenVPN.

PR:             ports/125875
Submitted by:   Eric Crist <ecrist at secure-computing.net>

13:20 wxs 

New port: FlowTag is a GUI interface for exploring the TCP flows in a
PCAP file.  It's strengths lie in:

   * rapid reconstruction of flows (via indexing),
   * visual selection of source IP and destination TCP ports;
   * filtering by time, packet count, and/or byte count
   * tagging flows with keywords

PR:             ports/125624
Submitted by:   Lee Hinman <lee@writequit.org>

04:27 beech 

- New port p5-Crypt-OpenSSL-AES-0.02

The Crypt::OpenSSL::AES module implements a wrapper around
OpenSSL's AES (Rijndael) library.

PR:             ports/125387
Submitted by:   John Ferrell <jdferrell3 at yahoo.com>

21:35 pav 

Ratproxy is a semi-automated, largely passive web application security audit
tool. It is meant to complement active crawlers and manual proxies more
commonly used for this task, and is optimized specifically for an accurate and
sensitive detection, and automatic annotation, of potential problems and
security-relevant design patterns based on the observation of existing,
user-initiated traffic in complex web 2.0 environments.

WWW: http://code.google.com/p/ratproxy/

PR:             ports/125249
Submitted by:   Steven Kreuzer <skreuzer@exit2shell.com>

23:06 araujo 

Net::SSH::Gateway is a library for programmatically tunneling connections to
servers via a single "gateway" host. It is useful for establishing Net::SSH
connections to servers behind firewalls, but can also be used to forward ports
and establish connections of other types, like HTTP, to servers with i
restricted access.

* Easily manage forwarded ports
* Establish Net::SSH connections through firewalls

WWW: http://net-ssh.rubyforge.org/gateway

PR:             ports/125053
Submitted by:   Philip M. Gollucci <pgollucci@p6m7g8.com>

23:03 araujo 

Net::SCP is a pure-Ruby implementation of the SCP protocol. This operates over
SSH (and requires the Net::SSH library), and allows files and directory trees
to copied to and from a remote server.

* Transfer files or entire directory trees to or from a remote host via SCP
* Can preserve file attributes across transfers
* Can download files in-memory, or direct-to-disk
* Support for SCP URI's, and OpenURI

WWW: http://net-ssh.rubyforge.org/scp

PR:             ports/125052
Submitted by:   Philip M. Gollucci <pgollucci@p6m7g8.com>

16:48 simon 

Retire the ca-roots ports, which expired long ago.

The port is deprecated since it is not supported by the FreeBSD
Security Officer anymore.  The reason for this is that the ca-roots
port makes promises with regard to CA verification which the current
Security Officer (and deputy) do not want to make.

For people who need a general root certificate list see the
security/ca_root_ns, but note that the difference in guarantees with
regard to which CAs are included in ca_root_ns vs. ca-roots.  The
ca_root_ns port basically makes no guarantees other than that the
certificates comes from the Mozilla project.

Note that the ca-roots MOVED file entry on purpose does not point at
ca_root_ns due to the change in CA guarantees.

With hat:       security-officer

06:31 linimon 

s/pear-Auth_OpenID2/php-Auth_OpenID2/ to go with what was actually
repocopied.

Reported by:    portsmon

13:04 edwin 

[repocopy] security/php-Auth_OpenID -> security/php-Auth_OpenID2

        Now supporting OpenID protocol version 2

PR:             ports/124737
Submitted by:   Edwin Groothuis <edwin@mavetju.org>

17:34 novel 

Remove security/gnutls-devel for a time while the experimental branch
is not active.

23:15 pav 

- Delete expired security/amavisd port: depends on misc/compat3x, which has
  security problems; old version

21:00 pav 

- Expired: No longer supported. Use p5-openxpki-client-html-mason instead

19:01 pav 

Delete security/cyrus-sasl, it has been expired for a year and a half.

03:43 edwin 

New port: security/fwknop fwknop,"FireWall KNock OPerator", implements
Single Packet Authorization (SPA).

        fwknop stands for the "FireWall KNock OPerator", and
        implements an authorization scheme called Single Packet
        Authorization (SPA). This method of authorization is based
        around a default-drop packet filter (fwknop supports both
        iptables on Linux systems and ipfw on FreeBSD and Mac OS X
        systems) and libpcap.

        SPA requires only a single encrypted packet in order to
        communicate various pieces of information including desired
        access through an iptables policy and/or complete commands
        to execute on the target system. By using iptables to
        maintain a "default drop" stance, the main application of
        this program is to protect services such as OpenSSH with
        an additional layer of security in order to make the
        exploitation of vulnerabilities (both 0-day and unpatched
        code) much more difficult. With fwknop deployed, anyone
        using nmap to look for sshd can't even tell that it is
        listening; it makes no difference if they have a 0-day
        exploit or not. The authorization server passively monitors
        authorization packets via libcap and hence there is no
        "server" to which to connect in the traditional sense.
        Access to a protected service is only granted after a valid
        encrypted and non-replayed packet is monitored from an
        fwknop client (see the following network diagram; the SSH
        session can only take place after the SPA packet is monitored):

PR:             ports/118229
Submitted by:   Sean Greven <sean.greven@gmail.com>

19:40 jadawin 

SpyBye is a tool to help web masters determine if their web pages
are hosting browser exploits that can infect visiting users with
malware. It functions as an HTTP proxy server and intercepts all
browser requests. SpyBye uses a few simple rules to determine if
embedded links on your web page are harmlesss, unknown or maybe
even dangerous.

SpyBye analyzes all downloads in the background and provides you
with a warning notification whenever it encounters content that
is potentially malicious. At that point, you can click on the link
in the notification and receive a more detailed analysis of the web page.

WWW: http://www.spybye.org/

PR:             ports/123945
Submitted by:   Paul Schmel <pauls utdallas.edu>
Approved by:    tabthorpe (mentor)

13:19 edwin 

[NEW PORT] security/openvas-server: A security scanner: a fork of Nessus

        OpenVAS stands for Open Vulnerability Assessment System and
        is a network security scanner with associated tools like a
        graphical user fontend. The core is a server component with
        a set of network vulnerability tests (NVTs) to detect
        security problems in remote systems and applications.

        WWW: http://www.openvas.org/

PR:             ports/123128
Submitted by:   Tomoyuki Sakurai <cherry@trombik.org>

13:17 edwin 

[NEW PORT] security/openvas-plugins: Plugins for OpenVAS

        OpenVAS stands for Open Vulnerability Assessment System and
        is a network security scanner with associated tools like a
        graphical user fontend. The core is a server component with
        a set of network vulnerability tests (NVTs) to detect
        security problems in remote systems and applications.

        WWW: http://www.openvas.org/

PR:             ports/123130
Submitted by:   Tomoyuki Sakurai <cherry@trombik.org>

13:15 edwin 

[NEW PORT] security/openvas-libraries: Libraries for OpenVAS

        OpenVAS stands for Open Vulnerability Assessment System and
        is a network security scanner with associated tools like a
        graphical user fontend. The core is a server component with
        a set of network vulnerability tests (NVTs) to detect
        security problems in remote systems and applications.

        WWW: http://www.openvas.org/

PR:             ports/123127
Submitted by:   Tomoyuki Sakurai <cherry@trombik.org>

13:14 edwin 

[NEW PORT] security/openvas-libnasl: NASL libraries for OpenVAS

        OpenVAS stands for Open Vulnerability Assessment System and
        is a network security scanner with associated tools like a
        graphical user fontend. The core is a server component with
        a set of network vulnerability tests (NVTs) to detect
        security problems in remote systems and applications.

        WWW: http://www.openvas.org/

PR:             ports/123129
Submitted by:   Tomoyuki Sakurai <cherry@trombik.org>

13:12 edwin 

[NEW PORT] security/openvas-client: A GUI client for OpenVAS

        OpenVAS stands for Open Vulnerability Assessment System and
        is a network security scanner with associated tools like a
        graphical user fontend. The core is a server component with
        a set of network vulnerability tests (NVTs) to detect
        security problems in remote systems and applications.

        WWW: http://www.openvas.org/

PR:             ports/123131
Submitted by:   Tomoyuki Sakurai <cherry@trombik.org>

02:49 lippe 

SquidClamAV is an interface to perform antivirus checks on data passing through
Squid Proxy.

WWW: http://www.samse.fr/GPL/squidclamav/

PR:             ports/119236
Submitted by:   Laurent LEVIER <llevier@argosnet.com>
Approved by:    araujo (mentor)

21:01 brix 

This is the base class for a system of objects that encapsulate
passphrases.  An object of this type is a passphrase recogniser: its
job is to recognise whether an offered passphrase is the right one.
For security, such passphrase recognisers usually do not themselves
know the passphrase they are looking for; they can merely recognise it
when they see it.  There are many schemes in use to achieve this
effect, and the intent of this class is to provide a consistent
interface to them all, hiding the details.

The CPAN package Authen::Passphrase contains implementations of
several specific passphrase schemes in addition to the base class.

WWW: http://search.cpan.org/dist/Authen-Passphrase/

Approved by:    erwin (mentor)

20:59 brix 

Perl XS interface for a portable traditional crypt function.

WWW: http://search.cpan.org/dist/Crypt/UnixCrypt_XS/

Approved by:    erwin (mentor)

20:58 brix 

Eksblowfish is a variant of the Blowfish cipher, modified to make the
key setup very expensive.  ("Eks" stands for "expensive key
schedule".)  This doesn't make it significantly cryptographically
stronger, but is intended to hinder brute-force attacks.  It also
makes it unsuitable for any application requiring key agility.  It was
designed by Niels Provos and David Mazieres for password hashing in
OpenBSD.

Eksblowfish is a parameterised (family-keyed) cipher.  It takes a cost
parameter that controls how expensive the key scheduling is.  It also
takes a family key, known as the "salt".  Cost and salt parameters
together define a cipher family.  Within each family, a key determines
an encryption function in the usual way.

This distribution also includes an implementation of "bcrypt", the
Unix crypt() password hashing algorithm based on Eksblowfish.

WWW: http://search.cpan.org/dist/Crypt-Eksblowfish/

Approved by:    erwin (mentor)

20:57 brix 

This perl module implements the LGI$HPWD password hashing function
from VMS, and some associated VMS username and password handling
functions.

WWW: http://search.cpan.org/dist/Authen-DecHpwd/

Approved by:    erwin (mentor)

19:15 miwi 

2008-05-15 net-p2p/dclibc: Abandoned, not used, website disappeared
2008-04-07 net-mgmt/ap-utils: Does not work with gcc4.2; appears to be abandoned
2008-03-31 multimedia/xfce4-xmms-controller-plugin: Project is dead
2008-05-15 www/pear-HTTP_Session: Use www/pear-HTTP_Session2 instead
2008-05-04 security/bioapitool: All functionallity of this tools has been merged
with pam_bsdbioapi

10:24 rafan 

sqlmap is an automatic SQL injection tool entirely developed in Python. It is
capable to perform an extensive database management system back-end
fingerprint, retrieve remote DBMS databases, usernames, tables, columns,
enumerate entire DBMS, read system files and much more taking advantage of web
application programming security flaws that lead to SQL injection
vulnerabilities.

WWW:    http://sqlmap.sourceforge.net/

PR:             ports/123851
Submitted by:   Tomoyuki Sakurai <cherry at trombik.org>

03:09 rafan 

Pwman3 is a console based password management application.
Pwman3 is written in python. It uses sql for storage
and all data is encrypted when it isn't being viewed on screen.

WWW: http://pwman.bleurgh.com

PR:             ports/123074
Submitted by:   Yarodin <yarodin at gmail.com>

13:19 araujo 

- Project was renamed security/barnyard-sguil6 to security/barnyard-sguil.

PR:             ports/122648, ports/122700
Submitted by:   Paul Schmehl <pauls@utdallas.edu> (maintainer)

18:54 brooks 

Admit I'm never going to actually fix security/drupal4-ldap_integration,
particularly since it's clear no one uses it and remove it from the tree.

23:21 pav 

- Remove, it's ancient and newer version is included in base of all supported
  releases

Suggested by:   sam

06:49 clsung 

EzCrypto is an easy to use wrapper around the poorly documented OpenSSL ruby
library.

Features
    * Defaults to AES 128 CBC
    * Will use the systems OpenSSL library for transparent hardware crypto
      support
    * Single class object oriented access to most commonly used features
    * Ruby like

WWW:  http://ezcrypto.rubyforge.org/

PR:             ports/122805
Submitted by:   Steven Kreuzer

21:15 barner 

Add fprint_demo 0.4, demo and test application for libfprint.

21:15 barner 

Add pam_fprint 0.2, PAM module offering finger print authentication
using libfprint.

21:14 barner 

Add libfprint 0.0.6, library for fingerprint reader devices.

15:50 pav 

- Remove entry for gnome-keyring-manager

Forgotten by:   marcus

07:37 pav 

A Perl module wrapping libzxid. Also zxid.pl, that implements SP in
mod_perl environment, is supplied.

WWW:    http://zxid.org/

PR:             ports/114800
Submitted by:   Gea-Suan Lin <gslin@gslin.org>

16:00 tabthorpe 

2008-02-29 security/acid: development has ceased, use security/base

21:39 miwi 

- Disconnect security/nmapfe (project was renamed to security/zenmap)

21:33 miwi 

- Connect security/zenmap to the build

15:47 danfe 

Add a port of ophcrack, a Windows password cracker based on rainbow tables,
with GTK+ GUI.

WWW: http://ophcrack.sourceforge.net/

04:25 tmclaugh 

- expire port: Long out of date with multiple security issues.
  (Don't worry, openssh-portable is still there.)

10:43 mm 

This is version 2 of PHP OpenID using the PEAR framework.

The PHP OpenID library lets you enable OpenID authentication on sites built
using PHP. It features the OpenID consumer, Store implementations, and an
OpenID server.

WWW:    http://openidenabled.com/php-openid/

09:11 vanilla 

Add yapet 0.1, a curses based password manager.

PR:             ports/121293
Submitted by:   Rafael Ostertag <rafi at guengel.ch>

01:07 miwi 

2007-11-22 x11-themes/indubstrial: yes
2008-01-14 x11-themes/gtk-smooth-engine: Redundant port (now included in
gtk-engines), no release since 2005
2007-09-21 security/amavis-perl: depends on misc/compat3x, which has security
problems
2007-12-31 sysutils/cdbakeoven: Abandonware
2008-01-04 net/gnu-finger: no active development and known security
vulnerabilities.
2007-11-16 misc/seizedesktop: development stalled for years, outdated,
unmaintained

05:58 rafan 

EasyPG is an all-in-one GnuPG interface for Emacs. It consists of two
parts: EasyPG Assistant and EasyPG Library.

EasyPG Assistant is a set of convenient tools to use GnuPG from
Emacs. EasyPG Library is a sort of an elisp port of GPGME, a wrapper
library which provides API to access some of the GnuPG functions.

WWW: http://sourceforge.jp/projects/epg/

PR:             ports/119008
Submitted by:   Shota Iwazaki <iwazaki8 at yahoo.co.jp>

23:24 miwi 

This Module decrypts all kind of Cisco encrypted hashes
also referred to as type 7 passwords. Further you can
encrypt any given string into a encrypted hash that will
be accepted by any Cisco device as an encrypted type 7 password.

WWW:    http://search.cpan.org/dist/Cisco-Hash/

PR:             ports/120498
Submitted by:   Tsung-Han Yeh <snowfly at yuntech.edu.tw>

22:43 miwi 

Implementation of the Diffie-Hellman Key Exchange cryptographic protocol
in PHP5. Enables two parties without any prior knowledge of each other
establish a secure shared secret key across an insecure channel
of communication.

WWW: http://pear.php.net/package/Crypt_DiffieHellman/

PR:             ports/120010
Submitted by:   Ditesh Shashikant Gathani <ditesh at gathani.org>