access granted
Showing 1 - 25 of 2,065 RSS Feed

Files

GNU Privacy Guard 1.4.12
Posted Feb 1, 2012
Site gnupg.org

GnuPG (the GNU Privacy Guard or GPG) is GNU's tool for secure communication and data storage. It can be used to encrypt data and to create digital signatures. It includes an advanced key management facility and is compliant with the proposed OpenPGP Internet standard as described in RFC2440. As such, it is meant to be compatible with PGP from NAI, Inc. Because it does not use any patented algorithms, it can be used without any restrictions.

Changes: A space separated fingerprint is now accepted as a user ID. This allows you to copy and paste the fingerprint from the key listing. Support for the original HKP keyserver was removed. The trustdb is now rebuilt after changing the option --min-cert-level. JPEG detection was improved. More VMS patches are now included. File locking was made more portable. The 32-bit variant of the mingw-w64 toolchain is now supported. Minor bugs were fixed.
tags | tool, encryption
systems | unix
MD5 | f9a65ccd7166d3fdb084454cf7427564
OpenSSL Toolkit 1.0.0g
Posted Jan 19, 2012
Site openssl.org

OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols with full-strength cryptography world-wide.

Changes: This release fixed a DTLS DoS issue which was recently introduced by the fix for CVE-2011-4109.
tags | encryption, protocol
systems | unix
advisories | CVE-2011-4109
MD5 | 07ecbe4324f140d157478637d6beccf1
Fake sshd Tool
Posted Jan 17, 2012
Authored by James Stevenson | Site stev.org

This is a fake sshd which can be used to log common login attempts which are typically used by scammers / spammers / script kiddies to attempt to gain access to servers. It does not modify OpenSSH and uses libssh instead. There is no valid way to login to a shell, can be used to tarpit / delay attackers and can be used to steal the entries used in a dictionary attack.

tags | tool, shell, encryption
MD5 | e7d4f36de596e2a2e00b56015c6f0750
OpenSSL Toolkit 1.0.0f
Posted Jan 7, 2012
Site openssl.org

OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols with full-strength cryptography world-wide.

Changes: A fix was introduced for a security issue where an extension of the Vaudenay padding oracle attack on CBC mode encryption enables an efficient plaintext recovery attack against the OpenSSL implementation of DTLS. Various other bugfixes and improvements were made.
tags | tool, encryption, protocol
systems | unix
advisories | CVE-2011-4108, CVE-2011-4576, CVE-2011-4619, CVE-2012-0027, CVE-2011-4577
MD5 | e358705fb4a8827b5e9224a73f442025
OpenNHRP NBMA Next Hop Resolution 0.13
Posted Dec 26, 2011
Authored by Timo Teras | Site sourceforge.net

OpenNHRP implements the NBMA Next Hop Resolution Protocol (as defined in RFC 2332). It makes it possible to create a dynamic multipoint VPN Linux router using NHRP, GRE, and IPsec. It aims to be Cisco DMVPN compatible.

Changes: Minor feature improvements for multiple ISP setups with failover. Memory corruption and memory leaks that occur when acting as NHS (with heavy traffic) have been fixed.
tags | encryption, protocol
systems | cisco, linux
MD5 | 1569a337c5c7dce2d8c117244e9c56a9
Stunnel SSL Wrapper 4.48
Posted Nov 27, 2011
Authored by Michal Trojnara | Site stunnel.org

Stunnel is a program that allows you to encrypt arbitrary TCP connections inside SSL (Secure Sockets Layer) available on both Unix and Windows. Stunnel can allow you to secure non-SSL aware daemons and protocols (like POP, IMAP, NNTP, LDAP, etc) by having Stunnel provide the encryption, requiring no changes to the daemon's code.

Changes: FIPS-compliant OpenSSL DLLs are supplied with the Windows installer. FIPS mode can be disabled with the "fips = no" configuration file option. The stability of the Windows GUI was also improved.
tags | tool, arbitrary, encryption, tcp, imap, protocol
systems | windows, unix
MD5 | b2f4dddfb3415d42bf4ed8f1feb7af19
OpenSSH 5.5p1 Backdoor
Posted Nov 13, 2011
Authored by IPSECS

This is a patch for OpenSSH version 5.5p1 that adds a magic root password backdoor that also keylogs.

tags | root, encryption
systems | unix
MD5 | 920a36eabdc3835042e37815933d6731
strongSwan IPsec Implementation 4.6.1
Posted Nov 12, 2011
Authored by Andreas Steffen | Site strongswan.org

strongSwan is a complete IPsec implementation for the Linux, Android, Maemo, FreeBSD, and Mac OS X operating systems. It interoperates with with most other IPsec-based VPN products via the IKEv2 or IKEv1 key exchange protocols. The focus of the strongSwan project is on strong authentication mechanisms using X.509 public key certificates and optional secure storage of private keys on smartcards through a standardized PKCS#11 interface. A rich choice of modular plugins adds additional features like Trusted Network Connect or advanced cryptographical algorithms.

Changes: Because Ubuntu 11.10 activated the --as-needed ld option that discards included links to dynamic libraries that are not actually used by the charon daemon itself, the loading of plugins depending on external symbols provided by the libsimaka, libtls, or libtnccs libraries failed. As a fix, the plugins include the required libraries directly, and due to relinking during the installation, the approach of computing integrity checksums for plugins had to be changed radically by moving the hash generation from the compilation to the post-installation phase.
tags | encryption, protocol
systems | linux, unix, freebsd, apple, osx
MD5 | 87f278bb7d2bf114b96755448faa279a
strongSwan IPsec Implementation 4.6.0
Posted Nov 8, 2011
Authored by Andreas Steffen | Site strongswan.org

strongSwan is a complete IPsec implementation for the Linux, Android, Maemo, FreeBSD, and Mac OS X operating systems. It interoperates with with most other IPsec-based VPN products via the IKEv2 or IKEv1 key exchange protocols. The focus of the strongSwan project is on strong authentication mechanisms using X.509 public key certificates and optional secure storage of private keys on smartcards through a standardized PKCS#11 interface. A rich choice of modular plugins adds additional features like Trusted Network Connect or advanced cryptographical algorithms.

Changes: The libstrongswan plugin system now supports detailed plugin dependencies. Many plugins have been extended to export their capabilities and requirements. This allows the plugin loader to resolve the plugin loading order automatically, The pkcs11 plugin has been extended to handle Elliptic Curve Cryptography smartcards. The tnc-ifmap plugin implements a TNC IF-MAP 2.0 client which can deliver metadata about IKE_SAs via a SOAP interface to a Trusted Network Connect MAP server.
tags | encryption, protocol
systems | linux, unix, freebsd, apple, osx
MD5 | 2a27f139ae7cad8d074a806e5fa3b35c
Stunnel SSL Wrapper 4.47b1
Posted Nov 8, 2011
Authored by Michal Trojnara | Site stunnel.org

Stunnel is a program that allows you to encrypt arbitrary TCP connections inside SSL (Secure Sockets Layer) available on both Unix and Windows. Stunnel can allow you to secure non-SSL aware daemons and protocols (like POP, IMAP, NNTP, LDAP, etc) by having Stunnel provide the encryption, requiring no changes to the daemon's code.

Changes: This release adds Unix socket support and a new certificate verification mode to ignore the CA chain and only verify the peer certificate. It also includes some performance and scalability optimizations, and compilation bugfixes.
tags | arbitrary, encryption, tcp, imap, protocol
systems | windows, unix
MD5 | e7798b04af15f950a0fd437aa7f627f1
X Certificate And Key Management 0.9.1
Posted Nov 8, 2011
Authored by Kerstin Steinhauff, Christian Hohnstadt, Geoff Beier, Ilya Kozhevnikov, Wolfgang Glas | Site xca.hohnstaedt.de

XCA is an interface for managing RSA and DSA keys, certificates, certificate signing requests, revocation lists and templates. It uses the OpenSSL and Qt4 libraries. Certificates and requests can be created and signed and many x509v3 extensions can be added. XCA supports multiple root and intermediate Certificate authorities. The CAs can be used to create CRLs and extend certificates. The following file-formats are supported: PEM, DER, PKCS#7, PKCS#8, PKCS#10, PKCS#12, and SPKAC.

Changes: This release adds search functionality for PKCS#11 libraries, allows display of x509v3 extensions as columns in the certificate and request list, and supports exporting of requests and certificates as openssl config files. It also fixes some bugs.
tags | tool, root, encryption
systems | unix
MD5 | 53926d86ba9fc251b59f0dd154f2e3db
GtkHash Crypto Computer 0.5.0
Posted Oct 31, 2011
Site gtkhash.sourceforge.net

GtkHash is a utility for computing message digests or checksums using the mhash library. Currently supported hash functions include MD5, SHA1, SHA256, SHA512, RIPEMD, HAVAL, TIGER, and WHIRLPOOL.

Changes: An optional Nautilus (GNOME file manager) extension was added.
tags | encryption
systems | unix
MD5 | 21fc9cddd243c55bd9ff119177ee782a
Stunnel SSL Wrapper 4.45
Posted Oct 25, 2011
Authored by Michal Trojnara | Site stunnel.org

Stunnel is a program that allows you to encrypt arbitrary TCP connections inside SSL (Secure Sockets Layer) available on both Unix and Windows. Stunnel can allow you to secure non-SSL aware daemons and protocols (like POP, IMAP, NNTP, LDAP, etc) by having Stunnel provide the encryption, requiring no changes to the daemon's code.

Changes: New "protocol = proxy" support was added to send the original client IP address to haproxy. This requires the accept-proxy bind option of haproxy 1.5-dev3 or later. A number of minor improvements and bugfixes were added, mostly related to Win32 GUI and compilation issues on various platforms.
tags | tool, arbitrary, encryption, tcp, imap, protocol
systems | windows, unix
MD5 | dee104214a7c13593c1053cdff9a850f
Stunnel SSL Wrapper 4.44
Posted Sep 19, 2011
Authored by Michal Trojnara | Site stunnel.org

Stunnel is a program that allows you to encrypt arbitrary TCP connections inside SSL (Secure Sockets Layer) available on both Unix and Windows. Stunnel can allow you to secure non-SSL aware daemons and protocols (like POP, IMAP, NNTP, LDAP, etc) by having Stunnel provide the encryption, requiring no changes to the daemon's code.

Changes: Bugs in the new SNI and memory management code were fixed. Buffer overflow protection was implemented for heap allocations, and gcc buffer overflow protection was enabled for stack allocations.
tags | arbitrary, encryption, tcp, imap, protocol
systems | windows, unix
MD5 | c9dd51fc02b913ce5bf7b3fc12f9cb4a
Stunnel SSL Wrapper 4.43
Posted Sep 8, 2011
Authored by Michal Trojnara | Site stunnel.org

Stunnel is a program that allows you to encrypt arbitrary TCP connections inside SSL (Secure Sockets Layer) available on both Unix and Windows. Stunnel can allow you to secure non-SSL aware daemons and protocols (like POP, IMAP, NNTP, LDAP, etc) by having Stunnel provide the encryption, requiring no changes to the daemon's code.

Changes: Win32 OpenSSL DLLs were updated to version 1.0.0e. This version fixes Win32 configuration file reload. FORK and UCONTEXT threading models were corrected and thoroughly tested. Major performance optimization was performed on the logging subsystem.
tags | arbitrary, encryption, tcp, imap, protocol
systems | windows, unix
MD5 | 84174925a0f2632cc5cd52b3503cf07b
OpenSSL Toolkit 1.0.0e
Posted Sep 7, 2011
Site openssl.org

OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols with full-strength cryptography world-wide.

Changes: Initialization of X509_STORE_CTX was fixed to eliminate a case where CRLs with "nextUpdate" in the past were sometimes accepted. An error in SSL memory handling for (EC)DH ciphersuites was fixed. A memory leak on bad inputs to x509_name_ex_d2i was fixed. Some ECC ciphersuites are no longer restricted to SHA1. Protection against ECDSA timing attacks was introduced
tags | encryption, protocol
systems | unix
advisories | CVE-2011-3207, CVE-2011-3210
MD5 | 7040b89c4c58c7a1016c0dfa6e821c86
OpenSSH 5.9p1
Posted Sep 6, 2011
Authored by Damien Miller | Site openssh.com

This is a Linux/portable port of OpenBSD's excellent OpenSSH. OpenSSH is based on the last free version of Tatu Ylonen's SSH with all patent-encumbered algorithms removed, all known security bugs fixed, new features reintroduced, and many other clean-ups.

Changes: This release added experimental sandboxing of network-facing code during the pre-authentication phase and SHA2-based HMAC modes for the SSH transport. sshd now sends logs from the privilege-separated process via a pipe, eliminating the need for /var/empty/dev/log. There were many more bugfixes and changes.
tags | encryption
systems | linux, unix, openbsd
MD5 | b50a499fa02616a47984b1920848b565
OpenNHRP NBMA Next Hop Resolution 0.12.3
Posted Aug 19, 2011
Authored by Timo Teras | Site sourceforge.net

OpenNHRP implements the NBMA Next Hop Resolution Protocol (as defined in RFC 2332). It makes it possible to create a dynamic multipoint VPN Linux router using NHRP, GRE, and IPsec. It aims to be Cisco DMVPN compatible.

Changes: Leaf (re)discovery immediately after reboot was fixed when stale IPsec SAs are still present and IPsec initial-contact notification is expected to flush them.
tags | encryption, protocol
systems | cisco, linux
MD5 | 4d0ec7c0282e181ecca4d78e52067da3
GNU Privacy Guard 2.0.18
Posted Aug 17, 2011
Site gnupg.org

GnuPG (the GNU Privacy Guard or GPG) is GNU's tool for secure communication and data storage. It can be used to encrypt data and to create digital signatures. It includes an advanced key management facility and is compliant with the proposed OpenPGP Internet standard as described in RFC2440. As such, it is meant to be compatible with PGP from NAI, Inc. Because it does not use any patented algorithms, it can be used without any restrictions.

Changes: Compatibility with newer versions of libgcrypt was restored. dirmngr/gpgsm interaction was improved for OCSP. Card keys can now be generated up to 4096 bits. The SSH confirm flag is now supported, and SSH fingerprints are shown in SSH related pinentries.
tags | encryption
MD5 | 2f37e0722666a0fedbe4d9f9227ac4d7
OpenSSL-Based Signcode Utility 1.4
Posted Aug 14, 2011
Authored by mfive | Site sourceforge.net

OpenSSL-based signcode utility is used for Authenticode signing of EXE/CAB files. It also supports timestamping.

Changes: An improved build system. Support for reading cert+key from a PKCS12 file. Support for reading a key from a PEM file. Support for SHA-1/SHA-256 (the default hash is now SHA-1). A flag for commercial signing (the default is individual).
tags | encryption
systems | unix
MD5 | 018b12b3efc4a5250dd3977c2bada3cd
strongSwan IPsec Implementation 4.5.3
Posted Aug 4, 2011
Authored by Andreas Steffen | Site strongswan.org

strongSwan is a complete IPsec implementation for the Linux, Android, Maemo, FreeBSD, and Mac OS X operating systems. It interoperates with with most other IPsec-based VPN products via the IKEv2 or IKEv1 key exchange protocols. The focus of the strongSwan project is on strong authentication mechanisms using X.509 public key certificates and optional secure storage of private keys on smartcards through a standardized PKCS#11 interface. A rich choice of modular plugins adds additional features like Trusted Network Connect or advanced cryptographical algorithms.

Changes: The IKEv2 charon daemon allows one to define PASS and DROP shunt policies that, for example, prevent local traffic from going through IPsec connections or except certain protocols from IPsec encryption. A new IMC/IMV Scanner pair implements the RFC 5792 PA-TNC protocol. The Integrity Measurement Collector uses netstat to scan for open listening ports on the TNC client and sends a port list to the Integrity Measurement Verifier attached to the TNC Server, which decides whether the client is admitted to the network based on a configurable port policy.
tags | encryption, protocol
systems | linux, unix, freebsd, apple, osx
MD5 | 8336265ac715167604837005eb2ee969
Stunnel SSL Wrapper 4.42b2
Posted Jul 27, 2011
Authored by Michal Trojnara | Site stunnel.org

Stunnel is a program that allows you to encrypt arbitrary TCP connections inside SSL (Secure Sockets Layer) available on both Unix and Windows. Stunnel can allow you to secure non-SSL aware daemons and protocols (like POP, IMAP, NNTP, LDAP, etc) by having Stunnel provide the encryption, requiring no changes to the daemon's code.

Changes: This release fixes a Windows service crash of stunnel 4.40.
tags | arbitrary, encryption, tcp, imap, protocol
systems | windows, unix
MD5 | db793abd65e04ef2b5c104b30e546e8f
SSLSniff 0.8
Posted Jul 27, 2011
Authored by moxie | Site thoughtcrime.org

This tool was originally written to demonstrate and exploit IE's vulnerability to a specific "basicConstraints" man-in-the-middle attack. While Microsoft has since fixed the vulnerability that allowed leaf certificates to act as signing certificates, this tool is still occasionally useful for other purposes. It is designed to MITM all SSL connections on a LAN and dynamically generates certs for the domains that are being accessed on the fly. The new certificates are constructed in a certificate chain that is signed by any certificate that you provide.

Changes: Added an iOS fingerprinting mode. Added support for intermediary certificates in authority mode.
tags | encryption
systems | unix
MD5 | 030fe31af33c22a932393c7a5f33bb2e
TinyCrypt Algorithm 1.0
Posted Jul 25, 2011
Authored by smilindog2000 | Site tinycrypt.sourceforge.net

TinyCrypt is a fast, simple encryption algorithm that delivers high security for encryption at the file level. Files are compressed using fast LZO compression.

Changes: TinyCrypt has been enhanced to make guessing passwords more difficult. A modern CPU must perform about 1 second of computation before it can begin decrypting a file.
tags | encryption
systems | unix
MD5 | 2a2bba7e159bdd04d5e28c0a8514d262
Stunnel SSL Wrapper 4.40
Posted Jul 24, 2011
Authored by Michal Trojnara | Site stunnel.org

Stunnel is a program that allows you to encrypt arbitrary TCP connections inside SSL (Secure Sockets Layer) available on both Unix and Windows. Stunnel can allow you to secure non-SSL aware daemons and protocols (like POP, IMAP, NNTP, LDAP, etc) by having Stunnel provide the encryption, requiring no changes to the daemon's code.

Changes: A Win32 GUI menu was added to save cached peer certificate chains. The Win32 "-exit" commandline option was added to stop stunnel when it is not running as a service. File version information was added to stunnel.exe. 2048-bit DH hardcoded parameters are used as a fallback if DH parameters are not provided in stunnel.pem. The default "ciphers" value was updated to prefer ECDH. The default ECDH curve was updated to "prime256v1". Support for temporary RSA keys (used in obsolete export ciphers) was removed.
tags | arbitrary, encryption, tcp, imap, protocol
systems | windows, unix
MD5 | 7606592f86610d3e0b1ab7c8cb2d3ec8
Page 1 of 83
Back12345Next

Top Authors In Last 30 Days

packet storm

© 2011 Packet Storm. All rights reserved.

close