 

[ Search ] [ What's New? ] [ About ] 
[ Bugs ] [ Misc ] [ Mailing Lists ] [ Newgroups ] [ NewsWire ] [ Papers ] [ People ] 
[ Pictures ] [ Publications ] [ Responce Teams ] [ Tools ] [ Upcoming Events ] [ Web Sites ] 

Substitute Tools

 Title: bsd-tftp
 Authors: University of California
 Abstract:

   A hacked copy of the BSD 4.3tahoe tftpd program.

 Title: fingerd v1.2
 Authors: Mike Shanzer
 Abstract:

   A fingerd that offers: logging, access control lists so you can restrict finger requests to
   certain hosts (and certain users if you trust ident), a message of the day file, and binding
   programs to certain users.

 Title: logdaemon v4.6
 Authors: Wietse Venema
 Abstract:

   This archive contains the result of years of gradual transformations on BSD source. (1) rsh
   and rlogin daemons that log the remote user name and perform logging and access control in
   tcp/ip daemon wrapper style. (2) ftpd, rexecd and login software with fascist login failure
   logging and with support for optional S/Key onetime passwords.

 Title: mail.local
 Authors: Eric Allman
 Abstract:

   mail.local is a replacement for them /bin/mail program. It is only a delivery agent for
   sendmail and does not have a user interface.

 Title: msystem.tar.Z
 Authors: Matt Bishop
 Abstract:

   The file msystem.c contains a version of system(3), popen(3), and pclose(3) that provide
   considerably more security than the standard C functions. They are named msystem,
   mpopen, and mpclose, respectively. While the author does not guarantee them to be
   PERFECTLY secure, they do constrain the environment of the child quite tightly, tightly
   enough to close the obvious holes.

 Title: passwdd v1.2
 Authors: Anders Ellefsrud
 Abstract:

   This package consists of two parts. One server based passwd/chsh/chfn replacement, and a
   server based /etc/group editor which gives each and every user the ability to privately
   manage one group on his own.

 Title: patchsym
 Authors: der Mouse
 Abstract:

   Drop in code for SunOs 4.1.x systems to make it more difficult to guess sequence numbers
   and spoof packets. It treats tcp_iss as a CRC accumulator into which it hashes every IP
   output packet.

 Title: permissions
 Authors: deraadt@cpsc.ucalgary.ca
 Abstract:

   In a basic BSD environment only three utilities let people onto a machine: login, rshd, and
   ftpd. The programs are modified to check a YP map called 'permissions' which determines
   wheter a person is allowed to login. Control over login is given based on four parameters:
   hostname, ttyname, login nad groups.

 Title: portmapper v3
 Authors: Wietse Venema
 Abstract:

   Replacement portmapper with access control in the style of the tcp wrapper (log_tcp)
   package and a handfull of other enhancements

 Title: rfingerd
 Authors: jseng@technet.sg
 Abstract:

   Perl finger deamon with additional logging. It logs information like who is at the other end of
   the connection (via rfc931), who does he/she finger and any other information which is sent
   through the finger port. Its programmed to deny chain fingering, and stop immediatly if it
   detects special symbols in the input stream. It can be easily modified to filter out information,
   deny fingering of certain person, deny fingering from certain host, filter finger information,
   etc without the trouble of recompiling since it is written in perl.

 Title: rpcbind v1.1
 Authors: Wietse Venema
 Abstract:

   This is an rpcbind replacement with tcp wrapper style access control. It provides a simple
   mechanism to discurage remote access to the NIS (YP), NFS, and other rpc services.

 Title: securelib
 Authors: William LeFebvre
 Abstract:

   This package contains replacement routines for these three kernel calls: accept, recvfrom,
   recvmsg. These replacements are compatible with the originals, with the additional
   functionality that they check the Internet address of the machine initiating the connection to
   make sure that it is "allowed" to connect.

 Title: sfingerd v1.8
 Authors: Laurent Demailly
 Abstract:

   sfingerd is a secure replacement for the standard unix finger deamon. The goal is to have the
   smallest and safest code.

 Title: smrsh
 Authors: Eric Allman
 Abstract:

   smrsh is a restricted shell utility that provides the ability to specify, through a configuration,
   an explicit list of executable programs. When used in conjunction with sendmail, smrsh
   effectively limits sendmail's scope of program execution to only those programs specified in
   smrsh's configuration.

 Title: surrogate-syslog
 Authors: Wietse Venema
 Abstract:

   For systems that have no syslog library. This version logs directly to a file (default
   /usr/spool/mqueue/syslog). The fake syslog that comes with nntp seems to be OK, too.

 Title: tftpd
 Authors: Scott M. Ballew
 Abstract:

   This version of ftpd is a hacked version from the 4.3 Reno tftpd.The features are chroot() to
   a restricted directory, syslog() all accesses (and failures) to include the accessor, the file,
   and the access type (read or write) even when chroot() was in effect, and have the ability to
   control which files or subdirectories of the tftp directory were accessible to which clients
   based on the incoming IP address.

 Title: yppapasswd v1.0
 Authors: Matthew Scott
 Abstract:

   yppapasswd is designed to do proactive password checking based upon the passwd
   program given in the O'Reilly book on perl (ISBN 093717564-1). This program has a
   subrutine called 'goodenough' that can easily be extended to perform any type of password
   checks that you feel are becessary, that aren't already being done. yppapasswd extends this
   program to be used with NIS. To accomplish this there is a demon, yppapasswdd that runs
   on the NIS master in replacement of yppasswdd. yppapasswd uspports f and s options that
   change finger and shell information. This also woirks across the NIs domain so that you do
   not have to be on the NIS master server to change your password info.


Aleph One / aleph1@underground.org 
Copyright &copy; 1996 Computer Underground Society. All rights reserved. 
