Sined's WEB Page		/ news translations patches projects presentations links exploits
bringing the knowledge in security to those who are looking for it
support the most interesting opensource projects in security
By Denis Ducamp <Denis.Ducamp(at)groar.org>		Pour les francophones...

Sined's personal projects WEB Page

August 12, 2000...

I'm the master:

SOS
groar

I participate:

Owl
hping

Which interest me:

netfilter
NSM

1. I'm the master.

1.1 SOS (Security Open Source Software):

My contribution to security Open Source software.

SOS consists in a set of scripts in php4 to have a directory of security "Open Source" software.
(00/09/28)The consultation part is almost finished :-)
That directory works in the same way as FreshMeat: scripts consult a ( postgresql) data base but this one will be filled only by the administrators.
If you wish to become a beta-tester, send me an email.
Gadget: it's possible to choose its theme ( whitehats, freshmeat, packetstorm, tootella, linuxfr, appwatch). If you have other sets of colors which you like, it will be easy to add a theme :-)

note: that project is actually suspended :-(

As soon as a minimal base of translations is constituted then this project will begin again :-)

1.2 groar

groar: password cracker (sha1, lanman, ntlm...)
titi: one way password crypting library (des, md5, blowfish, sha, lanman, ntlm...)
The goal of groar isn't to compete with John the Ripper:
- John is the fastest of all crackers (look at the performances of the 1.6.20-dev) version.
- The goal of groar is to have a maximum of algorithms and to be able to add some easily.

note: that project is actually suspended :-(

As soon as SOS (see above) is in place and a minimal base is constituted then this project will begin again :-)

2. I participate.

2.1 Owl

http://www.openwall.com/Owl/

2.2 hping

http://www.hping.org/

3. Which interest me.

3.1 netfilter

netfilter, the new IP filtering system of Linux 2.4:

understanding of various functionalities
debugging... hunting for the bugs is launched:
- synflood: a connection is considered as established when the server had returned SYN-ACK.
  OK under 2.4.0-test7
- passive ftp: the request for the passive ftp connection is accepted but its answer is refused.
  OK en 2.4.0-test7
test of Jozsef Kadlecsik's patch implementing connections tracking as described in the article Real Stateful TCP Packet Filtering in IP Filter by Guido van Rooij.

3.2 NSM

NSM (Net Security Master), set of authenticated proxies created in 1992 by HSC, purchased in 1996 by SolSoft and whose sources were made public under the GPL license in 2000.

nsm.sha1.diff : patch to support sha1 hashes in the authentication files of NSM. It's necessary to change passwords manually.
nsm_crypt.0.5.tar.gz : nsm_crypt library to support sha1, DES, MD5 and blowfish
To do in NSM :
- Integrate the above patch and library. It's necessary to make a patch for the password changing keep by default the same hashing algorithm.
- Support the auhentication to a SMB server in NSM
- Brain Storming to know how to get rid of clear text passwords in the telnet and http proxies of NSM without using OPIE or authentication cards.

Hits since 2001/07/01: [an error occurred while processing this directive]