Jim Lippard's Security Software
These are some software tools, all in Perl, which I've developed for my own use. Others are
welcome to use them for noncommercial use, with no warranty. All were originally written for
OpenBSD.
In the absence of other license information within each package, assume that each is
copyrighted by Jim Lippard, with all rights reserved, with license granted for noncommercial
use.
- accttools.tgz: Process accounting tools (written for *BSD) for generating
a baseline and auditing for divergences from the baseline. Current version is a beta (really more of
a proof-of-concept), 2004-01-04.
- faild.pl: Monitors an Internet connection for uptime, fails over to an
alternate connection if one is available. Current version is 1.3, 2005-11-11.
- reportnew: Monitors logs for new entries and generates email reports
for entries matching certain criteria. Works for syslog, cyclog, and multilog formats. Current
version is 1.6a, 2003-06-28.
- reportnew.conf: Sample config file for reportnew.
- rsync-client.pl: Managed synchronization of files between systems
via an unprivileged user. Current version is a beta, 2003-11-05. Added a note to comments, 2007-11-06,
regarding how to use with the new version of sudo that filters environment variables.
- sha1_create.pl/sha1_compare.pl/sha2_create.pl/sha2_compare.pl: Creates databases of SHA1/SHA2 digests and compares against them. Intended for setting baselines for use in forensic
analysis, similar to the Sun Solaris Fingerprint Database. The following databases of
OpenBSD SHA1/SHA2 digests are available:
OpenBSD 4.3 i386 (SHA1),
OpenBSD 4.3 i386 (SHA2),
OpenBSD 4.3 macppc (SHA1),
OpenBSD 4.3 macppc (SHA2),
OpenBSD 4.2 i386 (SHA1),
OpenBSD 4.2 i386 (SHA2),
OpenBSD 4.2 macppc (SHA1),
OpenBSD 4.2 macppc (SHA2),
OpenBSD 4.1 i386 (SHA1),
OpenBSD 4.1 i386 (SHA2),
OpenBSD 4.1 macppc (SHA1),
OpenBSD 4.1 macppc (SHA2),
OpenBSD 4.0 i386 (SHA1),
OpenBSD 4.0 i386 (SHA2),
OpenBSD 4.0 macppc (SHA1),
OpenBSD 4.0 macppc (SHA2),
OpenBSD 3.9 i386 (SHA1),
OpenBSD 3.9 i386 (SHA2),
OpenBSD 3.9 macppc (SHA1),
OpenBSD 3.9 macppc (SHA2),
OpenBSD 3.8 i386 (SHA1),
OpenBSD 3.8 i386 (SHA2),
OpenBSD 3.8 macppc (SHA1),
OpenBSD 3.8 macppc (SHA2),
OpenBSD 3.7 i386 (SHA1),
OpenBSD 3.7 macppc (SHA1),
OpenBSD 3.6 i386 (SHA1),
OpenBSD 3.6 macppc (SHA1),
OpenBSD 3.5 i386 (SHA1),
OpenBSD 3.5 macppc (SHA1),
OpenBSD 3.4 i386 (SHA1),
OpenBSD 3.4 macppc (SHA1).
- sigtree-1.5.tgz: Tripwire/Samhain-like program, monitors file
system integrity. Written for *BSD and Linux. Current version is 1.5, 2005-03-12.
- syslock/sysunlock: Sets system files immutable, so that they cannot be changed by root unless the system is brought into single-user mode. Written for OpenBSD, but will work with *BSD with the appropriate changes
to the locations of commands (e.g. chflags). Current version: 1.1, 9 November 2006.