bestcrypt 0.4b-3
Creates and supports encrypted virtual volumes for Linux/Windows/MSDOS.
A BestCrypt volume is accessible as a regular filesystem on a correspondent mount point. The data stored on a BestCrypt volume are stored in the container file. A container is a regular file, so it is possible to backup, move or copy it to other disk (CD-ROM or network, for instance) and continue to access encrypted data using BestCrypt. BestCrypt supports the following encryption algorithms: GOST in Cipher Feedback mode and BLOWFISH, DES, TWOFISH in Cipher Block Chaining mode. Container can be formatted for any filesystem supported by Linux (MINIX, EXT, EXT2, FAT, FAT32, and others) and mounted as additional volume to any mount point. BestCrypt v.0.2b is developed for Linux Kernel 2.2.x and compatible with container files, created by BestCrypt v.6 (or above) for Windows 95/98/NT using SHA-1 Key Generator.
sources BestCrypt-0.4b-3.tgz
author Jetico Inc.
homepage http://www.jetico.com
edit application object

arla 0.35.3
AFS Implementation. Distributed filesystem with kerberos authentication.
Arla is a free AFS implementation. The main goal is to make a fully functional client with all capabilities of normal AFS. Other stuff, such as servers and management tools are being developed, but currently not considered stable.
sources arla-0.35.3.tar.gz
author Assar Westerlund
homepage http://www.stacken.kth.se/projekt/arla/
edit application object

aide 0.7
Advanced Intrusion Detection System, a replacement for Tripwire
AIDE (Advanced Intrusion Detection Environment) is a free replacement for Tripwire(tm). It generates a database that can be used to check the integrity of files on a server. It uses regular expressions for determening which files get added to the database. You can use several message digest algorithms to ensure that the files have not been tampered with.
sources aide-0.7.tar.gz
author Rami Lehti, Pablo Virolainen
homepage http://www.cs.tut.fi/~rammer/aide.html
edit application object

cfs 1.3.3
Cryptographic File System
CFS pushes encryption services into the Unix(tm) file system. It supports secure storage at the system level through a standard Unix file system interface to encrypted files. Users associate a cryptographic key with the directories they wish to protect. Files in these directories (as well as their pathname components) are transparently encrypted and decrypted with the specified key without further user intervention; cleartext is never stored on a disk or sent to a remote file server. CFS runs entirely at user level, as a local NFS server running on the client machine's "loopback" interface. The system consists of cfsd (the CFS server daemon), and a small suite of tools that create encrypted directories and manage keys as they are used.
sources cfs-1.3.3.tar.gz
author Matt Blaze
edit application object

ehd 0.6
User space filesystem encryption.
EHD is a patch to login/losetup to create/use BLOWFISH-encrypted home directories under Linux 2.2. It requires the Kernel 2.2 patch from www.kerneli.org to provide BLOWFISH loop device encryption. It is a real alternative to CFS/TCFS, doesn't require NFS, and is intended to be much easier to use.
sources ehd-0.6.patch
author Id Est
homepage http://members.home.net/id-est/
edit application object

l6 1.6
File Integrity Assessment Tool
sources l6 <signature>
author Gilbert
homepage http://www.pgci.ca
edit application object

loopy 0.1.2
A tool to manage the creation and mounting of encrypted loop device filesystems.
A sh script that mounts and unmounts encrypted volumes with linux loop device interface and crypto extensions provided by the linux international kernel.
sources loopy-0.1.2.tar.gz <signature>
author Ian Wehrman
homepage http://www.prism.gatech.edu/~gte019i/loopy/
edit application object

overwrite 0.5
Unix utility for secure deletion
Based on Peter Gutmann's paper "secure deletion of data from magnetic and solid state memory" and was created in order to make harder the data recovery process. It implements a built-in cryptographic prng and try to flush the SO and HD cache when possible.
sources overwrite-0.5.tar.gz
author Salvatore Sanfilippo
homepage http://www.kyuzz.org/antirez/overwrite/
edit application object

ppdd 1.2
Encrypted file systems under linux.
Ppdd lets you use encrypted files systems under Linux. It uses high quality encryption techniques suitable for the large volumes and the long lifetimes of data involved. The encryption services are provided at the partition level so that root and swap partitions can be encrypted.
sources ppdd-1.2.zip
author Allan Latham
homepage ftp://ftp.gwdg.de/pub/linux/misc/ppdd
edit application object

sfspatch 2.3.6
Steganographic filesystem for Linux.
sfspatch is a kernel patch which introduces module support for the steganographic file system (formerly known as vs3fs, an experimental type of filesytem that not only encrypts all information on the disk, but also tries to hide that information in such a way that it cannot be proven to even exist on the disk. This enables you to keep sensitive information on a disk, while not be prone to being forced to reveal that information. Even under extreme circumstances, fake documents could be stored on other parts of the disk, for which a pasword may be revealed. It should not be possible to find out whether any other information is stored on the disk.
stable kernel sfspatch-2.2.10.tar.gz
development kernel sfspatch-2.3.6.tar.gz
maintainance tools sfstools.tar.gz
author Peter Schneider-Kamp, Carl van Schaick, Paul Schmeddle
homepage http://www-users.rwth-aachen.de/Peter.Schneider-Kamp/sources/sfs/
edit application object

stegfs 1.1.2
Partition level steganographic filesystem for Linux.
StegFS is an implementation of a steganographic file system for Linux, based on the ideas in the paper "The Steganographic File System", by Anderson, Needham and Shamir. The file system builds on top of a normal Ext2 file system. The resulting file system can still be mounted with the ext2 driver. When mounted with the stegfs driver and appropriate passphrases given, additional hidden levels become available. The StegFS package consists of a kernel patch and a set of utilities.
sources patch-stegfs-1.1.2-2.2.14.gz
tools stegfs-tools-1.1.1.tar.gz
author Andrew D McDonald, Markus G. Kuhn
homepage http://ban.joh.cam.ac.uk/~adm36/StegFS/
edit application object

tcfs 2.2.3
Transparent cryptographic filesystem.
TCFS is a Transparent Cryptographic File System that is a suitable solution to the problem of privacy for distributed file system. By a deeper integration between the encryption service and the file system, it results in a complete trasparency of use to the user applications. Files are stored in encrypted form and are decrypted before they are read. The encryption/decryption process takes place on the client machine and thus the encryption/decryption key never travels on the network. TCFS works in the kernel space thus resulting in improved performances and security.
sources tcfs-2.2.3-distrib.tar.gz
sources tcfs-2.2.2.tgz
author TCFS Group
homepage http://tcfs.dia.unisa.it
edit application object

tripwire 1.2
A file and directory integrity checker.
Tripwire is a tool that aids system administrators and users in monitoring a designated set of files for any changes. Used with system files on a regular (e.g., daily) basis, Tripwire can notify system administrators of corrupted or tampered files, so damage control measures can be taken in a timely manner.
sources tripwire-1.2.tar.Z
author Gene Kim, Gene Spafford
edit application object

wipe 0.16
Securely erase files from magnetic media.
Recovery of supposedly erased data from magnetic media is easier than what many people would like to believe. A technique called Magnetic Force Microscopy (MFM) allows any moderately funded opponent to recover the last two or three layers of data written to disk. Wipe repeadetly overwrites special patterns to the files to be destroyed, using the fsync() call and the O_SYNC bit to force disk access. In normal mode, 34 patterns are used (of which 8 are random). These patterns were recommended in an article from Peter Gutmann entitled "Secure Deletion of Data from Magnetic and Solid-State Memory".
sources wipe-0.16.tar.gz <signature>
author Berke Durak
homepage http://gsu.linux.org.tr/wipe/
edit application object

ya-wipe 1.0.0
Secure file wiper
Wipe is a secure file wiping utility. However, it does not set the media access bit on scsi commands, therefore it is not 100% secure, unless your drive has no write cache. For maximum security, disable drive write cache on scsi mode page 8. If possible, disable operating system file cache and driver-level buffers. Wipe tries to sync the data to disk via a call to fdatasync(), fsync(), or using O_SYNC. Under linux, the mount option "mand" must be used (see /usr/src/linux/Documentation/mandatory.txt) for mandatory file locks to be enabled. Wipe should make it extremely difficult for all but the most determined person(s) to recover the original plaintext data.
sources wipe-1.0.0.tar.bz2 <signature>
author Tom Vier
homepage http://users.erols.com/thomassr/zero/download/wipe/index.html
edit application object

fistgen 0.0.3
A language for describing stackable filesystems.
FiST (File System Translator) is a language for describing stackable file systems. Fistgen is the FiST language code translator. This package includes sources for fistgen, stackable templates for several operating systems, and several high-level filesystem descriptions. One of them is cryptfs - a filesystem that encrypts filenames and datapages with Blowfish.
sources fistgen-0.0.3.tar.gz
author Erez Zadok
homepage http://www.cs.columbia.edu/~ezk/research/fist/
edit application object

srm 1.2.2
Secure replacement for rm.
srm (secure rm) is a command-line compatible rm(1) which destroys file contents before unlinking. The goal is to provide drop in security for users who wish to prevent command line recovery of deleted information, even if the machine is compromised.
sources srm-1.2.2.tar.gz
author Matthew Gauthier
homepage http://sourceforge.net/projects/srm/
edit application object