<algorithms>
<network>
<data haven>
<email>
<anonymizers>
<secure ip>
<secure tcp>
<ssh>
<ssl>
<www>
<key mgmt>
<libraries>
<maths>
<pgp>
<gnupg>
<system>
<kernel>
<kerberos>
<unix password>
<filesystem>
<files>
<trust>
<ecash>
<steganography>
<voice>
|
|
Filesystem
Filesystem integrity & encryption tools.
bestcrypt 0.4b-3
Creates and supports encrypted virtual volumes for Linux/Windows/MSDOS.
A BestCrypt volume is accessible as a regular filesystem on a correspondent mount point.
The data stored on a BestCrypt volume are stored in the container file. A container is a regular file, so it is possible to backup, move or copy it to other disk (CD-ROM or network, for instance) and continue to access encrypted data using BestCrypt.
BestCrypt supports the following encryption algorithms: GOST in Cipher Feedback mode and BLOWFISH, DES, TWOFISH in Cipher Block Chaining mode.
Container can be formatted for any filesystem supported by Linux (MINIX, EXT, EXT2, FAT, FAT32, and others) and mounted as additional volume to any mount point.
BestCrypt v.0.2b is developed for Linux Kernel 2.2.x and compatible with container files, created by BestCrypt v.6 (or above) for Windows 95/98/NT using SHA-1 Key Generator.
sources BestCrypt-0.4b-3.tgz
author Jetico Inc.
homepage http://www.jetico.com
edit application object
arla 0.35.3
AFS Implementation. Distributed filesystem with kerberos authentication.
Arla is a free AFS implementation.
The main goal is to make a fully functional client with all capabilities of normal AFS. Other stuff, such as servers and management tools are being
developed, but currently not considered stable.
sources arla-0.35.3.tar.gz
author Assar Westerlund
homepage http://www.stacken.kth.se/projekt/arla/
edit application object
aide 0.7
Advanced Intrusion Detection System, a replacement for Tripwire
AIDE (Advanced Intrusion Detection Environment) is a free replacement
for Tripwire(tm). It generates a database that can be used to check the
integrity of files on a server. It uses regular expressions for determening
which files get added to the database. You can use several message digest
algorithms to ensure that the files have not been tampered with.
sources aide-0.7.tar.gz
author Rami Lehti, Pablo Virolainen
homepage http://www.cs.tut.fi/~rammer/aide.html
edit application object
cfs 1.3.3
Cryptographic File System
CFS pushes encryption services into the Unix(tm) file
system. It supports secure storage at the system level
through a standard Unix file system interface to encrypted
files. Users associate a cryptographic key with the directories they wish to protect. Files in these directories (as
well as their pathname components) are transparently
encrypted and decrypted with the specified key without further user intervention; cleartext is never stored on a disk
or sent to a remote file server.
CFS runs entirely at user level, as a local NFS server
running on the client machine's "loopback" interface. The
system consists of cfsd (the CFS server daemon), and a small
suite of tools that create encrypted directories and manage keys as they are used.
sources cfs-1.3.3.tar.gz
author Matt Blaze
edit application object
ehd 0.6
User space filesystem encryption.
EHD is a patch to login/losetup to create/use BLOWFISH-encrypted home
directories under Linux 2.2. It requires the Kernel 2.2 patch from
www.kerneli.org to provide BLOWFISH loop device encryption. It is a real
alternative to CFS/TCFS, doesn't require NFS, and is intended to be much
easier to use.
sources ehd-0.6.patch
author Id Est
homepage http://members.home.net/id-est/
edit application object
l6 1.6
File Integrity Assessment Tool
sources l6 <signature>
author Gilbert
homepage http://www.pgci.ca
edit application object
loopy 0.1.2
A tool to manage the creation and mounting of encrypted loop device filesystems.
A sh script that mounts and unmounts
encrypted volumes with linux loop
device interface and crypto extensions
provided by the linux international
kernel.
sources loopy-0.1.2.tar.gz <signature>
author Ian Wehrman
homepage http://www.prism.gatech.edu/~gte019i/loopy/
edit application object
overwrite 0.5
Unix utility for secure deletion
Based on Peter Gutmann's paper "secure deletion of data from magnetic and solid state memory" and was created in order to make harder the data recovery process. It implements a built-in cryptographic prng and try to flush the SO and HD cache when possible.
sources overwrite-0.5.tar.gz
author Salvatore Sanfilippo
homepage http://www.kyuzz.org/antirez/overwrite/
edit application object
ppdd 1.2
Encrypted file systems under linux.
Ppdd lets you use encrypted files systems under Linux. It uses high quality
encryption techniques suitable for the large volumes and the long lifetimes
of data involved. The encryption services
are provided at
the partition level so that root and swap partitions can be encrypted.
sources ppdd-1.2.zip
author Allan Latham
homepage ftp://ftp.gwdg.de/pub/linux/misc/ppdd
edit application object
sfspatch 2.3.6
Steganographic filesystem for Linux.
sfspatch is a kernel patch which introduces module support for the steganographic file system (formerly known as vs3fs,
an experimental type of filesytem that not only encrypts all information on the disk, but also tries to hide that
information in such a way that it cannot be proven to even exist on the disk. This enables you to keep sensitive
information on a disk, while not be prone to being forced to reveal that information. Even under extreme circumstances,
fake documents could be stored on other parts of the disk, for which a pasword may be revealed. It should not be
possible to find out whether any other information is stored on the disk.
stable kernel sfspatch-2.2.10.tar.gz development kernel sfspatch-2.3.6.tar.gz maintainance tools sfstools.tar.gz
author Peter Schneider-Kamp, Carl van Schaick, Paul Schmeddle
homepage http://www-users.rwth-aachen.de/Peter.Schneider-Kamp/sources/sfs/
edit application object
stegfs 1.1.2
Partition level steganographic filesystem for Linux.
StegFS is an implementation of a steganographic file system for Linux,
based on the ideas in the paper "The Steganographic File System", by
Anderson, Needham and Shamir.
The file system builds on top of a normal Ext2 file system. The
resulting file system can still be mounted with the ext2 driver. When
mounted with the stegfs driver and appropriate passphrases given,
additional hidden levels become available.
The StegFS package consists of a kernel patch and a set of utilities.
sources patch-stegfs-1.1.2-2.2.14.gz tools stegfs-tools-1.1.1.tar.gz
author Andrew D McDonald, Markus G. Kuhn
homepage http://ban.joh.cam.ac.uk/~adm36/StegFS/
edit application object
tcfs 2.2.3
Transparent cryptographic filesystem.
TCFS is a Transparent Cryptographic File System that is a suitable solution to the problem of
privacy for distributed file system. By a deeper integration between the encryption service and the
file system, it results in a complete trasparency of use to the user applications. Files are stored in
encrypted form and are decrypted before they are read. The encryption/decryption process takes
place on the client machine and thus the encryption/decryption key never travels on the network.
TCFS works in the
kernel space thus resulting in improved performances and security.
sources tcfs-2.2.3-distrib.tar.gz sources tcfs-2.2.2.tgz
author TCFS Group
homepage http://tcfs.dia.unisa.it
edit application object
tripwire 1.2
A file and directory integrity checker.
Tripwire is a tool that aids system administrators and
users in monitoring a designated set of files for any changes.
Used with system files on a regular (e.g., daily) basis, Tripwire
can notify system administrators of corrupted or tampered files,
so damage control measures can be taken in a timely manner.
sources tripwire-1.2.tar.Z
author Gene Kim, Gene Spafford
edit application object
wipe 0.16
Securely erase files from magnetic media.
Recovery of supposedly erased data from magnetic media is
easier than what many people would like to believe. A technique called Magnetic Force Microscopy (MFM) allows
any moderately funded opponent to recover the last two or
three layers of data written to disk. Wipe repeadetly
overwrites special patterns to the files to be destroyed,
using the fsync() call and the O_SYNC bit to force disk
access. In normal mode, 34 patterns are used (of which 8
are random). These patterns were recommended in an article
from Peter Gutmann entitled
"Secure Deletion of Data from Magnetic and Solid-State
Memory".
sources wipe-0.16.tar.gz <signature>
author Berke Durak
homepage http://gsu.linux.org.tr/wipe/
edit application object
ya-wipe 1.0.0
Secure file wiper
Wipe is a secure file wiping utility. However, it does not set the media access bit on scsi commands, therefore it is not 100% secure, unless your drive
has no write cache. For maximum security, disable drive write cache on scsi mode page 8. If possible, disable operating system file cache and
driver-level buffers. Wipe tries to sync the data to disk via a call to fdatasync(), fsync(), or using O_SYNC. Under linux, the mount option "mand" must
be used (see /usr/src/linux/Documentation/mandatory.txt) for mandatory file locks to be enabled. Wipe should make it extremely difficult for all but the
most determined person(s) to recover the original plaintext data.
sources wipe-1.0.0.tar.bz2 <signature>
author Tom Vier
homepage http://users.erols.com/thomassr/zero/download/wipe/index.html
edit application object
fistgen 0.0.3
A language for describing stackable filesystems.
FiST (File System Translator) is a language for describing stackable file
systems. Fistgen is the FiST language code translator. This package
includes sources for fistgen, stackable templates for several operating
systems, and several high-level filesystem descriptions. One of them
is cryptfs - a filesystem that encrypts filenames and datapages with
Blowfish.
sources fistgen-0.0.3.tar.gz
author Erez Zadok
homepage http://www.cs.columbia.edu/~ezk/research/fist/
edit application object
srm 1.2.2
Secure replacement for rm.
srm (secure rm) is a command-line compatible rm(1) which destroys file contents before unlinking. The goal is to provide drop in security for
users who wish to prevent command line recovery of deleted information, even if the machine is compromised.
sources srm-1.2.2.tar.gz
author Matthew Gauthier
homepage http://sourceforge.net/projects/srm/
edit application object
|