WebCert: Generate and manage X509.3 Certificates

WebCert: Web-based X509.3 Certificate Management
We needed a simple and quick way to generate X509.3 certificates to enable secure device management for a large deployment of Netscreen firewalls and VPN's through https. With the lack of an existing internal CA and the requirement for quick and easy certificate and retrieval, I created a web-based self-service application. Years and hundreds of certificates later, it is still a viable alternative to cumbersome, heavyweight CA implementations and the commandline of OpenSSL.

[online live version]      [download source] [changelog] [roadmap] [installation instructions] [about] [github]

EDAcS: VPN and Dial-In Session Monitoring through Radius

EDAcs: Monitor VPN and Dial-In Sessions
We wanted to track dynamic IP assigments of remote VPN and Dial-In users to correlate them with firewall and IDS logs quickly. Digging through DHCP logs manually did not scale. EDAcS is a log parser for Radius accounting logs (RFC 2866), which constructs user session records into a Security database. Together with the web frontend, it provides easy insight on who was online for how long, transfered how many bytes and was using which IP. Top-Ten statistics reveal service abuse easily. EDAcS provides a clear audit trail for allowing remote access under strict security oversight.

[online demo] [download source] [changelog] [about] [documentation]

INOVASC: the independent, web-based OpenVAS scan client

INOVASC,  the independent web-based OpenVAS scan client
OpenVAS is the popular vulnerability assessment system that came out of the discontinued Nessus open source platform. INOVASC is a independent client replacing NessusWC, the former web client I wrote to centrally manage vulnerability scanning. Its simple web interface makes it easy for anybody to scan networked systems on their own terms.

[online demo] [download source] [changelog] [installation instructions] [code in github]

NessusWC: Web Frontend for Nessus

NessusWC: Web Frontend for Nessus
Nessus has been the most popular free security vulnerability scanner for many years. Designed as a client server application, I wrote the NessusWC web client to centrally manage vulnerability scanning while providing a simple, easy-to-use web interface. When Nessus went fully commercial in 2008, the OpenVAS project took its place. Because of protocol changes, NessusWC is incompatible with OpenVAS. A new client INOVASC (above) replaced NessusWC. The NessusWC sources below are obsolete, kept for reference only.

[download source] [installation instructions]

Zengin file generation and management

Zengingen: Zengin file generation and verification
The Zengin Data Telecommunication System is a inter-bank payment system introduced in April 1973 for Japans domestic fund transfers. At the technical core of Zengin is the Zengin file specification, describing the format for payment transactions. Zengingen allows to generate, verify and modify Zengin data files for testing and manual processing.

[online demo] [about] [source]

UltraLink NTP clock and reference clock 34 driver
This is the updated driver for reference clock 34 in NTP. Reference clock 34 is assigned to clocks from company UltraLink, it supports models 320,325,33x. UltraLink NTP clocks are attractive due to their small size, robust design and affordable price, providing a fair accuracy through radio syncronisation with NIST's WWVB service.

[read article] [device specs] [download source]

Raptor Firewall commandline ruleset and object management

Raptor Firewall: commandline ruleset and object verification
Before becoming multipurpose appliances, firewalls were software solutions running on top of multi-homed servers and a standard OS. Raptor, later named Symantec Enterprise Firewall, was a popular UNIX proxy firewall. Firewall management was only available through a graphical GUI on a dedicated management station. This limited our remote management through SSH. 24x7 security operations required on-call staff to troubleshoot the firewall through slow VPN lines. These Perl scripts, called directly on the firewall's shell, can parse the firewall configuration files and print out the current configuration and network objects in a shell window.

download [rreport.pl] download [hostvrfy.pl]

Viper: Brute-Force Unix Password Cracker

Viper: cracking UNIX passwords brute-force
When I was trying to understand the insecurity of UNIX passwords, I looked for simple software as an example. Sure, there was the famous Crack, but I found Hale's viper.pl more readable. I was interested to improve his code to measure and print the performance and time estimates for brute force attacks. I contacted Hale and re-wrote his program in 'C', using the UFC-crypt library for maximum speed.

[read article] [download source]