WebCert: Generate and manage X509.3 Certificates
We needed a simple and quick way to generate X509.3 certificates to enable secure device management for a large deployment of Netscreen firewalls and VPN's through https. With the lack of an existing internal CA and the requirement for quick and easy certificate and retrieval, I created a web-based self-service application. Years and hundreds of certificates later, it is still a viable alternative to cumbersome, heavyweight CA implementations and the commandline of OpenSSL.
EDAcS: VPN and Dial-In Session Monitoring through Radius
We wanted to track dynamic IP assigments of remote VPN and Dial-In users to correlate them with firewall and IDS logs quickly. Digging through DHCP logs manually did not scale. EDAcS is a log parser for Radius accounting logs (RFC 2866), which constructs user session records into a Security database. Together with the web frontend, it provides easy insight on who was online for how long, transfered how many bytes and was using which IP. Top-Ten statistics reveal service abuse easily. EDAcS provides a clear audit trail for allowing remote access under strict security oversight.
INOVASC: the independent, web-based OpenVAS scan client
OpenVAS is the popular vulnerability assessment system that came out of the discontinued Nessus open source platform. INOVASC is a independent client replacing NessusWC, the former web client I wrote to centrally manage vulnerability scanning. Its simple web interface makes it easy for anybody to scan networked systems on their own terms.
NessusWC: Web Frontend for Nessus
Nessus has been the most popular free security vulnerability scanner for many years. Designed as a client server application, I wrote the NessusWC web client to centrally manage vulnerability scanning while providing a simple, easy-to-use web interface. When Nessus went fully commercial in 2008, the OpenVAS project took its place. Because of protocol changes, NessusWC is incompatible with OpenVAS. A new client INOVASC (above) replaced NessusWC. The NessusWC sources below are obsolete, kept for reference only.
Zengin file generation and management
The Zengin Data Telecommunication System is a inter-bank payment system introduced in April 1973 for Japans domestic fund transfers. At the technical core of Zengin is the Zengin file specification, describing the format for payment transactions. Zengingen allows to generate, verify and modify Zengin data files for testing and manual processing.
UltraLink 320/325/33x series NTP driver
This is the updated driver for reference clock 34 in NTP. Reference clock 34 is assigned to clocks from company UltraLink, it supports models 320,325,33x. UltraLink NTP clocks are attractive due to their small size, robust design and affordable price, providing a fair accuracy through radio syncronisation with NIST's WWVB service.
Raptor Firewall commandline ruleset and object management
Before becoming multipurpose appliances, firewalls were software solutions running on top of multi-homed servers and a standard OS. Raptor, later named Symantec Enterprise Firewall, was a popular UNIX proxy firewall. Firewall management was only available through a graphical GUI on a dedicated management station. This limited our remote management through SSH. 24x7 security operations required on-call staff to troubleshoot the firewall through slow VPN lines. These Perl scripts, called directly on the firewall's shell, can parse the firewall configuration files and print out the current configuration and network objects in a shell window.
Viper: Brute-Force Unix Password Cracker
When I was trying to understand the insecurity of UNIX passwords, I looked for simple software as an example. Sure, there was the famous Crack, but I found Hale's viper.pl more readable. I was interested to improve his code to measure and print the performance and time estimates for brute force attacks. I contacted Hale and re-wrote his program in 'C', using the UFC-crypt library for maximum speed.