fupids (the fuzzy userprofile intrusion detection system) is a user-profile based IDS for the OpenBSD kernel. It modifies certain syscalls in order to detect suspicious behavior. For example, it watches for network devices being set to promiscuous mode, and it watches for the creation of listen() sockets by users. fupids also handles a program profile for your local users, and it can find attackers who overtake existing accounts.
The WendzelNNTPd is an IPv6-ready Usenet server that aims to be as easy to use as possible. It is portable, supports AUTHINFO authentication, contains ACLs as well as role based ACLs (RBAC), supports invisible newsgroups, and features automatic prevention of double postings. WendzelNNTPd supports MySQL as well as SQlite3 backends.
fupids2 is a so-called human oriented IDS based on the FUPIDS project. fupids2 calculates an attacker level for every user on all Unix/Linux/BSD systems in the network. It looks at the behavior of the user (the programs the user uses, the daytime the user is active, the building and room the user uses, the part of the room in which the user sits, and so on) and reports if the user engages in behavior that is unusual for that person. This method can often detect accounts overtaken by attackers.
FluxBat is an ACPI based battery monitor for the fluxbox window manager. It includes two parts: a daemon process that runs the update script and the update script itself. The whole software contains only about 100 lines of code and is easy to use by including only one line in the menu configuration file of fluxbox.
Korallenriff is a program that collects input from different network sources and stores their data into one database. For example, it can receive POP3 mail or can fetch NNTP groups and store the received messages in a database. One can then, for example, use the database data within a Web site to display the latest postings of a newsgroup or to create an online mailing list archive. Another possible use would be to build a blogging-software where one can post via email.
Re: nice one
> What would cause this project to be
> widely used is plug-able backends;
> That is the solution to the terrible web
> forums about these days - an NNTP
> interface to each one.
> The higher levels of the newsgroup
> hierachy can map to a particular
> php-phorumz type configuration.
> Along with your RSS it may help
> replication of ghastly forums and a new
> life to NNTP.
> Anwyay.... I thought I'd just share some
> of the ideas I'm too busy to work on.
Thanks for that hint. I already wrote Korallenriff (also available at freshmeat) what fetches NNTP postings and saves them in a MySQL database. In WendzelNNTPd-2.0.0 I will probably add a full forums backend feature.
Re: Cool stuff!
> Yeah, a cool NNTPd with SQL support at
> early stage. Yes I know this isn't
> feature request forum, but PAM support
> are welcome. :-)
Great that you like it. I don't say that I will add PAM but I added it to the wishlist file that includes feature request I will possibly implement.