Secutity/Crypto FreeWare@Crufty.NET

Most of what we procuce we make freely available from http://www.crufty.net/ftp/pub/ we also have a few products and services which are not free but that may be of interest.

This page details some of the tools we provide which can help enhance the security of your site.

We use in our crypto tools.

Support

Our support policy is very simple:- you get what you pay for.

Packages

The deal with all of these offerings is that you are welcome to use them, just don't pretend that you wrote them. If there is a License file (LICENSE*) its terms must be honoured.

SSLrsh: BSD r* commands over SSL. Apart from providing a secure solution to the r* commands - with only one authentication option (X.509 certs) that is controlled by the system administrator and not users, this package provides libsslfd which is the basis for all of our SSL based packages. Note that libsslfd may only be used to build the packages distributed by Simon J. Gerraty, any other use requires a license.
stelnet: stelnet is a secure telnet that supports both SSL, and plain DES encryption, it is compatible with Tim Hudson's SSLtelnet but uses a later code base.
stn3270: stn3270 is a secure tn3270 client that builds upon stelnet.
bftpd: bftpd is the NetBSD ftp/ftpd with SSL support added. The NetBSD 1.3 INSTALL document describes the ftp client as astoundingly overfunctional. It is actually a very nice tool. Even if you don't want SSL support, bftp will give you an up to date ftp client with all the bells and whistles that runs on systems other than 4.4BSD. (Currently tested on SunOS, Solaris and HP-UX). The lastest version will even compile on HP-UX 10 using HP's ansi cc.
stn3270: stn3270 is a secure tn3270 client that builds upon stelnet.
build-ssleay: build-ssleay contains the BSD Makefiles we use for building Eric Young's SSLeay-090b. These make it easy to share the source via NFS and make shared libs on several platforms (*BSD, SunOS, Solaris, HP-UX and Linux among others).
ftp-gw2: This is the original version of sjg's hacked TIS ftp-gw to support a split-DMZ firewall as described in Cheswick & Bellovin. It has been provided to TIS (many years ago now :-), and is distributed here with their permission.
bindport.c: This module implements the facility (also described in C&B) to allow an unprivaleged tool to bind a reserved port. It compiles to both a library function and the set-uid command that the library function invokes.
unfs: This is the original version of our secure? user space NFS server/client. It has been used very successfully for several years by some of our clients, but has now been replaced by sNFS which is not available for public download (see Products@Crufty.NET)