Jim Lippard's Security Software

These are some software tools, all in Perl, which I've developed for my own use. Others are welcome to use them for noncommercial use, with no warranty. All were originally written for OpenBSD.

In the absence of other license information within each package, assume that each is copyrighted by Jim Lippard, with all rights reserved, with license granted for noncommercial use. Assume a BSD-3 license.

Also see Github: https://github.com/lippard661

• discord.org-2024-pkg.pub: signify public key for verifying signed packages
• accttools.tgz: Process accounting tools (written for *BSD) for generating a baseline and auditing for divergences from the baseline. Current version is a beta (really more of a proof-of-concept), 0.5, 2012-12-23.
• add_host-1.3.tgz: add_host/remove_host, Perl script for adding and removing IPs from files used for firewalling (and from pf tables). Current version is 1.3, 2023-01-29.
• arpwatch-3.6 OpenBSD package. This is Lawrence Livermore Labs' arpwatch, patched for OpenBSD to use unveil and _arpwatch user. The patches are approximately equivalent to the standard OpenBSD package, which uses arpwatch-2.1a15 and does not use unveil. (I attempted to use pledge as well, but the restricted mode of pledge doesn't allow the bpf-related system calls, such as BIOCSETF.)
• faild.pl: Monitors an Internet connection for uptime, fails over to an alternate connection if one is available. Current version is 1.9a, 2024-07-20.
• portcheck.pl: Updates OpenBSD ports tree. Current version 1.3, 2024-08-03.
• reportnew-1.19a.tgz: Monitors logs for new entries and generates email reports for entries matching certain criteria. Works for syslog, cyclog, and multilog formats, and for BSD process accounting logs. Current version is 1.19a, 2024-08-02. Available here or on Github as an OpenBSD-style package.
• rsync-client.pl: Managed synchronization of files between systems via an unprivileged user. Current version is 2024-10-08. Packaged together with some other rsync tools as rsync-tools-20241101.tgz. The latter is available here or on Github as an OpenBSD-style package.
• sha2_create.pl/sha2_compare.pl/sha3_create.pl/sha3_compare.pl: Creates databases of SHA2/SHA3 digests and compares against them. Also supports SHA1, but that is deprecated. Intended for setting baselines for use in forensic analysis, similar to the Sun Solaris Fingerprint Database, and for finding and removing unused files after an upgrade -- that use case now obsoleted by OpenBSD's sysclean. The following databases of OpenBSD SHA2/SHA3 digests are available:
  • OpenBSD 6.9 amd64 (SHA3), OpenBSD 6.9 amd64 (SHA2)
  • OpenBSD 6.8 amd64 (SHA3), OpenBSD 6.8 amd64 (SHA2)
  • OpenBSD 6.7 amd64 (SHA3), OpenBSD 6.7 amd64 (SHA2)
  • OpenBSD 6.6 amd64 (SHA3), OpenBSD 6.6 amd64 (SHA2)
  • OpenBSD 6.5 amd64 (SHA3), OpenBSD 6.5 amd64 (SHA2)
  • OpenBSD 6.4 amd64 (SHA3), OpenBSD 6.4 amd64 (SHA2)
  • OpenBSD 6.3 amd64 (SHA3), OpenBSD 6.3 amd64 (SHA2)
  • OpenBSD 6.2 amd64 (SHA3), OpenBSD 6.2 amd64 (SHA2)
  • OpenBSD 6.2 i386 (SHA3), OpenBSD 6.2 i386 (SHA2)
  • OpenBSD 6.1 amd64 (SHA3), OpenBSD 6.1 amd64 (SHA2)
  • OpenBSD 6.1 i386 (SHA3), OpenBSD 6.1 i386 (SHA2)
  • OpenBSD 6.0 amd64 (SHA3), OpenBSD 6.0 amd64 (SHA2)
  • OpenBSD 6.0 i386 (SHA3), OpenBSD 6.0 i386 (SHA2)
  • OpenBSD 5.9 amd64 (SHA3), OpenBSD 5.9 amd64 (SHA2)
  • OpenBSD 5.9 i386 (SHA3), OpenBSD 5.9 i386 (SHA2)
  • OpenBSD 5.8 amd64 (SHA3), OpenBSD 5.8 amd64 (SHA2)
  • OpenBSD 5.8 i386 (SHA3), OpenBSD 5.8 i386 (SHA2)
  • OpenBSD 5.7 amd64 (SHA2)
  • OpenBSD 5.7 i386 (SHA2)
  • OpenBSD 5.6 amd64 (SHA2)
  • OpenBSD 5.6 i386 (SHA2)
  • OpenBSD 5.5 amd64 (SHA2)
  • OpenBSD 5.5 i386 (SHA2)
  • OpenBSD 5.4 amd64 (SHA2)
  • OpenBSD 5.4 i386 (SHA2)
  • OpenBSD 5.3 amd64 (SHA2)
  • OpenBSD 5.3 i386 (SHA2)
  • OpenBSD 5.2 amd64 (SHA2)
  • OpenBSD 5.2 i386 (SHA2)
  • OpenBSD 5.1 amd64 (SHA2)
  • OpenBSD 5.1 i386 (SHA2)
  • OpenBSD 5.0 amd64 (SHA2)
  • OpenBSD 5.0 i386 (SHA2)
  • OpenBSD 4.9 i386 (SHA2)
  • OpenBSD 4.8 i386 (SHA2)
  • OpenBSD 4.8 macppc (SHA2)
  • OpenBSD 4.7 i386 (SHA2)
  • OpenBSD 4.7 macppc (SHA2)
  • OpenBSD 4.6 i386 (SHA2)
  • OpenBSD 4.6 macppc (SHA2)
  • OpenBSD 4.5 i386 (SHA2)
  • OpenBSD 4.5 macppc (SHA2)
  • OpenBSD 4.4 i386 (SHA2)
  • OpenBSD 4.4 macppc (SHA2)
  • OpenBSD 4.3 i386 (SHA2)
  • OpenBSD 4.3 macppc (SHA2)
  • OpenBSD 4.2 i386 (SHA2)
  • OpenBSD 4.2 macppc (SHA2)
  • OpenBSD 4.1 i386 (SHA2)
  • OpenBSD 4.1 macppc (SHA2)
  • OpenBSD 4.0 i386 (SHA2)
  • OpenBSD 4.0 macppc (SHA2)
  • OpenBSD 3.9 i386 (SHA2)
  • OpenBSD 3.9 macppc (SHA2)
  • OpenBSD 3.8 i386 (SHA2)
  • OpenBSD 3.8 macppc (SHA2).
• Signify-1.0c.tgz: Signify.pm, perl module wrapper for OpenBSD signify. Current version is 1.0b, 2024-08-01. Available here or on Github as an OpenBSD-style package.
• sigtree-1.19d.tgz: Tripwire/Samhain-like program, monitors file system integrity. Written for *BSD, macOS, and Linux. Current version is 1.19d, 2024-10-12. Available here or on Github as an OpenBSD-style package. v1.19c allows child forks with Parallel::ForkManager and uses Signify.pm, 1.18d is last version without Signify.pm dependency.
• syslock/sysunlock: Sets system files immutable, so that they cannot be changed by root unless the system is brought into single-user mode. Written for OpenBSD, but will work with *BSD with the appropriate changes to the locations of commands (e.g. chflags). Current version: 1.8b, 8 October 2024. Available here or on Github as an OpenBSD-style package.