OSPS0.5/0040755000076400007640000000000010031224730011123 5ustar kkronkkronOSPS0.5/OSPS-ManPage.html0100644000076400007640000000571610024533645014123 0ustar kkronkkron

OSPS - (ô sp -s z ) as in auspices. Obfuscated Server Port Service.

OSPS is a service port generator and cryptographic communication system. OSPS is designed to make it easier for you to implement need-to-know security for your server port #'s. OSPS is a simple but effective system for making your private services that much harder to hack. If your IDS/IPS is working then you should be fairly able to detect a port scan looking for open services and you can defend against those to a degree but if you are running your services on WKS ports then scanning isn't required nor is any “man in the middle attack”. OSPS is designed to hide the service port #'s from those who do not need to know and yet make them available to those who do need to know.

Services running under the OSPS of OSPS get their listening port number randomly generated on a regular basis. When it's time to choose a new port OSPS generates the port # and restarts the service. OSPS then uses public key encryption to encrypt the new port # information for all of the authorized users of the service and then places that file in a well known location. Since it is encrypted the port # file can even be placed in a public location, emailed to all authorized users or placed in a well know but secure location all of which is supported by OSPS.

How does OSPS work.

Generating new port numbers for services. The operation of OSPS has been modeled after chkconfig which should be familiar to modern system admins.

Invocation:

osps --debug=\d+ --verbose --ffile {path to OSPSified config file}

An OSPSified config file will contain the following lines at the start of the file

# OSPS v.$x as the first line.

# osps: port_range=n-m {Acceptable port range}

# osps: encryptor (encryptor and argument list)

# osps: user list (this list will be passed to encryptor & notify if notify = mail)

# osps: notify (none|mail|/path/to/status/file)

and optionally

#osps: additional files (absolute path to additional OSPSified configuration files which need to be synchronized with this configuration file.

If any of these lines is non-existent osps will exit with an error message.

Scheduling:

OSPS contains no scheduling information on how often to regenerate port #'s OSPS expects to be called by a scheduler/security system when it's time to change port #'s.

OSPS reads /etc/OSPS.conf to decide get it's task list.

OSPS0.5/test0100644000076400007640000000133610024562374012040 0ustar kkronkkron&] QB)ʜ?k9oc~O0>$a"\9(ʓH𺹦1 gJJDr}{0: UKsiV- <|Cdžܢs}!p풆IFq0a:rsP`DPGur0\5 2n':6p;J+qIXTq  X$ +aUqk;ʵ"pSULXk$cb /=d rDx}S-f:қPZ"ƫvZܨs"ټ'{d^s h|ْ|,#$n"5x| Ƃ=LMsvV" Ȣ'aZI @b}np;B%_ [X#8`o4( ]$@Tz 'ywQ ^ &243 \$help, 'man' => \$man, 'version' => \$version, 'd' => \$mkdir, 'b' => \$backup, 'B=s' => \$ext, 'f' => \$force, 'p' => \$preserve, 'm=s' => \$mode, 'o=s' => \$owner, 'g=s' => \$group, 'verbose|v' => \$verbose, 'log=s' => \$log, 'pre=s' => \@pre, 'post=s' => \@post, ) or pod2usage(1); pod2usage(1) if $help; pod2usage(-exitstatus => 0, -verbose => 2) if $man; print "$VERSION\n" and exit(0) if $version; if (defined $log) { no strict "refs"; open($log, ">> $log") or die "can't open $log: $!"; }; if (defined $mode){ my %likely = ( 777 => 1, 776 => 1, 775 => 1, 774 => 1, 766 => 1, 755 => 1, 744 => 1, 700 => 1, 666 => 1, 665 => 1, 664 => 1, 655 => 1, 644 => 1, 600 => 1, 555 => 1, 554 => 1, 544 => 1, 500 => 1, 444 => 1, 400 => 1, ); warn "$mode seems an unlikely mode" unless $likely{sprintf "%d", $mode}; }; if ($mkdir) { pod2usage("$0: not enough arguments") unless @ARGV > 0; makedirs(@ARGV); } elsif (@ARGV == 2 && ! -d $ARGV[1]){ install $ARGV[0], $ARGV[1]; } else { pod2usage("$0: not enough arguments") unless @ARGV > 1; my $dest = pop @ARGV; pod2usage "$0: `$dest' is not a directory" unless -d $dest; for (@ARGV){ my $base = basename($_); my $target = "$dest/$base"; install $_, $target; }; }; sub makedirs{ # print "makedirs called with: @_\n"; for (@_) { if(-d $_){ postaction($_); next; }; #print "trying $_\n"; if (-d dirname($_)) { mkdir $_ or die "can't mkdir $_: $!"; message $_; logaction "mkdir $_"; postaction $_; }else { makedirs(dirname($_), $_); }; }; }; sub install{ my $source = shift; my $target = shift; my $base = basename($source); my $old; die "$source is not a file" unless -f $source; preaction($source); if (-f $target && $backup){ if ($ext eq 'numbered'){ $ext = 1; while (-f "$target.$ext"){$ext++}; $ext = ".$ext"; }; $old = "$target$ext"; move $target, $old or die "can't move $target to $old: $!"; message $old; logaction "$target => $old"; }; my ($dev, $ino) = (stat $source)[0,1]; if (-f $target && $dev == (stat $target)[0] && $ino == (stat _)[1]){ die "$source and $target are the same file"; }; my $copied = copy $source, $target; unless ($copied){ if (-f $target && $force){ unlink $target or die "can't unlink $target:$!"; logaction "unlink $target"; $copied = copy $source, $target; }; }; die "can't copy $source to $target: $!" unless $copied; message $target; logaction "$source -> $target"; # Code cribbed from # if ($preserve){ my($mode, $uid, $gid, $atime, $mtime) = (stat $source)[2,4,5,8,9]; utime $atime, $mtime, $target or die "can't utime $target: $!"; my $oldmode = (07777 & $mode); chmod $oldmode, $target or die "can't chmod $target: $!"; chown $uid, $gid, $target or warn "can't chown $target to $mode: $!"; }; postaction($target); }; sub preaction{ my $source = shift; for my $pre (@pre){ system "$pre $source" and die "--pre command `$pre' failed: $!"; logaction "$pre $source"; }; }; sub postaction{ my $target = shift; setmode($mode, $target) if (defined $mode); setowner($owner, $target) if (defined $owner); setgroup($group, $target) if (defined $group); for my $post (@post){ system "$post $target" and die "--post command `$post' failed: $!"; logaction "$post $target"; }; }; sub setmode{ my $mode = shift; $mode = oct($mode); for (@_){ chmod $mode, $_ or die "can't chmod $_ to $mode: $!"; logaction "chmod $mode, $_"; }; }; sub setowner{ my $owner = shift; my $uid = getpwnam $owner; die "can't getpwnam $owner: $!" unless defined $uid; for (@_){ chown $uid, -1, $_ or die "can't chown $_ to $owner: $!"; logaction "chown $uid, -1, $_"; }; }; sub setgroup{ my $group = shift; my $gid = getgrnam $group; die "can't getgrnam $group: $!" unless defined $gid; for (@_){ chown -1, $gid, $_ or die "can't chown $_ to $group: $!"; logaction "chown -1, $gid, $_"; }; }; sub message{ print @_, "\n" if $verbose; } sub logaction{ no strict "refs"; print $log scalar gmtime, ': ', @_, "\n" if defined $log; }; __END__ =head1 NAME install.pl - Perl replacement for install(1) =head1 SYNOPSIS B [I] I I B [I] I... I B B<-d> [I] I... =head1 DESCRIPTION Installs the I file to the I filename, each I file to the destination I, or (with B<-d>) creates each I. Like install(1), install.pl includes several options primarily intended for use in makefiles. =head2 Why use yet another install program? Features, portability and flexibility. An install program is really just a glorified cp(1) command with a few convenience options. If your install program is missing a feature that you need, you're better off writing a program or script that does what you want. An install program should be ``All things to all people''. Once you have an install program that does exactly what you want, you'll probably want to take it with you to new machines and operating systems. Many implementations of install are portable in the sense that they work on a wide variety of machines. A perl implementation of install has a subtle advantage of being quickly portable. No need to build and install your install program--just copy install.pl to a machine with a working installation of perl. Even the most complete install program is missing a feature important to someone. Obviously a perl script has a flexibility advantage. But install.pl also has pre- and post-installation hooks to provide flexibility without the need to change any code. In fact several of the options provided by traditional install programs can by implemented through these hooks. (For efficiency reasons, most are not, however.) =head2 The three forms Traditionally, install programs have three forms: the single file form, the multiple file form, and the directory form. If there are only two arguments and the second is not a directory name, install.pl assumes the single file form. The I file is copied to the I filename. Use this argument if you want to specify a different filename then the original. For instance, the original might have it's version be part of the filename, but the installed copy should exclude the version portion of the filename. If the final argument is a directory name, install.pl copies each listed I file to that I. This form is usual for installing many or if I file will have the same name as the I. All actions (such as changing the permissions mode) are taken on each target file. The B<-d> option causes install.pl to assume the final, directory form. Each argument is created (including all components) if it does not already exist. Also all actions are taken on each listed I. Some install programs, such as this one, also perform each action on the missing components that are created. =head1 OPTIONS =over =item B<-d> Create each I. It is functionally the same as C. =item B<-b> Make a backup of each existing target file. =item B<-B> I Specify the backup I. The default is C<.old>. Usually I is a literal value, but the special value C causes the suffix to be a number. For instance, the first time a file is backed up, its suffix is C<.1> and the second time it's C<.2> and so on. =item B<-f> Attempt to force each file to be copied even if the target permissions mode wouldn't normally allow it to be changed (i.e., 0555 and stricter). In general, it is better to use the backup option instead since it allows the original file to be restored. =item B<-p> Preserve the file attributes of the I files. Other options may ultimately change some target file attributes. =item B<-m> I Set the absolute permission I of the target files and directories. By default the mode is not explicitly set. =item B<-o> I Set the I of target files and directories. =item B<-g> I Set the I of target files and directories. =item B<--pre> I Specify a I to be executed on each I file before it is installed. The name of the I file will be provided as an argument to each I. This option may be repeated to perform multiple pre-installation Is. =item B<--post> I Specify a I to be executed on each I file or I after it is installed. The name of the I file or I will be provided as an argument to each I. This option may be repeated to perform multiple post-installation Is. =item B<--log> I Append a record of actions to a I. The special value C<-> sends the output to STDOUT. =item B<-?>, B<--help> Prints the B and B sections. =item B<--man> Prints the install.pl(1) manual. =item B<--version> Prints the current version number of install.pl and exits. =back =head1 EXAMPLES The simplest case copies one or more files into the target I. This example copies src/program1 and src/program2 into the bin directory: install.pl src/program1 src/program2 bin Creating a backup of the original targets makes it easier to recover from mistakes (such as installing a buggy program). On some systems it can also protect running processes that are using the original files from crashing or losing data. (The reason is that the file descriptor continues to point to the original even when it is renamed.) This example moves the original targets to bin/program1~ and bin/program2~: install.pl -b -B \~ src/program1 src/program2 bin Be sure to protect the tilde from its special meaning in shell commands! Suppose you wanted to display the source and target file names as programs are installed. You could use the B<-v> option or you can use the B<--pre> and B<--post> options: $ install.pl --pre printf src/program1 src/program2 bin \ --post 'printf " -> %s\n"' src/program1 -> bin/program1 src/program2 -> bin/program2 Note that options may be placed anywhere in the command line and that multiple pre- and post-installation commands are allowed. For instance, this command strips the target files and prints a file listing: install.pl --post strip --post 'ls -l' src/program1 src/program2 bin A makefile install target generally looks something like: INSTALL := ./install.pl -m 775 -b -B .bak prefix := /usr/local bindir := $(prefix)/bin install: $(SCRIPTS) $(PROGRAMS) $(INSTALL) $^ $(bindir) When `make install' is executed, each script and program will be copied to /usr/local/bin. If the target already exists, it will be backed up to a file ending in `.bak'. The mode will be set to be user and group writable, readable and executable, and world readable and executable. =head1 TODO Add an option to install only if the files are different. Add an option to install into a tar file. Add an option or create a new script to un-install based on an install log file. Add an option to create a link instead of copying. Make the B<-m>, B<-o> and B<-g> options accept several forms of input. (Especially allow symbolic modes and numeric UIDs and GIDs.) Test on a wider variety of operating systems. Please write to the author if you'd like to help. Make the B<--pre> and B<--post> options accept the file name anywhere within the command, rather then only at the end. The xargs(1) B<-i> option is the model. =head1 BUGS install.pl is B yet all things to all people. install.pl has too many options which may interact in unexpected ways, open security holes and confuse people who don't know the syntax. The B<-f> option is probably unneeded. =head1 NOTES See R. Pike and B.W. Kernighan, Program Design in the UNIX Environment (Derived from the talk by Rob Pike, ``Cat -v considered harmful'') I for reasons why programs like install are at odds with the UNIX Style. For instance, the install target in the above example could be written like this: install: $(SCRIPTS) $(PROGRAMS) -ls $^ | xargs -i mv $(bindir)/`basename {}` \ $(bindir)/`basename {}`.bak cp $^ $(bindir) ls $^ | xargs -i chmod 755 $(bindir)/`basename {}` The C<-> before the first command is needed since there isn't always a target file. But there are other reasons the backup might fail. So really there should be something like C added. If the copy fails, the backup really should be restored. Pretty soon you'd have written a shell version of install.pl. The underlying problem in this case is that UNIX doesn't provide a reliable way to make backed-up copies. GNU cp(1) provides a backup feature, but there are many other programs that probably should make backed-up copies. Ideally, the file system should automatically create backups whenever a file is modified. I believe this is a feature of VMS, for instance. An install program is often deployed in hostile environments. The B<-d> option is important on systems where C isn't available. Some systems don't even have a cp(1) command. When you're touring Europe, it's ok to rely on restaurants and markets for food, but you better bring rations and water if you're trekking through the desert. On the other hand, install.pl doesn't go out of its way to make life harder for people using it in the comforts of a UNIX environment. Consider this rather tortured output from GNU install(1): $ install -vd man install: creating directory `man' $ install -v install.pl.1 man `install.pl.1' -> `man/install.pl.1' $ install -vb install.pl.1 man `install.pl.1' -> `man/install.pl.1' (backup: `man/install.pl.1~') Imagine trying to use this in a pipeline! The far more civilized output: $ install.pl -vd man man $ install.pl -v install.pl.1 man man/install.pl.1 $ install.pl -vb install.pl.1 man man/install.pl.1.old man/install.pl.1 =head1 HISTORY The install utility appeared in 4.2BSD. Originally it moved files to their destination. By at least 4.3BSD Reno install had a B<-c> option to copy files instead. (See I for a wide collection of Unix man pages.) Modern install programs no longer move by default, but the B<-c> option has been retained for legacy scripts and makefiles. This version does not support the vestigial B<-c> at all. Every install program that I am aware of has a B<-s> option to strip the binary of debugging information after it has been installed. install.pl does not offer that option because I believe there is little reason to strip binaries. Stripping should be a strictly private activity. (If you I strip you binaries, use the C<--post strip> option.) =head1 SEE ALSO install(1), perl(1), cp(1), mv(1), chmod(1), chown(1), mkdir(1), stat(2), File::Copy, File::Basename =head1 AUTHOR Jon Ericson I =head1 COPYRIGHT Copyright 2004 by Jon Ericson. This program is free software; you can redistribute it and/or modify it under the same terms as Perl. =begin CPAN =head1 README A Perl replacement for install(1). =head1 SCRIPT CATEGORIES UNIX/System_administration VersionControl/CVS Win32/Utilities =end CPAN =cut # LocalWords: LocalWords Getopt makedirs GetOptions ARGV Kernighan bindir # LocalWords: basename xargs printf chmod mkdir chown exitstatus dest sprintf # LocalWords: atime mtime utime oldmode dirname logfile logaction preaction # LocalWords: postaction setmode setgroup setowner elsif getpwnam getgrnam # LocalWords: VersionControl TODO UIDs GIDs OSPS0.5/test.conf0100644000076400007640000000000410024572676012761 0ustar kkronkkron284 OSPS0.5/osps.pl0100644000076400007640000001175410024572751012464 0ustar kkronkkron#! perl # Author: Kenneth Kron kkron@zanshinryu.com # @(#) netcat.pl Sends to a nominated socket on remote server. # Can be used with HP Jetdirect and similar devices. # # Copyright (c) 2002 Graham Jenkins . All rights reserved. # This program is free software; you can redistribute it and/or modify it under # the same terms as Perl itself. require 'sanity.pl' ; use strict; use File::Copy; use File::Basename; use File::stat qw(:FIELDS); use Getopt::Long qw(:config bundling_override); use Pod::Usage; my $VERSION ; $VERSION = "1.0"; my ($Port,$debug,$invalid,$start,$Input,$Output,$buffer,$prev); my $timeout=3600; # var,[=:],[isf] my $man = 0; my $help =0; my $version = 0; my $verbose = 0; my $name ; my $path ; my $file ; my $suffix ; my $FileVersion ; my $UserList ; my $Notify ; my %Notify; $Notify{"none"}=1 ; $Notify{"mail"} =1; my @Add ; my $INPUT ; my $Start ; my $End ; GetOptions ('help|?' => \$help, 'man' => \$man, 'version' => \$version, 'file=s' => \$file, 'verbose|v' => \$verbose, # 'debug:i' => \$log ) or pod2usage(1); pod2usage(1) if $help; pod2usage(-exitstatus => 0, -verbose => 2) if $man; print "$VERSION\n" and exit(0) if $version; $Input = $file ; ($name,$path,$suffix) = fileparse($file, ".osps") ; $Output = $path . $name ; my ($Range, $Encryptor, @Line) ; $INPUT = mustopen ("<$Input"); chomp($_=<$INPUT>) ; @Line = split / /,$_; $FileVersion= $Line[2] ; if (v1.0 < $FileVersion) { die "Configuration file version too high, upgrade osps" } ; ($_=<$INPUT>) ; @Line = split / /, $_ ; m/(\d+)\D+(\d+)/ =~ $Line[3] ; ($Start, $End) = ($1, $2) ; $Range = $End - $Start; if ($Range<2) { die "Invalid range specified: $Range"} ; $Port = $Start + krand() % $Range ; chomp($_=<$INPUT>) ; @Line = split / /, $_; stat($Line[3]) or die "No encryptor found in $Input" ; $Encryptor= join(" ",(@Line[3..$#Line])) ; chomp($_=<$INPUT>) ; @Line = split / /, $_; die "No user list found in $Input" if (!defined($UserList= join(" ",@Line[3..$#Line]))) ; $Encryptor .= join(" "," -r",$UserList,"--encrypt $Output") ; chomp($_=<$INPUT>) ; @Line = split / /, $_; $Notify = $Line[3] ; die "Invalid notify option found in $Input" if (!$Notify{$Notify}) ; chomp($_=<$INPUT>) ; @Line = split / /, $_; @Add= @Line[3..$#Line] ; unlink ($Output) ; my $OH = mustopen(">$Output") ; while (<$INPUT>) { s/\$OSPS_Port/$Port/ ; print $OH $_ ; } close $OH ; unlink ("$Output\.asc") ; system("$Encryptor") ; #system("echo $Encryptor") ; #$_ = $Notify{$Notify} { # /mail/ && do { system("mail -s \"Updated OSPS file for $Output\<$Input\.asc\"") } ; #} __END__ =head1 NAME osps.pl - =head1 SYNOPSIS osps [--debug] [--version] [--file {path to OSPSified config file}] =head1 DESCRIPTION OSPS - ( sp -s z ) as in auspices. Obfuscated Server Port Service. OSPS is a service port generator and cryptographic communication system. OSPS is designed to make it easier for you to implement need-to-know security for your server port #'s. OSPS is a simple but effective system for making your private services that much harder to hack. If your IDS/IPS is working then you should be fairly able to detect a port scan looking for open services and you can defend against those to a degree but if you are running your services on WKS ports then scanning isn't required nor is any ``man in the middle attack''. OSPS is designed to hide the service port #'s from those who do not need to know and yet make them available to those who do need to know. Services running under the OSPS of OSPS get their listening port number randomly generated on a regular basis. When it's time to choose a new port OSPS generates the port # and restarts the service. OSPS then uses public key encryption to encrypt the new port # information for all of the authorized users of the service and then places that file in a well known location. Since it is encrypted the port # file can even be placed in a public location, emailed to all authorized users or placed in a well know but secure location all of which is supported by OSPS. =head2 How does OSPS work. Generating new port numbers for services. The operation of OSPS has been modeled after chkconfig which should be familiar to modern system admins. An OSPSified config file will contain the following lines at the start of the file # OSPS v.$x as the first line. # osps: port_range n-m {Acceptable port range} # osps: encryptor (encryptor and argument list) # osps: user list (this list will be passed to encryptor & notify if notify = mail) # osps: notify (none|mail|/path/to/status/file) and optionally #osps: additional files (absolute path to additional OSPSified configuration files which need to be synchronized with this configuration file. If any of these lines is non-existent osps will exit with an error message. Scheduling: OSPS contains no scheduling information on how often to regenerate port #'s OSPS expects to be called by a scheduler/security system when it's time to change port #'s. OSPS reads /etc/OSPS.conf to decide get it's task list. OSPS0.5/test.conf.osps0100644000076400007640000000035210024572154013741 0ustar kkronkkron# OSPS v1.0 as the first line. # osps: port_range 200-400 {Acceptable port range} # osps: encryptor /usr/bin/gpg --batch --local-user osps --armor # osps: userlist kron@zanshinryu.com # osps: notify mail #osps: additional $OSPS_Port OSPS0.5/test-template.conf0100644000076400007640000000066110024540072014564 0ustar kkronkkron# OSPS v.$x as the first line. # osps: port_range n-m {Acceptable port range} # osps: encryptor /usr/bin/gpg (encryptor and argument list) # osps: userlist kron@aikido.com # (this list will be passed to encryptor & notify if notify = mail) # osps: notify /usr/bin/mailx #osps: additional {|file list} (absolute path to additional OSPSified configuration files which need to be synchronized with this configuration file. $OSPS_Port OSPS0.5/test.conf.asc0100644000076400007640000000106710024572676013540 0ustar kkronkkron-----BEGIN PGP MESSAGE----- Version: GnuPG v1.2.1 (GNU/Linux) hQEOA4YZabtQvm0+EAQA7F2ms2/dsWV6F4/BwWrSXaKppEPfIv2CVzxB/1KAUz/r 85+uhd+x30ElhmLLzz+mDX4hV9xehH+MqzMkstALr3PPpDd0wgp1Vsn3GTzxH591 GR5mXs138vYBn1JIiX48uO7Gf/T/u/h60JgHb6r5U97Ru+cHUkEkGkgSTORFPVAE AM2TH67VJgcHWj9LGGBvPn1vVaCPF95WRfa84LIX53i9rXBeiq0vuJT7S4PGzM09 COEhlasmf5RG26GKHqGgHpLUvFKLWUzSM3kEarX/WZo2ZwOlG478Gkv6ZiJOrzXc m87jQHvxKjxn4v3AzFOEQ8V8+blCYlwlf4pitF7pRB/H0kgBlXhqvNtlIpbAGnGo sMzL3LZiGJnjel8geCYzUa5xTilcpy9pVJi9Vw4eeK0cYomPHNhxXIGyIecTQUiu oYef/WCeHuy6ix8= =lDHy -----END PGP MESSAGE----- OSPS0.5/test.od0100644000076400007640000000454010024562670012440 0ustar kkronkkron0000000 501141286 532438500 3272458228 4115790075 0000020 3728920507 2901318122 3660185504 3389128734 0000040 1806253980 3983489408 445047183 810516067 0000060 1629765122 482368546 683993145 1208259530 0000100 2797189872 204571324 2280089537 421403599 0000120 3506837834 2327582538 2104640640 976266875 0000140 230725397 2918798842 1772254027 1457302707 0000160 3788123412 3575515877 3343088700 1940053126 0000200 2602663398 2557526031 3179713261 2420738712 0000220 1187885816 821522925 1916468577 1147162739 0000240 251243943 3853449181 1967607979 2339539704 0000260 3102127152 890826076 3205831177 1860892978 0000300 4114410489 1389523788 3387704747 2026382102 0000320 2562393472 1584248639 1798238476 1280559214 0000340 2787848835 2537034336 3064756358 1532526405 0000360 2280670570 603398653 3239550076 422364951 0000400 2335808775 2459161782 2806127669 1654505971 0000420 1900685281 2220023529 313986326 3577009533 0000440 6557837 3575358932 3992283585 3195630672 0000460 987412850 1050795812 975054773 112103222 0000500 2622110576 1232153522 97366439 1419452248 0000520 3337646514 331590667 3872544778 3977036068 0000540 2673975083 1910134149 3049929579 3810701037 0000560 347435145 434721673 2627491212 1489212492 0000600 1663331287 546419554 157564207 4084368654 0000620 2105067332 3503609527 3878507279 988731494 0000640 3525183168 4138728347 1343539343 2753714713 0000660 3336627328 1518368427 2242436283 3642913668 0000700 2541430716 1935566046 1746272288 2763095225 0000720 26401196 128300156 3955167020 577643555 0000740 2025623861 3337489532 4259200386 1934491212 0000760 3650123490 3639170761 583503870 2731018757 0001000 1639130899 1074481498 1853720162 997247374 0001020 632193090 4212953373 218302303 4065891163 0001040 2901189383 2570593030 8744800 3825605350 0001060 4139038772 4212729886 2703514891 2773746496 0001100 192596654 69706646 3111620729 2669650107 0001120 3405057105 638148296 855847986 1738630716 0001140 1123314207 3467658342 2901261278 2564379946 0001160 2000750314 2619137464 1907699047 2502249365 0001200 2246243440 1071365914 774190356 3336392440 0001220 2700777416 3507743026 3247892606 3929581216 0001240 1747862564 3968096417 3685460602 4029732475 0001260 1965691880 797334681 3876643389 2394169253 0001300 3421559183 4072429712 4279738887 1868515012 0001320 3257117303 1062574468 2863488346 41542 0001336 OSPS0.5/sanity.pl0100644000076400007640000000047010024566170012776 0ustar kkronkkronsub mustopen { open my $fh, "@_" or die "Can't open '@_': $!"; return $fh; } sub krand { my $RI = mustopen ("dd if=/dev/random bs=1b count=1|od -t u|") ; my $Entropy ; while ($_ = <$RI>) { chomp $_ ; @_ = split ; $Entropy += $_[1] + $_[2] + $_[3] + $_[4] ; } return $Entropy ; } 1;