Ostiary
Ostiary allows a client to run scripts on a server in a secure, authenticated manner, using an extremely simple protocol that is immune to buffer-overflow attacks. It is useful as a limited ssh/lsh replacement, or to selectively enable full remote shell access on a temporary basis. A Palm client is available.
| Tags | Security Systems Administration Utilities |
|---|---|
| Licenses | GPL |
| Operating Systems | Palm OS POSIX |
| Implementation | C |
Recent releases
- 31 Mar 2006 11:59
Changes: Several non-security-related bugfixes, including some clarified log messages and an update to the TCP-wrappers autoconf macros. Debian packages have been added.
- 11 Jul 2005 07:27
Changes: The Java client for Ostiary may be used either as an application (e.g. java -jar ostclient.jar) or as an applet embedded in a Web page. This may be combined with a Java ssh implementation to provide a highly secure remote connection from any Java-enabled Web browser.
- 31 May 2005 06:38
Changes: The Ostiary daemon can now call a script when a client IP address is locked out (e.g. to update firewall rules to more permanently deny service to an attacker). Some minor non-security-related bugs were fixed as well.
- 11 Nov 2004 07:55
Changes: The stable version now uses SHA1 instead of MD5 for improved security. Changes from the beta include updating the current working directory on startup.
- 23 Aug 2004 07:04
Changes: In light of recent cryptographic developments, the hash function has been updated from HMAC-MD5 to HMAC-SHA1. The server daemon also now cleanly restarts on a SIGHUP, and creates a pidfile to make process management easier.
