Active Projects:

- qSheff [2.1-r2]

qSheff is an advanced content filter for the qmail e-server. It can scan for viruses and spams. qSheff replaces qmail-queue and gets the e-mails received by qmail-smtpd or qmail-inject before qmail-queue. After scanning the content, if the e-mail is allowed, qSheff releases it to the queue and allows it to go on-route. By intercepting e-mails before they enter the queue, qSheff reduces the e-mail server load. Supports regular expressions.

- spamGuard [1.9]

Nearly all of today's mail system administrators face spam as their first threat. Because of this, EnderUNIX team has written a small application to automagically monitor malicious spammer activity in your mail server logs.

spamGuard is written purely in C, to stop spammers hanging arount. For the time being, the program supports qmail (multilog/syslog) Sendmail, Postfix and Exim.

- Aget [0.4]

EnderUNIX Aget is a multi-threaded application that can accelarate your downloads. For the time being, the program supports HTTP downloads and can be run from the console.

The future plans for the program include developing a GUI and supporting FTP protocol as well as intelligently managing multiple downloads.

- Knowlan [1.0]

Knowlan is ARP protocol based Local Area Network IP and MAC Adress Extractor. Knowlan uses libpcap and libnet libraries for to be simple to handle and to have a simple code for any interestor to deal with the code. To describe knowlan overally, Knowlan, sends ARP REQUEST packets to the LAN, and at the same time, It recieves ARP REPLY packets from the up machines. So, It prints out IP and MAC addresses of online machines.

- netUstad [0.3.1]

In this release, netUstad provides a web interface to add/edit/remove IPFW firewall rules. It works standalone.

- VoIPong [2.0]

VoIPong is a utility which detects all Voice Over IP calls on a pipeline, and for those which are G711 encoded, dumps actual conversation to seperate wave files. It supports SIP, H323, Cisco's Skinny Client Protocol, RTP and RTCP.

- CheckDNS [0.5]

It checks and reports whether a domain name, hosted by your organization, is still in use, and if so, reports whether your name servers are still the delegated name servers of the domain name in question.

Reports are generated both to the console and as HTML output. HTMLs also include information about the MX and WWW records of the domain name.

The tool is expected to be of great use for Internet Service Providers who are in need of keeping track of lame dns records.

- Steinbeck [1.1]

Steinbeck easifies a simple job in a secure way. It can be used to run shell scripts on a (linux)unix box with SSH server during which it can check on-going progress and grab the end result.. Steinbeck may be used by system admins or security testers who have to deal with running scripts on (many) remote machines and/or getting results back.

- swArpMon [0.1]

Switch ARP Table Monitoring tool.

- cupl [0.8]

CUPL is a programming library which provides some common and usefull functions to UNIX programmers, saves their time and reduces the development process.

- scanhill [0.5-p1]

Scanhill is a Microsoft Messenger Protocol Sniffer. Currently it can only intercept Instant Text Messaging. Optionally, intercepted text messages can be stored onto an RDMBS (Only mySQL is supported for now). Given that mySQL is used, stored instant messages can be read through a browser interface that is written in PHP language.

It's been written in C language for performance reasons, proved to be running on OpenBSD and FreeBSD;

- MetFS [1.1]

MetFS is a filesystem software in userspace that is FUSE based, encrypted, dynamic sized (increase when new data added, decrease when data removed), single file when it's unmounted and very fast.

End-Of-Life Projects:

- Isoqlog [2.2]

Isoqlog is MTA log analysis program written in C. It designed to scan qmail, sendmail, postfix and exim logfiles and produce usage statistics in HTML format for viewing through a browser. It produces Top domains output according to Incoming , Outgoing , total mails and bytes, it keeps your main domain mail statistics for per day, per month and per year. This tool is used by many *large* scale organizations.

- Vpwd2SQL [1.0]

EnderUNIX Vpwd2SQL is a tool, written in PERL that is used to convert '/etc/shadow or /etc/master.passwd' accounts to vpopmail accounts.

- QLDAPAdmin [1.0-RC1]

QLDAPAdmin is a series of tools that controls the LDAP databases which are used to store account information for Qmail users. It is written in C . With the help of QLDAPAdmin tools, you can:

* create/delete/modify virtual domains
* create/delete/modify virtual domain users
* change users' password, mailhost (for qmail clusters), mailquota, mail directory
* create alternate/forwarding addresses for one maibox
* List all qmail domains/domain users

- Hafiye [1.0]

Hafiye is a POSIX-compliant, customizable TCP/IP packet sniffer. Instead of interpreting protocols according to the data structures supplied by the operating system, it interprets Layer II, III, and IV as well as the payload, according to the knowledge base that it constructs from the user-supplied protocol configuration files.

- Zabit [0.7.1]

Almost anyone would agree that the most prominent problem facing mail server administrators is spam mails. For that we've decided to code a program which will be able to detect and reject spam before the mail gets queued.

Zabit is a content/attachment filter for qmail. It's been coded in C language for performance reasons.

Zabit project consists of two main components, zabit and zabit-wrp.

Zabit does content filtering and attachment control, whereas zabit-wrp is designed to allow a virus-scanner to co-exist with zabit.

:: Private Pages

:: Book

The translation of Network Security Hacks book by O'reilly.

Acik Akademi

:: EnderUNIX Tips
- Search for a string in files and then list the file names
- Could not load host key: /etc/ssh/ssh_host_ecdsa_key
- Get Important Update Notification on Linux Using Bash Script
- Another Sort by File Size
- Patching and installing packages to Solaris 11
- [VTK] GL/osmesa.h: no such file or directory
- Automatize/get Rid Of "RSA fingerprint" warning of ssh/scp
- Apache Mysql Php ModSecurity Chrooter
- Audit log monitoring service for Modsecurity v2
- Automatically freed memory

:: EnderUNIX Sysctl
- Enable non-privileged users to mount filesystems
- net.inet.ip.ttl
- check your maximum filedescriptors
- net.ipv4.igmp_max_memberships
- kern.ipc.msgtql
- kern.ipc.msgmax
- kern.ipc.msgmni
- kern.ipc.msgmnb
- kern.ipc.msgseg
- net.bpf.maxbufsize


EnderUNIX Open Source Software Development Team, 2000 - 2008 © / Istanbul, Turkey