Suhosin
Suhosin 0.9.2

Advertisements:

Suhosin 0.9.2



Suhosin is an advanced protection system for PHP installations. It was designed to protect servers and users from known and unknown flaws in PHP applications and the PHP core.

Suhosin is an advanced protection system for PHP installations. It was designed to protect servers and users from known and unknown flaws in PHP applications and the PHP core. Suhosin comes in two independent parts, that can be used separately or in combination. The first part is a small patch against the PHP core, that implements a few low-level protections against bufferoverflows or format string vulnerabilities and the second part is a powerful PHP extension that implements all the other protections. If you are using PHP only for your own server and only for your own scripts and applications, then you can judge for yourself, if you trust your code enough. In that case you most probably don’t need the Suhosin extension. Because most of it’s features are meant to protect servers against vulnerable programming techniques. However PHP is a very complex programming language with a lot of pitfalls that are often overseen during the development of applications. Even PHP core programmers are writing insecure code from time to time, because they did not know about a PHP pitfall. Therefore it is always a good idea to have Suhosin as your safety net.Features:Engine Protection (only with patch) - Protects the internal memory manager against bufferoverflows with Canary and SafeUnlink Protection - Protects Destructors of Zend Hashtables - Protects Destructors of Zend Linked-Lists - Protects the PHP core and extensions against format string vulnerabilities - Protects against errors in certain libc realpath() implementations Misc Features - Protection Simulation mode - Adds the functions sha256() and sha256_file() to the PHP core - Adds support for CRYPT_BLOWFISH to crypt() on all platforms - Transparent protection of open phpinfo() pages - EXPERIMENTAL SQL database user protection Runtime Protection - Transparent Cookie Encryption - Protects against different kinds of (Remote-)Include Vulnerabilities - disallows Remote URL inclusion (optional: black-/whitelisting) - disallows inclusiong of uploaded files - optionally stops directory traversal attacks - Allows disabling the preg_replace() /e modifier - Allows disabling eval() - Protects against infinite recursion through a configureabel maximum execution depth - Supports per Virtual Host / Directory configureable function black- and whitelists - Supports a separated function black- and whitelist for evaluated code - Protects against HTTP Response Splitting Vulnerabilities - Protects against scripts manipulating the memory_limit - Protects PHP‘s superglobals against extract() and import_request_vars() - Adds protection against newline attacks to mail() - Adds protection against attack on preg_replace() Session Protection - Transparent encryption of session data - Transparent session hijacking protection - Protection against overlong session identifiers - Protection against malicious chars in session identifiers Filtering Features - Filters ASCIIZ characters from user input - Ignores GET, POST, COOKIE variables with the following names: - GLOBALS, _COOKIE, _ENV, _FILES, _GET, _POST, _REQUEST - _SERVER, _SESSION, HTTP_COOKIE_VARS, HTTP_ENV_VARS - HTTP_GET_VARS, HTTP_POST_VARS, HTTP_POST_FILES - HTTP_RAW_POST_DATA, HTTP_SERVER_VARS, HTTP_SESSION_VARS - Allows enforcing limits on REQUEST variables or separated by type (GET, POST, COOKIE) - Supports a number of variables per request limit - Supports a maximum length of variable names [with and without indicies] - Supports a maximum length of array indicies - Supports a maximum length of variable values - Supports a maximum depth of arrays - Allows only a configureable number of uploaded files - Supports verification of uploaded files through an external script - Supports automatic banning of uploaded ELF executables - Supports automatic banning of uploaded binary files - Supports automatic stripping of binary content in uploaded files - Configureable action on violation - just block violating variables - send HTTP response code - redirect the browser - execute another PHP script Logging Features - Supports multiple log devices (syslog, SAPI module error log, external logging script) - Supports freely configureable syslog facility and priority - Supports log device separated selection of alert types to log - Alerts contain filename and linenumber that triggered it - Alerts contain the IP address of the user triggering it - The IP Address can also be extracted from X-Forwarded-For HTTP headers (f.e. for reverse proxy setups)

If you have problem downloading Suhosin, stop using your download manager and download directly from browser. Check also your firewall, proxy settings, because some download mirrors may require that you do not block the HTTP referers.

Easy Freeware is not responsible for program you are downloading nor for information provided about the software products listed on our freeware site as the publisher/developer can modify these software information without notifying us. Even if we try to check the files for viruses ourselves, we cannot guarantee 100% that they are clean. So, for your complete protection always check downloaded files for viruses, spyware and malware.


Suhosin Related Downloads
 
Download My System Security 1.0.3

My System Security 1.0.3  Ultimate collection of security and system software. My System Security accept PAD or manual submissions from developers. Provides detailed information for security and system related software applications covering major operating systems.

Download AGT Firewall 1.11

AGT Firewall 1.11  AGT Firewall is a powerful console frontend to iptables, supporting nearly all of the iptables extensions. All options can be specified in a configuration file with similar syntax to 'ipf' and 'ipfw'.

Download Image Enigma 1.0

Image Enigma 1.0  It was modeled after the World War II German encryption algorithm, Enigma.The program also generates the rotors for use and encrypts/decrypts plain text.

Download Verilee Anti-Macro Script 1.1

Verilee Anti-Macro Script 1.1  This is an alphanumeric and symbols verification script that would stop automated sign-ups and brute-forcing,in hope of preventing more denial of service attacks and brute-forcing of accounts on php based sign-up and login scripts,which will save muc

Download Password format validator 1.0

Password format validator 1.0  This script validates that a given password meets certain security requirements, such as length, number of digits and other characters, etc.PHP Password validator script can be easily installed, used and modified to suit your needs.

Download identiPIC 1.0

identiPIC 1.0  identiPIC is a photo CAPTCHA system whereby a website visitor has to identify a picture to proceed. The system is typically used on web forms to block spambots. A human can identify a picture, a spambot cannot.

Download SimpleVault 1.1

SimpleVault 1.1  SimpleVault is a web-based tool that allows you to manage passwords or other secret information in a safe way. All secret information is encrypted using strong encryption algorithms.

Download Protect Email Links 1.0

Protect Email Links 1.0  Protect email links is a simple script, which can protect e-mail links from spam-bots.

Download quarReminder 0.1.5

quarReminder 0.1.5  quarReminder is a simple PHP script to parse the Amavis / Amavisd-new Spam/Virus quarantine database, and provide an HTML Message to the users reminding them of these messages.

Security Systems Popular Downloads
 
Download Bare Bones Password Generator 1.4

Bare Bones Password Generator 1.4  This script is a password generator that will generate random length alpha-numeric passwords given a range to work with.

Download gencoder 1.0

gencoder 1.0  gencoder is a simple php encoder that use base64 function algorithm to encode and decode the script.The drawback of this script: - it doesn't have a key for encryption / decryption method.

Download RF Random Password Generator 1.3

RF Random Password Generator 1.3  RF Random Password Generator is a PHP application that generates random passwords according to your specifications (minimum length, number of alpha/numeric/symbol characters, etc), and has many output crypt and hashing options.

Download basE91 encoding 0.6.0

basE91 encoding 0.6.0  basE91 is an advanced method for encoding binary data as ASCII characters. It is similar to UUencode or base64, but is more efficient. The overhead produced by basE91 depends on the input data.

Download As3 Crypto Framework 1.2

As3 Crypto Framework 1.2  As3 Crypto is a cryptography library written in Actionscript 3 that provides several common algorithms. Features: - Public Key Encryption: RSA (partial. encryption only.

Download Reckoner 0.4.0

Reckoner 0.4.0  It can be used to monitor automated processes or services, and check if they are working correctly.

Download Ruby/NTLM 0.1.1

Ruby/NTLM 0.1.1  The purpose of this project is providing a pure Ruby implementation of Microsoft's NTLM protocol.

Download md5diff 1.4

md5diff 1.4  This script reads the content of the two md5 files in two lists. It will compare and differentiate the two md5 files.

Download Ruby/CAPTCHA 0.1.2

Ruby/CAPTCHA 0.1.2  Ruby/CAPTCHA is a simple CAPTCHA ("Completely Automatic Public Turing Test to Tell Computers and Humans Apart") written in Ruby.