Re: NEW: security/ssdeep
2016-03-24 3:48 GMT+03:00 Lawrence Teo : > On Wed, Mar 23, 2016 at 08:42:09PM -0400, Lawrence Teo wrote: >> ssdeep is a fuzzy hashing program and library that is useful for finding >> almost identical files. >> >> From pkg/DESCR: >> "ssdeep is a program for computing context triggered piecewise hashes (CTPH). >> Also called fuzzy hashes, CTPH can match inputs that have homologies. Such >> inputs have sequences of identical bytes in the same order, although bytes >> in between these sequences may be different in both content and length. >> >> The package also includes a fuzzy hashing API, which is documented in the >> README file." >> >> >> Sample usage: >> >> $ ssdeep /bsd >> ssdeep,1.1--blocksize:hash:hash,filename >> 196608:0FEGkK3+KgZ50tiuWUcvExbAcLYZ3lbAn7YZqWE/j0yky8Q3oM3ocm7GAWJ:ZyUuUA7YEp,"/bsd" >> >> This URL shows more usage examples: >> >> http://ssdeep.sourceforge.net/usage.html#basic >> >> ok? > > Let's try that again, with an attachment this time. :) okay zhuk@ -- WBR, Vadim Zhukov
Re: NEW: security/ssdeep
Lawrence Teo wrote: > On Wed, Mar 23, 2016 at 08:42:09PM -0400, Lawrence Teo wrote: > > ssdeep is a fuzzy hashing program and library that is useful for finding > > almost identical files. > > > > From pkg/DESCR: > > "ssdeep is a program for computing context triggered piecewise hashes > > (CTPH). > > Also called fuzzy hashes, CTPH can match inputs that have homologies. Such > > inputs have sequences of identical bytes in the same order, although bytes > > in between these sequences may be different in both content and length. > > > > The package also includes a fuzzy hashing API, which is documented in the > > README file." > > > > > > Sample usage: > > > > $ ssdeep /bsd > > ssdeep,1.1--blocksize:hash:hash,filename > > 196608:0FEGkK3+KgZ50tiuWUcvExbAcLYZ3lbAn7YZqWE/j0yky8Q3oM3ocm7GAWJ:ZyUuUA7YEp,"/bsd" > > > > This URL shows more usage examples: > > > > http://ssdeep.sourceforge.net/usage.html#basic > > > > ok? > > Let's try that again, with an attachment this time. :) Looks good to me. Clean Makefile, builds fine, runs fine, the PLIST looks sane, and portcheck -N doesn't report anything. Seems like a useful tool, too. I've been meaning to search for something like this for a long time. Should be reviewed by more experienced eyes, but ok mmcc@.
Re: NEW: security/ssdeep
On Wed, Mar 23, 2016 at 08:42:09PM -0400, Lawrence Teo wrote: > ssdeep is a fuzzy hashing program and library that is useful for finding > almost identical files. > > From pkg/DESCR: > "ssdeep is a program for computing context triggered piecewise hashes (CTPH). > Also called fuzzy hashes, CTPH can match inputs that have homologies. Such > inputs have sequences of identical bytes in the same order, although bytes > in between these sequences may be different in both content and length. > > The package also includes a fuzzy hashing API, which is documented in the > README file." > > > Sample usage: > > $ ssdeep /bsd > ssdeep,1.1--blocksize:hash:hash,filename > 196608:0FEGkK3+KgZ50tiuWUcvExbAcLYZ3lbAn7YZqWE/j0yky8Q3oM3ocm7GAWJ:ZyUuUA7YEp,"/bsd" > > This URL shows more usage examples: > > http://ssdeep.sourceforge.net/usage.html#basic > > ok? Let's try that again, with an attachment this time. :) ssdeep.tar.gz Description: application/tar-gz
NEW: security/ssdeep
ssdeep is a fuzzy hashing program and library that is useful for finding almost identical files. >From pkg/DESCR: "ssdeep is a program for computing context triggered piecewise hashes (CTPH). Also called fuzzy hashes, CTPH can match inputs that have homologies. Such inputs have sequences of identical bytes in the same order, although bytes in between these sequences may be different in both content and length. The package also includes a fuzzy hashing API, which is documented in the README file." Sample usage: $ ssdeep /bsd ssdeep,1.1--blocksize:hash:hash,filename 196608:0FEGkK3+KgZ50tiuWUcvExbAcLYZ3lbAn7YZqWE/j0yky8Q3oM3ocm7GAWJ:ZyUuUA7YEp,"/bsd" This URL shows more usage examples: http://ssdeep.sourceforge.net/usage.html#basic ok?