Search Results for "command-line"

The UPnP PortMapper can be used to easily manage the port mappings/port forwarding of a UPnP enabled internet gateway/router in the local network.

The OWASP ModSecurity Core Rule Set (CRS) is a curated, generic Web Application Firewall rule set that detects and blocks common attack categories across most web apps. It focuses on broad protection—SQL injection, cross-site scripting, local/remote file inclusion, command injection, and protocol violations—without requiring app-specific knowledge. Rules are organized into paranoia levels so operators can tune detection aggressiveness and balance false positives against coverage. An anomaly-scoring model accumulates rule hits per request, enabling nuanced blocking thresholds and easier incident triage. ...

360-FAAR (Firewall Analysis Audit and Repair) is an offline, command line, firewall policy manipulation tool to filter, compare to logs, merge, translate and output firewall commands for new policies, in Checkpoint dbedit, Cisco ASA or ScreenOS commands, and its one file! Read Policy and Logs for: Checkpoint FW1 (in odumper.csv / logexport format), Netscreen ScreenOS (in get config / syslog format), Cisco ASA (show run / syslog format), 360-FAAR compares firewall policies and uses CIDR and text filters to split rulebases / policies into target sections and identify connectivity for further analysis. 360-FAAR supports, policy to log association, object translation, rulebase reordering and simplification, rule moves and duplicate matching automatically. ...

Perl logfile analyzer for DELL Sonicwall Firewall logfiles. This Perl program (Windows /Linux / Mac), creates an HTML file containing: hits per protocol, mean, median and variance on hourly and weekday basis, RBL statistics, IPS stats, VPN stats, virus stats, surfing statistics, CFS blocked sites stats.

CACANMS is an acronym for Computer Aided Campus Area Network Management System. The system consists of software components and a library of about 60 classes. It is divided into three types of subsystems which reside on different servers and communicate.

DNS multiplexer. It redirect, send hostname labels, access or denied DNS packet by hostname.

chainssh is a shell script to smplify the ssh login via multiple sshgateways/firewallgateaways. e.g. connect from homehost via sshgateway to a clusternode with one command.

PFL can either operate as a stand-alone firewall log parser or set up to run and configure ipfw. The major focus is parsing, compressing, and filtering *NIX (to include Mac OSX) firewall logs generated by IPFW for quick and easy admin review.

A lightweight, compact, stand-alone, platform-independent application to forward TCP (over IPv4 or IPv6) connections to another host. Possible uses include - but not limited to - firewall hacking, tunneling, proxying, fortifying ADSL, creating multi-plat

Siganture Translator is a Java application which can translate signatures between different IDS's and Common Intrusion Detection Signatures Standard (CIDSS).

The program implements the CIDR merging with whitelisting (network exclusion). Output will be summarized to be as small as possible. The program has been widely used for blacklist merge and optimization.

Tool for use with IPFilter to do "port knocking" and grey-list filtering of SMTP connections.

This script reads your iptables-based firewall configuration and displays your rules in the order in which packes will actually traverse them. Output is intuitive while closely resembling that of iptables-save, and indicates table ownership of rules, etc

Forwards non-NTLM HTTP client requests to an NTLM proxy server (ie. Microsoft IAS). Can also forward a local port to a remote machine.

PacketFlow is a command line utility that processes an XML configuration to generate a set of firewall rules. It is intended to be installed and run directly on the firewall itself. PacketFlow was designed to deal with complex configurations.

Auto Proxy Filter Test (APFT) automates the testing of safe and unsafe URLs against a content filtering proxy (such as Dansguardian) and helps prevent regressions. APFT is useful to people who are designing filter rules.

InSecT - Invincible Security Technology - an intelligent firewall and intrusion detection system

Frankenwall is a bash shell script intended to create a highly secure IPTables based linux firewall/router with QOS/traffic shaping/bandwidth management. Be certain you know EXACTLY what your network needs before using Frankenwall. Wimps need not apply.

IP Blocker is an incident response tool that automatically updates access control lists on Cisco routers and other devices. Web and command line interfaces are both supported, as is logging, email notification, and automatic expiration of blocks.