Linux firewall distribution geared towards home and SOHO users.
The IPCop Firewall is a Linux firewall distribution. It is geared towards home and SOHO users. The IPCop web-interface is very user-friendly and makes usage easy.
Smoothwall is a best-of-breed Internet firewall/router, designed to run on commodity hardware and to provide an easy-to-use administration interface to those using it. Built using open source and Free software, it's distributed under the GNU Public License.
Advanced Onion Router is a portable client for the OR network and is intended to be an improved alternative for Tor+Vidalia+Privoxy bundle for Windows users. Some of the improvements include UNICODE paths, support for HTTP and HTTPS proxy protocols on the same Socks4/Socks5 port with HTTP header filtering that generates fake identity-dependent headers every time the identity is changed (proxy chains are also supported), support for NTLM proxies, a User Interface that makes Tor's options and actions more accessible, local banlist for forbidden addresses, private identity isolation, a point-and-click process interceptor that can redirect connections from programs that don't support proxies, also giving them fake information about the local system and support for .onion addresses. Also, it can estimate AS paths for all circuits and prevent AS path intersections, it can restrict circuits to be built using only nodes from different countries, can change circuit lengths and more.
Manage port forwardings via UPnP
The UPnP PortMapper can be used to easily manage the port mappings/port forwarding of a UPnP enabled internet gateway/router in the local network.
HTTP proxy to block ads and customize webpages
Privoxy is a non-caching web proxy with advanced filtering capabilities for enhancing privacy, modifying web page data and HTTP headers, controlling access, and removing ads and other obnoxious Internet junk. Privoxy has a flexible configuration and can be customized to suit individual needs and tastes. It has application for both stand-alone systems and multi-user networks.
PeerGuardian - a privacy oriented firewall application
PeerGuardian is a privacy oriented firewall application. It blocks connections to and from hosts specified in huge blocklists (thousands or millions of IP ranges). Its origin seeds in targeting aggressive IPs while you use P2P. PeerGuardian Linux: Actively developed. However the team is very small and with few spare time. Contributors are welcome! Peerguardian OS X: Not developed anymore. We've lost contact with the OS X developer. New contributors are welcome! PeerGuardian Windows: Not developed anymore. It's highly recommended to use PeerBlock instead, which is a continuation of PeerGuardian's development in Windows, with bug fixes and support for Windows Vista and Windows 7. New contributors and/or collaboration with peerblock.com are welcome! PeerGuardian is an open project. Not only is its source code open for you to read, use, and modify - but the project is open for you to join and contribute in any form (code, documentation, bug reports, web and support).
Firewall Builder is a GUI firewall management application for iptables, PF, Cisco ASA/PIX/FWSM, Cisco router ACL and more. Firewall configuration data is stored in a central file that can scale to hundreds of firewalls managed from a single UI. A message from project maintainers: After working on Firewall Builder for many years it is with some sadness that Vadim and I are announcing that we have suspended all development activity for this project. Firewall Builder has been a great project to work on and we have truly appreciated all the support and positive feedback that the user community has provided. Without you we wouldn’t have been able to keep things going this long. You might be wondering why we are doing this... We had an exciting opportunity come up to start a company developing advanced security automation solutions. This was a chance of a lifetime that we just couldn’t pass up and unfortunately it means that we no longer have time available to work on improv
Blocks "known bad" IP-addresses from accessing your machine, especially corporate/governmental agencies. This is a fork of PeerGuardian 2, fixing various Vista/Win7 problems.
A powerful network security tool, easy, safe and totally free.
BrazilFW is a mini Linux distribution designed to be used as a Firewall and Router that runs easily on older computers. An old PC running BrazilFW is much more powerful and efficient than commercial software for routing in offices and residences running on a "powerful" computer. BrazilFW is based on Coyote Linux, which was designed by Joshua Jackson who discontinued Coyote Linux in version 2.24 in August 2005. In that same month comes on the scene BrazilFW Firewall and Router (BFW) with version 2.24, which is led by "Claudio" and "Marcelo - Brazil", running only on floppy disks, and being 2.30.1 the last version with this support . The following versions, as well having automatic detection of network cards, only run on large capacity media, such as hard disk (HD). Versions in Development: * 2.33.x: Uses kernel 2.4.x and is developed by Marcinho Samurai. * 3.x: Uses kernel 4.x and is developed by WoshMan
Endian Firewall Community (EFW) is a "turn-key" linux security distribution that makes your system a full featured security appliance with Unified Threat Management (UTM) functionalities. The software has been designed for the best usability: very easy to install, use and manage and still greatly flexible. The feature suite includes stateful packet inspection firewall, application-level proxies for various protocols (HTTP, FTP, POP3, SMTP) with antivirus support, virus and spam-filtering for email traffic (POP and SMTP), content filtering of Web traffic and a "hassle free" VPN solution (based on both OpenVPN and IPsec).
A java PCAP and DPI library
A java wrapper for popular "libpcap" and "WinPcap" libraries. Accurate full API translation. Packet buffers delivered with no copies. Send custom packets, gather statistics. Comprehensive and easily extensible DPI engine.
Xtables-addons is a package that obsoletes the old patch-o-matic repository for the Linux kernel and iptables. Instead of patching the kernel source, extensions are built as modules and thus allow extending kernels without recompilation.
VTun is the easiest way to create Virtual Tunnels over TCP/IP networks with traffic shaping, compression, and encryption. It supports IP, Ethernet, PPP and other tunnel types. VTun is easily and highly configurable. VPN, Mobile IP, Shaping, etc
BASE is the Basic Analysis and Security Engine. It is based on the code from the Analysis Console for Intrusion Databases (ACID) project. This application provides a web front-end to query and analyze the alerts coming from a SNORT IDS system.
Those who have read past the "Malware" warning can be assured there is absolutely no malware in this OS or in the download. This warning comes from the "netcat" binary included in the download as a DOS time client. Unfortunately netcat has code that is flagged as malware. FREESCO, a NAT/firewall router/server based on Linux and runs on a single 1.44MB floppy. Freesco is very powerful and versatile and can connect multiple home or small office networks to most types of Internet connections including dialup.
SS5 is a socks server for Linux, Solaris and FreeBSD environment, that implements the SOCKS v4 and v5 protocol.
Siproxd is a proxy/masquerading daemon for the SIP protocol. It allows SIP clients (softphones & hardphones) to work behind an IP masquerading firewall or router.
wipfw - IPv4 packet filter and traffic shaper for Windows based on IPFW (FreeBSD firewall).
ModSecurity is a web application firewall that can work either embedded or as a reverse proxy. It provides protection from a range of attacks against web applications and allows for HTTP traffic monitoring, logging and real-time analysis.
Enables tunneling of network connections through restrictive HTTP proxies. Features: Portmapping, SOCKS4, SOCKS5, web-based admin interface, possibility to use standalone server (perl) or hosted server (PHP), optional authorization from LDAP or MySQL
A Linux port of the OpenBSD/FreeBSD Cryptographic Framework (OCF). This port aims to bring full asynchronous HW/SW crypto acceleration to the Linux kernel, OpenSwan, OpenSSL and applications using DES, 3DES, AES, MD5, SHA, PublicKey, RNGs and more.
Fail2Ban monitors log files like /var/log/pwdfail or /var/log/apache/error_log and bans failure-prone addresses. It updates firewall rules to reject the IP address or executes user defined commands. Please see code and download from https://github.com/fail2ban/fail2ban . SF Fail2ban portal might not be up-to-date
The WiFi Guard Dog project is a complete and embeddable captive portal solution for wireless community groups or individuals who wish to open free HotSpots while preventing abuse of their connection. Go to dev.wifidog.org to download the latest version.
A client for the MikroTik RouterOS API protocol, written in PHP.
A client for the MikroTik RouterOS API protocol, written in PHP. Easy, tested and documented. All feedback welcomed.
The goal of FireStarter is to provide easy to use, yet powerful, graphical tools for setting up, administrating and monitoring firewalls for Linux machines.