The goal of FireStarter is to provide easy to use, yet powerful, graphical tools for setting up, administrating and monitoring firewalls for Linux machines.
Please see http://firehol.org/ for up-to-date releases and information. FireHOL is a stateful iptables packet filtering firewall configurator. It is abstracted, extensible, easy and powerful. It can handle any kind of firewall, but most importantly, it gives you the means to configure it, the same way you think of it.
The WiFi Guard Dog project is a complete and embeddable captive portal solution for wireless community groups or individuals who wish to open free HotSpots while preventing abuse of their connection. Go to dev.wifidog.org to download the latest version.
Anti Spam SMTP Gateway
[antispam] MailCleaner is an anti-spam / anti-virus filter SMTP gateway with user and admin web interfaces, quarantine, multi-domains, multi-templates, multi-languages. Using Bayes, RBLs, Spamassassin, MailScanner, ClamAV. Based on Debian. Enterprise ready. MailCleaner is an anti spam gateway installed between your mail infrastructure and the Internet. It includes a complete GNU/Linux OS and a graphical web interface for user and administrative access. It comes in the form of virtual machine templates.. - fully compatible with any SMTP mail server (Exchange, Zimbra,...) You can install now MailCleaner within the following virtual environments: qcow2 (KVM, Proxmox, OpenStack, Xen) vhd (Hyper-V, VirtualPC) vmdk (VMware ESXi, Workstation, VMware Fusion) ova (VM Standard, supported by most hypervisor) Dedicate a server to MailCleaner, and you will have a working professional mail filter in less than an hour.
GreenSQL is a database firewall engine used to protect Open Source Databases from SQL injection attacks. It works in proxy mode. Application logics is based on evaluating of SQL commands using risk score factors, as well as blocking of sensitive commands
Robust and flexible VPN network tunnelling
OpenVPN is a robust and highly flexible tunneling application that uses all of the encryption, authentication, and certification features of the OpenSSL library to securely tunnel IP networks over a single TCP/UDP port. Discussion forums and project wiki can be found here: https://forums.openvpn.net/ http://community.openvpn.net/openvpn
Detect Flooder IPs, Reduce Attack Surface against HTTP Flood Attacks
This module provides attack surface reduction enhancements against the HTTP Flood Attacks at the web application level. Massive crawling/scanning tools, HTTP Flood tools can be detected and blocked by this module via htaccess, firewall or iptables, etc. (like mod_evasive) You can use this module by including "iosec.php" to any PHP file which wants to be protected. You can test module here: http://www.iosec.org/test.php (demo) Watch the Proof of Concept video: http://goo.gl/dSiAL Hakin9 IT Security Magazine Article about IOSEC http://goo.gl/aQM4Di (different format -> http://goo.gl/JKMUPN) IJNSA Article at http://goo.gl/LLxRdX WP Plugin Page http://goo.gl/nF5nD CHANGES v.1.8.2 - Iptables Auto Ban Bash Script Included - Token Access via Implicit Deny - Reverse Proxy Support - reCAPTCHA Support IOSEC is used by over 15.000 sites in 2013! Do you want more features? Check for third party addons http://sf.net/projects/iosecaddons Gökhan Muharremoğlu
Enables tunneling of network connections through restrictive HTTP proxies. Features: Portmapping, SOCKS4, SOCKS5, web-based admin interface, possibility to use standalone server (perl) or hosted server (PHP), optional authorization from LDAP or MySQL
A simple captive portal
Jkaptive is a simple captive portal without RADIUS and thus, without total security, but at the same time. without too much hassle. The reason behind this is because a lot of site administrators don't need tight security - their site is just a café which offers free internet access on an unsecured WLAN access point connected to the internet and they need a ticketing system to make it cumbersome for average people to use this offering without actually buying a single coffee. Jkaptive itself just presents the login page,checks the token and places netfilter rules. Telling apart ticketed from unticketed traffic is done through Linux' netfilter. As no proxy server is involved, jkaptive has no performance penalty, nor does it create problems with non-http traffic. Once the token is accepted, jkaptive is out of the way of any network packets completely. For presenting the login page, jkaptive has a built-in webserver, so no additional webserver application is needed.
Etherwall is a free and open source network security tool that prevents Man in The Middle (MITM) through ARP Spoofing/Poisoning attacks. It Also prevent it from various attacks such as Sniffing, Hijacking, Netcut, DHCP Spoofing, DNS Spoofing, WEB Spoofing, and others. Note: For personal computer use only (client security) if you like this program, please give us your vote at http://sourceforge.net/projects/etherwall/reviews/
DNS multiplexer. It redirect, send hostname labels, access or denied DNS packet by hostname.
ProxyDNSFilters are two tools that can be useful for web filtering: a custom filtered DNS relay server and a custom filtered Proxy server. (filtering by custom IPs, MACs and sites). Basic SOCKS v4 & v5 is also supported. Useful for schools or libraries.
Patch to integrate URL Filter in IPCop 2.0.6
Patch by RotAn-CoMon (Antonello Rotolo) vice-administrator of the community IPCop Italia - http://forum.ipcop.pd.it - http://forum.ipcopitalia.com/ Web Site: http://www.antonellorotolo.it - http://antonellorotolo.altervista.org watch the video tutorial of "How to Install Patch"!! http://youtu.be/HvjisTiRHeU Read the README.txt first! http://sourceforge.net/projects/ipcop2urlfilter/files/ For any problem, contact me!! - firstname.lastname@example.org or visit our community!! http://forum.ipcop.pd.it - http://forum.ipcopitalia.com/
Sonicwall Configuration File Reader
SonicReader is used to view and save reports of the internals of a Sonicwall Configuration file. This is useful for those people that wish to know the settings within their saved Sonicwall Configs. I have no affiliation with Dell Sonicwall. Please do not contact Dell Sonicwall regarding the use of this program.
The Distributed Intrusion Detection System.
THIS PROJECT IS UP FOR GRABS. PLEASE CONTACT ME FOR TAKING OVER THIS PROJECT. This is program to allow users behind a HTTP proxy like squid to use applications like telnet,ssh, irc, fetchmail etc as if they were directly connected to the internet.
An iptables based firewall for systems running the Linux 2.4 or later kernel. Very flexible configuration allows the firewall to be used in a wide variety of firewall/gateway/router and VPN environments.
A firewall configuration project based on Linux 2.6.x and iptables. It has a web interface with an intuitive Webmin module, or you can edit a XML file. You can define the different firewall elements (zones, hosts, networks) and then set the services
A Linux port of the OpenBSD/FreeBSD Cryptographic Framework (OCF). This port aims to bring full asynchronous HW/SW crypto acceleration to the Linux kernel, OpenSwan, OpenSSL and applications using DES, 3DES, AES, MD5, SHA, PublicKey, RNGs and more.
ISP-fW is a firewall script that provides port forwarding, packet filtering, stateful packet inspection, port redirection, masquerading, SNAT/ DNAT, TOS, and never the last it generates htb rules for bandwich management. Includes: htb-tools, mipclass
The WRT54GL Tarifa enhanced firmware. Linksys WRT54G/WRT54GS models V1 to V4 and the WRT54GL V1.x This Third Party Firmware is functionaly the same as the original, the improvements are to make this router more scaleable, by increasing the capacity.
CartoReso intends to facilitate enterprise computer network mapping.
This project consist of a simple framework for creating and managing access rules for the Squid proxy server.
OPNsense is an open source, easy to use firewall and routing platform
OPNsense is an open source, easy to use and easy to build FreeBSD based firewall and routing platform. OPNsense includes most of the features available in expensive commercial firewalls, and more in many cases. Mission statement of the project: "Give users, developers and businesses a friendly, stable and transparent environment. Make OPNsense the most widely used open source security platform."
TuxGuardian is an application-based firewall with a graphical interface. It's main task is to control and forbid transmission & reception of data by unauthorized applications; it can be thought as the Linux equivalent to apps such as ZoneAlarm and Kerio