Honeybrid is a network application built to 1) administrate network of honeypots, and 2) transparently redirect live network sessions (TCP or UDP) from one primary destination host to a secondary destination host.
PktFilter is a software that can configure the IPv4 filtering device driver found in Windows 2000/XP/Server 2003, with filtering rules following a syntax similar to IP Filter.
Bandwidth Management Tools is a total bandwidth management solution for Linux and can be used for firewalling, traffic graphing, and shaping. It is not based on any currently-available bandwidth management software some ver advanced features.
This is a daemon that emulates Microsoft's Internet Connection Service (ICS). It implements the UPnP Internet Gateway Device specification (IGD) and allows UPnP aware clients, such as MSN Messenger to work properly from behind a Linux NAT firewall.
IPFC is a distributed management solution for security module (firewall, nids). Security module can be packet-filtering (ipfw,netfilter,ipf ...), NIDS or any other servers (syslog...) or embedded devices.
Hogwash is an inline packet scrubber that uses Snort's (www.snort.org) detection engine to drop malicious packets before they reach the target machine.
c# tool for generate wipfw batch script configurator
"WipFW Script Generator" is a tool implemented in C# to create a batch script to generate firewall configurations for WIPFW. "WipFW Script Generator" es una herramienta implementada en C# que crea un batch script para generar configuraciones para el cortafuegos wipfw.
A simple NAT(network address translator) for IPv6 (Linux only). Make sure if you really need it before using it. Functions: 1. IPv6 auto configuration; 2. TCP, UDP and ICMP-Echo port forwarding; 3. static port mapping for TCP and UDP.
Etherwall is a free and open source network security tool that prevents Man in The Middle (MITM) through ARP Spoofing/Poisoning attacks. It Also prevent it from various attacks such as Sniffing, Hijacking, Netcut, DHCP Spoofing, DNS Spoofing, WEB Spoofing, and others. Note: For personal computer use only (client security) if you like this program, please give us your vote at http://sourceforge.net/projects/etherwall/reviews/
Enables tunneling of network connections through restrictive HTTP proxies. Features: Portmapping, SOCKS4, SOCKS5, web-based admin interface, possibility to use standalone server (perl) or hosted server (PHP), optional authorization from LDAP or MySQL
iplist is a list based packet handler which uses the netfilter netlink-queue library (kernel 2.6.14 or later). It filters by IP-address and is optimized for thousands of IP-address ranges.
Server/client suite which provides per-user access control/firewall/QOS. Robust and high speed implementation is secure against MAC/IP spoofing, and can scale to large networks with many clients. Options for additional monitoring and captive portal.
chainssh is a shell script to smplify the ssh login via multiple sshgateways/firewallgateaways. e.g. connect from homehost via sshgateway to a clusternode with one command.
iptables based port (service) traffic counter with accounting capabilities
A windows c++ program to test various libraries on various routers to forward ports on routers.
VMWare-based firewall for Windows
FPGA based hardware card which implements above 4 giga bps network traffic throughput under affordable hardware cost. With linux driver and kernel patch, software based IPTables/netfilter firewall can be easily upgraded to a multi-giga high end firewall.
Ruined stands for "Ruby Iptables Network Displayer". It outputs SVG graphs from an iptables configuration.
nf_quota is an ip-based traffic accounting project. IPs can be added to users. It provides a kernel module that hooks onto netfilter and counts every packet passing a specified interface. If the quota for a ip/user is exceeded, the packet is dropped.
The Plague provides a web UI to a MySQL db of parsed syslog data. The focus has been security reporting. The logs supported (so far) are NetScreen firewalls, Cisco routers and switches and PIXen, Gauntlet firewalls.
l7f stands for "Layer7Firewall" which is a firewall-system, that protects your application on any protocol and fits its security needs flexibly. It can be used for example as web-application firewall.
jIPFire is an easy-to-use basic Linux iptables generator written on Java. It has some ready, very basic and general, rules that can be applied, or just displayed, and it gives you also the ability to create your own custom iptables rules.
M0n0wall currently doesn't support IPSEC VPN where one or both ends are dynamic IP addresses. This PHP script along with the dynamic DNS service built into m0n0wall, auto-updates the remote gateway IP address in the VPN configuration.
GreenSQL is a database firewall engine used to protect Open Source Databases from SQL injection attacks. It works in proxy mode. Application logics is based on evaluating of SQL commands using risk score factors, as well as blocking of sensitive commands
The software package repository for <a href=http://sourceforge.net/projects/fsos>FsOS</a>, including EP80579 drivers, SempSec drivers, linux kernel patches and a lot of porting applications for FsOS