The doorman guards the door of a server, manipulating firewall rules to admit only recognized parties. Allows Silent Running - a server with all ports CLOSED. Linux-BSD-OSX server & client; C source & docs + Windows client binary. GPL.
Simple TDI-Based Open Source Personal Firewall for Windows NT4/2000/XP/2003
inundator is a tool used to anonymously inundate intrusion detection logs with false positives to obfuscate a real attack, leaving the IDS analyst feeling completely inundated.
Bait and Switch combines IDS tech (Snort primarily) and Honeypots into a new, more valuable, reactive system. After receiving an alert, B&S protects your server by silently redirecting hostile traffic to a honeypot while leaving other traffic alone.
TRAP is a very innovative and advanced transparent proxy that verifies the integrity of your network communication. It offers a custom scripting language that allows the user full control over the decision making process.
efw-toolbox. Is a collection of applications/scripts and other odds and ends that are useful to have. These are currently not available in the current Endian Firewall Project. This project is intended to work alongside with Endian Firewall project .
Qtfw is a Qt gui frontend for ipfw utility in FreeBSD. It helps configuring firewall in FreeBSD with a nice and comprehensive user interface.
SSHgate is a small daemon that transparently routes packets across SSH encrypted tunnels.
Traffic shaper for vpn, poptop, etc., using iproute2
AAFW(AntiAttackFireWall) is an isapi to protect IIS 5/6 from SQL injection.
iptables based firewall for Linux
LogCop is a set of turn-key bash/firewall/awk scripts for enhancing an IDS. It monitors system logs and blocks IP addresses based on such criteria as illegal user names from repeated attacks. In production under Linux, FreeBSD, OS X, Solaris.
M0n0wall currently doesn't support IPSEC VPN where one or both ends are dynamic IP addresses. This PHP script along with the dynamic DNS service built into m0n0wall, auto-updates the remote gateway IP address in the VPN configuration.
Mini OpenBSD Router/Firewall/Gateway with openssh, altqd, pfctl (firewall+nat), routed, snmpd, oidentd, simple shell menu config,multi user & wireless support. Fit on 8MB flashdisk & 24 MB ram.
PktFilter is a software that can configure the IPv4 filtering device driver found in Windows 2000/XP/Server 2003, with filtering rules following a syntax similar to IP Filter.
Pothos is an iptables log analyzer. It is used to interpret, in a user-friendly fashion, the logs that ulogd creates with it's MySQL plugin. It's main objective is to be efficient, leaving as small a foot-print as possible.
Enables access to SSH Shell and File Transfer services using a web browser. Java Servlet application uses pure HTML to provide access to SSH services.
Simplest Firewall is a set of scripts that allow a beginner turn ON a rasonable firewall into a linux box to share an ADSL/Cable Internet access: 1. Destop to Internet 2. LAN to Internet 3. LAN to Internet + DMZ 4. Internet Appliance (Proxy+DNS+DHCP)
A package of scripts to watch for snort alerts, change / create firewall rules to block high priority alerts, and record recent blocks. It will increase block times based on previously recorded blocks
Telnet over HTTP proxy. Allows users behind firewalls to tunnel Telnet sessions over a HTTP connection. Server uses Java servlets with a Java or C# client.
UNIX billing system, for network servers, voip, etc.
The VII is intended to be used in firewall/IPS testing and stressing testing by simulate IP/TCP/ARP/... packets. VII is a c script based tool which can send any kinds of customized packets. It support random protocol/port/ip.
Single floppy or compact flash based firewall for home DSL / cable modem users based on PicoBSD. Platforms includes embedded PCs with or without video and keyboard support such as the Soekris Net4501 as well as old PCs.
A Free SOCKS proxy server for Linux, macos and FreeBSD