PortListener is a utility for validating TCP and UDP ports across a network. Put PortListener on two hosts and verify that specific ports are open (or closed).
"stealth my bugs" is another type of scalable firewall, additionally type. It could not replace other systems like iptables or equivalent. Written in perl by using minimal requirements, it grants maximum usuability.
sddelta shows the differences in the configuration of SmartDefense between two exports from a Check Point NGX SmartCenter. sddelta requires Perl and has only been tested on Linux so far.
nagios plugins, ssh, apache etc.
PHANTUM - Punch-Hole Access for NAT Traversal of UDP in a Module; Built on top of Samy Kamkar's 'chownat' script, PHANTUM allows for pure client-agnostic TCP services to be tunneled over UDP and hosted behind NAT infrastructures.
PFL can either operate as a stand-alone firewall log parser or set up to run and configure ipfw. The major focus is parsing, compressing, and filtering *NIX (to include Mac OSX) firewall logs generated by IPFW for quick and easy admin review.
Script is a simple script that does MAC Address filtering and adding static addresses to dhcpd.conf file if desired.
Perl logfile analyzer for DELL Sonicwall Firewall logfiles. This Perl program (Windows /Linux / Mac), creates an HTML file containing: hits per protocol, mean, median and variance on hourly and weekday basis, RBL statistics, IPS stats, VPN stats, virus stats, surfing statistics, CFS blocked sites stats.
These three tools build Checkpoint, Cisco ASA or Netscreen policys from logfiles. They write dbedit, access-list or set address, set service and set policy commands for the traffic seen in the logs, that can be cut and pasted into the firewalls. WOOT
Firewall Rulebase Analyser
Simple Wireless authentication system for ISPs, with a dynamic bandwidth limitation option, simple management web interface and web based authentication form for the customers.
PACtory is a highly customizable way for handling proxy configuration settings with a dynamically created .pac-File, also known as "Windows Proxy Auto Detection" or "wpad.dat"-File, which is generated on the fly while the client is requesting it.
inundator is a tool used to anonymously inundate intrusion detection logs with false positives to obfuscate a real attack, leaving the IDS analyst feeling completely inundated.
Disconnect your children from the Internet after bedtime.
Bedtime controls the bedtime of your children by automatically disconnecting their devices from your Internet connection. It does this by replacing your ISP router as the source of IP addresses, which allows it to learn all the devices on your network and control their access. Parents can log into a web interface, link devices to children and set their bedtimes for school nights and weekends. Misbehaving children can be grounded or children's access can be extended as a reward.
iptables generation tool for large linux networks
iptablesbuild is designed to manage iptables configurations across a large network of linux systems. It functions by the use of a global configuration file in a central location to generate iptables configurations. This is intended for use in combination with an existing Configuration environment.
Next Generation Open Source Firewall
Netdeep Secure is a Linux distribution with focus on network security. Is a Next Generation Open Source Firewall, which provides virtually all perimeter security features that your company may need. It offers Web content filters, ensuring better performance of the network, allowing users to use the service efficiently and securely, providing a deep control of the use of the Web access service, blocking access to unwanted websites, Virus, Spam, Applications and intrusion attempts. Its configuration is made entirely by the web interface.
Extract and Convert Juniper Firewall Policies to CSV
Perl script that connect via SSH to your Juniper SRX firewall and extract the firewall rules, Parses them and produces a local csv file for import into excel. Written to fill a requirement, If you fix it or make it better please let me know?
pfck - pf check - organizes flow information by host
pfck is a perl script that reads the state table of pf and reports back flows based on a supplied port number. pfck is very handy in ddos attacks to identify who's hitting a host or network on a particular port service, and who they are specifically hitting.
FWReport is a log parser and reporting tool for IPTables. It generates daily and monthy summaries of the log files, allowing the admin to free up substantial time, maintain better control over security of the network, and reduce unnoticed attacks.
SSPE: Simple Security Policy Editor is a simple distributed firewall with an central ascii administration. It uses two plain manually edited ascii-files and some other, static files for each of the target-machines to generate iptables.
LanBiz is a free, Open Source Server Suite, mostly fitted for SOHO (Small Office/Home Office) environments. The final LanBiz will include: an internet gateway/firewall, proxy, mail, file/print, fax/telephony server and more!
This Daemon written in Perl, logs FreeBSD ipfw ip accounting counters every X seconds/minutes, so after rebooting, crashing, flushing, zero out your ipfirewall table, you don't loose any mayor traffic information.
BBStatus is an IP accounting and an SNMP and IP monitoring tool for Linux. It collects, summarizes, and displays the values from its database.
NTNS,Net To Net Security. It\'s job is to handle authentication for users that want to access other networks than the one it\'s connect to. Primarly made with wireless networks in mind. Authentication can be done with either text file, mysql db or ldap
Compact FreeBSD distribution for flash card based wireless boxes.