Fail2Ban monitors log files like /var/log/pwdfail or /var/log/apache/error_log and bans failure-prone addresses. It updates firewall rules to reject the IP address or executes user defined commands. Please see code and download from https://github.com/fail2ban/fail2ban . SF Fail2ban portal might not be up-to-date
A command line tool that allows you to (live) analyze netfilter (iptables) log files. It provides a nice output and has features like displaying hostnames, duplicate detection... More info (+ screenshots) can be found in the pdf inside the tarball.
Etherwall is a free and open source network security tool that prevents Man in The Middle (MITM) through ARP Spoofing/Poisoning attacks. It Also prevent it from various attacks such as Sniffing, Hijacking, Netcut, DHCP Spoofing, DNS Spoofing, WEB Spoofing, and others. Note: For personal computer use only (client security) if you like this program, please give us your vote at http://sourceforge.net/projects/etherwall/reviews/
PacketFlow is a command line utility that processes an XML configuration to generate a set of firewall rules. It is intended to be installed and run directly on the firewall itself. PacketFlow was designed to deal with complex configurations.
Exploit any network and website using Denial Of Service Attack
It's a very fast generator of packets TCP,UDP and ICMP to exploit any network and website. THE PROGRAMMER IS NOT RESPONSIBLE OF THE ACCIONS YOU WILL DO WITH THIS.
deface-no-tnx is an anti-defacement system that monitors your Web files and notifies you about unallowed changes. It also replaces the defaced page with a standard "error" page,so that no offensive/joking content can be frauodolently added to your site
GNOME Blocklist is a GNOME interface and backend for Linux P2P blocklist software like moblock and peerguardian. It provides a preference panel, notification icon and dbus daemon.
A firewall is used to control access to services (eg proxy) depending on the time of day, the day and the hosts the requests come from -- as the need may arise in a school or university. A web interface delegates control of activation to authorized users.
Web interface for UFW, the built-in firewall in Ubuntu. UFW it self is built on iptables. With ufw2web, it is possible to enable or disable the firewall and view status.
TPCAT is based upon pcapdiff by the EFF. TPCAT will analyze two packet captures (taken on each side of the firewall as an example) and report any packets that were seen on the source capture but didn’t make it to the dest. See docs for info.
High interaction honeypot solution for Linux based systems
NOTICE: The format of this project has been changed from ISO to using ansible and has been moved to GitHub. Github link: https://github.com/Bifrozt/bifrozt-ansible
The PyGuard Firewall is a Linux firewall distribution. It is geared towards home, SOHO and small business users. The main difference with existing firewalls is that the PyGuard interface will be very user-friendly and task-based. The firewall can be rem
PySocks - a platform independent SOCKS proxy written in Python Do you share an DSL or cable connection between several computers? With PySocks you'll be able to use all features of ICQ, MIRC, Napster and such again!
DAXFi is a Python package that helps configure several different kinds of firewalls in a consistent way. The rules are described in XML. It comes with a Python package, useful to build other applications and includes some useful example programs.
Actim is an application written in python that allows sending/receiving files and calling command lines via email. (under GPL license) For example, if your home PC does not have any access to your office workstation which is behind the company firewall.
jennifer is an educational (albiet oddly named) firewall/NAT script generator, written in python, targetted at linux+iptables systems. It is intended to both (a) generate practical and useful configurations, and (b) demonstrate the concepts involved in TO
This toolkit will provide seemless backend support for multiple Firewall and IDS systems deployment. The initial release will only support Snort and FreeBSD\\\'s ipfw, but future releases will expand the firewall selection. The main code is Python,
CompactBSD is a powerful set of tools that allow you to build your own customized, lightweight distribution of OpenBSD and then burn it onto compact flash so that it can be run on an embedded PC platform such as FatPort's FatPoint (www.fatport.com)
Live Security/Forensics Linux Distribution, built from scratch and packed full of tools useful for vulnerability analysis, penetration tests, and forensic analysis.
Official unofficial Zorp home - several enhancements to Zorp
configuration tool for IP Tables
3ff aims to provide a full features gateway for home or small office use. This distro is totaly modular and try to be secure as possible.
Iptables Firewall GUI for Gnome, making firewalls Easy
Mailchecker will (in time) check mail for 'safe' content. 'unsafe' content (e.g. attachments that may contain viruses) will be stopped or converted to 'safe' formats.
Firewall configuration and monitoring suite for iptables to include:  GUI to aid in rapid configuration,  VPN to provide secure configuration and monitoring from remote access points,  Firewall Sensors used for monitoring state.