Robust and flexible VPN network tunnelling
OpenVPN is a robust and highly flexible tunneling application that uses all of the encryption, authentication, and certification features of the OpenSSL library to securely tunnel IP networks over a single TCP/UDP port. Discussion forums and project wiki can be found here: https://forums.openvpn.net/ http://community.openvpn.net/openvpn
Fail2Ban monitors log files like /var/log/pwdfail or /var/log/apache/error_log and bans failure-prone addresses. It updates firewall rules to reject the IP address or executes user defined commands. Please see code and download from https://github.com/fail2ban/fail2ban . SF Fail2ban portal might not be up-to-date
A Free SOCKS proxy server for Linux, macos and FreeBSD
Smoothwall is a best-of-breed Internet firewall/router, designed to run on commodity hardware and to provide an easy-to-use administration interface to those using it. Built using open source and Free software, it's distributed under the GNU Public License.
Prevent and Protect Your HTML5 Video, Music , Audio From Download Free
Defa Protector is A Simple PHP and Wordpress Plugin To Protect and Prevent Video Save As From Browser and Some Video Grabber. There is 100% Guaranteed Protection and There might be some tradeoff but If you care about Digital Rights Management of Your Video and Music Content. This Project is for you. Defa Protector 6.7.1 Revamp Code For Better Performance To The Bone. We almost rewritten this project from scratch.
shell program to automatically configure freebsd as a firewall
This shell program automatically configures freeBSD 9.1 and above as a firewall with only 2 answers from the user. The main goals of this program are minimal user input, ease of use and sensible security defaults. It's written for the sh shell included in freeBSD by default.
Intelligently block brute-force attacks by aggregating system logs
SSHGuard protects hosts from brute-force attacks against SSH and other services. It aggregates system logs and blocks repeat offenders using several firewall backends, including iptables, ipfw, and pf.
OpenCaptive is Simple Captive Portal, running in OpenBSD with Pf Firewall, with PHP and MySQL, support transparent proxy squid, and squidguard optionally.
Fireball ISO Builder is a VMWare virtual appliance that builds a security-hardened LiveCD image, based on Hardened Gentoo Linux. It may be optionally encrypted to protect the contents. The original intent of the project is focused on providing security and networking services to a network, but the appliance can be customized in almost limitless ways to build bootable ISOs that can do many different things.
Please see http://firehol.org/ for up-to-date releases and information. FireHOL is a stateful iptables packet filtering firewall configurator. It is abstracted, extensible, easy and powerful. It can handle any kind of firewall, but most importantly, it gives you the means to configure it, the same way you think of it.
360-FAAR Analyze FW1 Cisco Netscreen Policy Offline Using Config/Logs
360-FAAR (Firewall Analysis Audit and Repair) is an offline, command line, firewall policy manipulation tool to filter, compare to logs, merge, translate and output firewall commands for new policies, in Checkpoint dbedit, Cisco ASA or ScreenOS commands, and its one file! Read Policy and Logs for: Checkpoint FW1 (in odumper.csv / logexport format), Netscreen ScreenOS (in get config / syslog format), Cisco ASA (show run / syslog format), 360-FAAR compares firewall policies and uses CIDR and text filters to split rulebases / policies into target sections and identify connectivity for further analysis. 360-FAAR supports, policy to log association, object translation, rulebase reordering and simplification, rule moves and duplicate matching automatically. Allowing you to move rules to where you need them. Build new rulebases from scratch with a single 'any' rule and log files, with the 'res' and 'name' options. Switch into DROPS mode to analyse drop log entries.
FW1-Loggrabber is a command-line tool to grab logfiles from Checkpoint FW-1 remotely using Checkpoints LEA (Log Export Api), which is one part of Checkpoints OPSEC API.
track log files, block intrusions, and much more
Log2table allows you to continuously monitor your logfiles. You can trigger actions when a specific message comes in your audited logfiles or when a specific number of occurences are present.
A java PCAP and DPI library
A java wrapper for popular "libpcap" and "WinPcap" libraries. Accurate full API translation. Packet buffers delivered with no copies. Send custom packets, gather statistics. Comprehensive and easily extensible DPI engine.
VTun is the easiest way to create Virtual Tunnels over TCP/IP networks with traffic shaping, compression, and encryption. It supports IP, Ethernet, PPP and other tunnel types. VTun is easily and highly configurable. VPN, Mobile IP, Shaping, etc
HTTP proxy to block ads and customize webpages
Privoxy is a non-caching web proxy with advanced filtering capabilities for enhancing privacy, modifying web page data and HTTP headers, controlling access, and removing ads and other obnoxious Internet junk. Privoxy has a flexible configuration and can be customized to suit individual needs and tastes. It has application for both stand-alone systems and multi-user networks.
Open source voucher management / hotspot system
OpenVoucher is an open source voucher management / hotspot system for authenticating guests in your wifi or cable network. It is designed to be easy to use for anyone who wants to issue vouchers. For further information and installation how to's, see the project's homepage. The source code is maintained on Github.
Anoubis is a Security Suite which implements a secured environment for applications. The core of the suite is an Application Firewall alongside with a Sandbox. Mechanisms to assure the authenticity of files, directories and applications are provided.
CD-ROM Firewall is a Red Hat/Centos (yum based install) based firewall that boots off a CD-ROM. Utilizing a headless, diskless computer it can provide services such as network address translation (NAT), virtual private network (VPN), ADSL connnectivity,
QtGuard is a user-friendly frontend for Linux iptables. Wizards are used to configure firewall for different network infrastructure. Snort will be used to increase the security of the firewall where necessary.
IDS + IPS for RouterOS (mikrotik)
This project reads logs from your mikrotik firewall and creates an address list with detected attackers
Guarddog is user friendly firewall management utility for KDE on Linux. It allows you to simply specify which protocols should be allowed between which groups of computers and requires no knowledge of port numbers or packets. Uses ipchains or iptables.
sshh allows you to make a persistent tcp connection (tunnel) over an http proxy. Once you have it set up, you can make new connections from either end. Similar in concept to httptunnel but more versatile and scalable.
PHP front-end to generic TCP/IP packet filter configuration.
You do a command like this... iptables-port-forward.sh eth0 188.8.131.52 80 eth1 192.168.0.1 80 And all request that came to you over eth0/ip 184.108.40.206 will be user-transparent forwarded to 192.168.0.1:80 via eth1