bastion-firewall is a Netfilter based firewall for Linux. It can generate graphical stats of all the rules traffic in the firewall with Rrdtool and it's integrated with the Snort Inline IPS. It's written in the bash and C programming languages.
The doorman guards the door of a server, manipulating firewall rules to admit only recognized parties. Allows Silent Running - a server with all ports CLOSED. Linux-BSD-OSX server & client; C source & docs + Windows client binary. GPL.
Bait and Switch combines IDS tech (Snort primarily) and Honeypots into a new, more valuable, reactive system. After receiving an alert, B&S protects your server by silently redirecting hostile traffic to a honeypot while leaving other traffic alone.
Fotia is a simple, but very easily extendable and customizable firewall script written in PERL.
The Netbios Share Samba Scanner scan C classes and reveal all open shares. It will tell you all the information and even show the content of the shares. It will also show you shares that are not accessible.Also provide a username and password to it. To know more about SecPoint IT security solutions visit us at www.secpoint.com
inundator is a tool used to anonymously inundate intrusion detection logs with false positives to obfuscate a real attack, leaving the IDS analyst feeling completely inundated.
Nebula automatically generates intrusion signatures from attack traces. It runs as a daemon accepting attack submissions from honeypots.
Udpproxy is very simple but usefull tool for udp traffic forwarding. Can be used if you can't or don't want to mess with kernel level forwarding.
The IP Personality project is a patch to the Linux kernels that adds netfilter features: it enables the emulation of other OSes at the network level, thus fooling remote OS detection tools such as nmap that rely on network fingerprinting.
Qtfw is a Qt gui frontend for ipfw utility in FreeBSD. It helps configuring firewall in FreeBSD with a nice and comprehensive user interface.
This Daemon written in Perl, logs FreeBSD ipfw ip accounting counters every X seconds/minutes, so after rebooting, crashing, flushing, zero out your ipfirewall table, you don't loose any mayor traffic information.
This is a C# deamon that implements the UPnP Internet Gateway Device specification (IGD) and allows UPnP aware clients, such as MSN Messenger or DirectPlay based applications to work properly from private networks.
A fast PPTP proxy for any BSD with OpenBSD packet filter installed. It handles multiple transparent bi-directional tunnels, and can be chained from one proxy to another over several servers.
jRouter is a Web-based Linux router management system. It's designed to be a simple all-in-one router setup and management utility. Allows configuration of network interfaces, dhcpd, iptables, port forwarding, IP/MAC address filters.
ReAIM is an AOL Instant Messenger Proxy for iptables-based firewalls. It allows direct connections to be made to hosts behind an address-translating firewall. MSN and Windows Messenger are also supported.
A package for encrypted IP over UDP tunneling. Can be used to build any range of VPN solutions. (Linux version)
LFR is a Linux/Netfilter based firewall/router on a single floppy disk. Think of it as a micro Linux distribution with a purpose. With LFR you can take that old 486 with 4 MB of RAM that you have in the closet and put it to good use. With a pair of ch
LrFW Is a Linux RAM Baised Firewall. A fully featured firewall and router with no moving parts to break. In the future I may also write an optional Cisco PIX translator and interface.
fudp simple udp flooding utility with some nice features.
efw-toolbox. Is a collection of applications/scripts and other odds and ends that are useful to have. These are currently not available in the current Endian Firewall Project. This project is intended to work alongside with Endian Firewall project .
Fireball ISO Builder is a VMWare virtual appliance that builds a security-hardened LiveCD image, based on Hardened Gentoo Linux. It may be optionally encrypted to protect the contents. The original intent of the project is focused on providing security and networking services to a network, but the appliance can be customized in almost limitless ways to build bootable ISOs that can do many different things.
Iroffer with mIRC-style DCC Server Protocol that might allow sends through firewalls without reconfigurations (and some more extra features)
SquidRestrict is a Web based tool that allows multiple time restrictions to be placed on internet usage for firewalls that use the Squid Web Cache (http://www.squid-cache.org/).
Live Security/Forensics Linux Distribution, built from scratch and packed full of tools useful for vulnerability analysis, penetration tests, and forensic analysis.
borpLAN: Basic Oppressof for Routed and Proxyed LAN. This software allow you to manage internet access into a small/scholastic network.