INSERT (the Inside Security Rescue Toolkit) aims to be a multi-functional, multi-purpose disaster recovery and network analysis system. It boots from a credit card-sized CD-ROM and is basically a stripped-down version of Knoppix. It features good hardware detection, fluxbox, emelfm, links-hacked, ssh, tcpdump, nmap, chntpwd, and much more. It provides full read-write support for NTFS partitions (using ntfs-3g), and the ClamAV virus scanner (including a fairly recent signature database and a GUI). It provides partition handling with gParted and also has a network boot facility.
TrinityOS is a step-by-step, example-driven HOWTO on building a very functional Linux box with strong security in mind. TrinityOS is well known for its strong packet firewall ruleset, Chrooted and Split DNS (v9 and v8), secured Sendmail (8.x), Linux PPTP, Serial consoles and Reverse TELNET, DHCPd, SSHd, UPSes, system performance tuning, the automated TrinityOS-Security implementation scripts, and much more.
The Mandos system allows computers to have encrypted root file systems and at the same time be capable of remote or unattended reboots. The computers run a small client program in the initial RAM disk environment which will communicate with a server over a network. All network communication is encrypted using TLS. The clients are identified by the server using an OpenPGP key that is unique to each client. The server sends the clients an encrypted password. The encrypted password is decrypted by the clients using the same OpenPGP key, and the password is then used to unlock the root file system.
The Auditor security collection is a live-system based on KNOPPIX. It provides tools for analyzing the security of a system. It features a menu structure that reflects the stages of a security check: foot-printing, analysis, scanning, wireless, brute-forcing, cracking. In addition to about 300 security tools, the collection includes background information regarding standard configuration and passwords, truly extensive word lists, and more mundane productivity tools.
daemon turns other processes into daemons. There are many tedious tasks that need to be performed to correctly set up a daemon process; daemon performs these tasks for other processes. This is useful for writing daemons in languages other than C, C++, or Perl (e.g. sh, Java). If you want to write daemons in languages that can link against C functions (e.g. C, C++), see libslack, which contains the core functionality of daemon.
Firewall is a set of scripts (firewall, fwup, and fwdown) that implement an ipchains firewall and various forms of network address and port translation. All you have to do is read the policy file and edit it to reflect your topology and filtering policy. It supports many different types of network topology (single host, traditional forwarding, masquerading, port forwarding, alias port forwarding and NAT), up to 10 untrusted interfaces each with their own policy, and over 50 network applications. It also supports centralised administration of multiple remote firewalls (meta-firewall).
msulogin is the single-user mode login program used to force the console user to login under a root account before a shell is started. Unlike other implementations of sulogin, this one supports having multiple root accounts on a system. msulogin has been developed as a part of Openwall GNU/*/Linux and is being made available separately primarily for use by other distributions. Currently, msulogin supports only systems with getspnam(3).