RSS 153 projects tagged "C"

Download Website Updated 18 Apr 2014 libnftnl

Screenshot
Pop 10.15
Vit 1.60

libnftnl is a userspace library providing a low-level netlink programming interface (API) to the in-kernel nf_tables subsystem.

No download Website Updated 14 Apr 2014 nftables

Screenshot
Pop 241.48
Vit 5.23

nftables aims to replace the existing {ip,ip6,arp,eb}tables framework. It provides a new packet filtering framework, a new userspace utility, and a compatibility layer for {ip,ip6}tables. nftables is built upon the building blocks of the Netfilter infrastructure such as the existing hooks, the connection tracking system, the userspace queueing component, and the logging subsystem.

Download Website Updated 14 Apr 2014 fwknop

Screenshot
Pop 504.83
Vit 148.47

fwknop implements an authorization scheme called Single Packet Authorization that requires only a single encrypted packet to communicate various pieces of information, including desired access through an iptables, ipfw, or pf firewall policy and/or specific commands to execute on the target system. The main application of this program is to protect services such as SSH with an additional layer of security in order to make the exploitation of vulnerabilities much more difficult. The authorization server works by passively monitoring authorization packets via libpcap. Also supported is a robust port knocking implementation based around iptables log messages.

No download Website Updated 23 Mar 2014 sslh

Screenshot
Pop 411.24
Vit 32.61

sslh accepts connections in HTTP, HTTPS, SSH, OpenVPN, tinc, XMPP, or any other protocol that can be tested using a regular expression, on the same port. This makes it possible to connect to any of these servers on port 443 (e.g. from inside corporate firewalls, which almost never block port 443) while still serving HTTPS on that port. sslh supports IPv6, privilege dropping, transparent proxying, and much more.

Download Website Updated 16 Mar 2014 LEAF

Screenshot
Pop 696.22
Vit 107.74

LEAF is a secure, feature-rich, customizable embedded Linux network appliance for use in a variety of network topologies. Although it can be used in other ways, it's primarily used as a Internet gateway, router, firewall, and wireless access point.

Download Website Updated 04 Mar 2014 Untangle

Screenshot
Pop 529.01
Vit 45.81

Untangle is a Linux-based network gateway with pluggable modules for network applications like spam blocking, Web filtering, anti-virus, anti-spyware, intrusion prevention, VPN, SSL VPN, firewall, and more.

Download No website Updated 04 Mar 2014 IPCop Firewall

Screenshot
Pop 473.93
Vit 27.36

IPCop Linux is a complete Linux distribution whose sole purpose is to protect the networks on which it is installed.

Download No website Updated 16 Feb 2014 ipt_pkd

Screenshot
Pop 436.83
Vit 24.47

ipt_pkd is an iptables extension implementing port knock detection with SPA (single packet authorization). This project provides 3 parts: the kernel module ipt_pkd, the iptables user space module libipt_pkd.so, and a user space client knock program. For the knock packet, it uses a UDP packet sent to a random port that contains a SHA-256 of a timestamp, small header, random bytes, and a shared key. ipt_pkd checks the time window of the packet and does the SHA-256 to verify the packet. The shared key is never sent.

No download Website Updated 11 Feb 2014 Zorp

Screenshot
Pop 308.77
Vit 32.12

Zorp is a proxy firewall suite with its core architecture is built around today's security demands: it uses application level proxies, is modular and component based, uses a script language to describe policy decisions, makes it possible to monitor encrypted traffic, lets you override client actions, and lets you protect your servers with its built in IDS capabilities.

Download Website Updated 05 Feb 2014 fwsnort

Screenshot
Pop 724.15
Vit 36.61

fwsnort translates snort rules into an equivalent iptables ruleset. By making use of the iptables string match module, fwsnort can detect application layer signatures which exist in many snort rules. fwsnort adds a --hex-string option to iptables, which allows snort rules that contain hex characters to be input directly into iptables rulesets without modification. In addition, fwsnort makes use of the IPTables::Parse Perl module in order to (optionally) restrict the snort rule translation to only those rules that specify traffic that could potentially be allowed through an existing iptables policy.

Screenshot

Project Spotlight

JavaMelody

A program for monitoring JavaEE applications.

Screenshot

Project Spotlight

Knot DNS

An authoritative DNS server.