coNCePTuaL is a domain-specific programming language for rapidly generating programs that measure the performance and/or test the correctness of networks and network protocol layers. A few lines of coNCePTuaL code can produce programs that would take significantly more effort to write in a conventional programming language.
Endian Firewall is an all-in-on Linux security distribution that turns any system into a full-featured security appliance. It features a stateful packet inspection firewall, application-level proxies for various protocols (HTTP, POP3, SMTP), anti-virus support, virus and spam filtering for email traffic (POP and SMTP), content filtering of Web traffic, and a "hassle free" VPN system based on OpenVPN.
Nuface is a Web-based administration tool that generates Edenwall, NuFW, or simple Netfilter firewall rules. It features a high level abstraction on the security policy set by the administrator, and works internally on an XML data scheme. Its philosophy is to let you agglomerate subjects, resources, or protocols into meta-objects, and use those meta objects to generate ACLs, which are then interpreted as netfilter rules by Nupyf, the internal XML parser. This tool may easily be extended to support firewall implementations other than Netfilter.
Daemon Shield is a Linux intrusion prevention daemon that scans for brute force break-in attacks in real time and uses iptables to create rules that block the attackers' IP addresses for a configurable period of time. It uses handlers that watch for attacks against given services, such as SSH, telnet, FTP, etc. It is highly configurable through a central configuration file. It loads existing blocklist rules into iptables on startup, and removes the blocklist rules when it shuts down. Other major features include background daemon operation, logging to syslog, easy-to-extend handlers, configurable block duration, and email notifications.
The WiKID Strong Authentication System is a highly scalable, secure two-factor authentication system. It is simple to implement and maintain, allows users to be validated automatically, requires no hardware tokens, has a simple API for application support (via Ruby, PHP, Java, COM, Python, etc.), supports multiple domains, and supports replication for fault tolerance and scalability. It also supports mutual /host and transaction authentication, wireless tokens only domains, locked tokens (to your PC), anti-keystroke logger keypad PIN entry, etc.
wifiroamd is a background program which tries to just do the right thing to bring up your wireless network. Simple, yet customizable init.d-like scripts are used to determine which networks are preferred and to do things like set the ESSID or WEP keys. Other advanced functionality such as bonding of wired and wireless devices is also automated. wifiroamd is an engine for the handling of connecting to wireless networks. It is entirely command-line based, and meant to run in the background without interaction.
Zenoss is an enterprise network/systems management application that provides an integrated software package for monitoring availability, performance, events, and configuration across layers (network, servers, applications, environment, etc.) and across platforms (Linux, Windows, Unix, etc.).