CacheGuard Appliance is an all-in-one OS appliance providing firewall, antivirus, caching, compression, bandwidth allocation, load balancing, reverse and forward proxy, high availability, Web application firewall, URL guarding, and more. It can be purchased as an OS to install on your server, as an OS to run in a virtual machine, or as a hardware appliance.
IPTEditor intends to ease the task of managing/editing iptables rules. It presents an intuitive graphical interface that organizes iptables tables as tabs of a notebook, each of which, in turn, organizes their chains in notebooks tabs. Each rules tab contains a list made up of rows (rules) or item columns ordered according to their occurrence. The items in the rows can be edited by appropriate forms, such as through dialogs for targets and criteria (modules), edit fields for network addresses, and selection boxes for actions and protocols, among others.
SpamBlock counts attempts to establish a connection on port 25/tcp via tcpdump. When a host exceeds the allowed number of attempts per unit of time, it is added to a corresponding ipfw table and email notification is sent. Spamblock currently supports ipfw only, but it can be easily adapted for any firewall and OS. It can also be configured to watch multiple ports to prevent Telnet and SSH attacks in addition to SMTP.
ClearOS is an integrated network server gateway solution for small and distributed organizations. The software provides all the necessary server tools to run an organization including email, anti-virus, anti-spam, file sharing, groupware, VPN, firewall, intrusion detection/prevention, content filtering, bandwidth management, multi-WAN, and more. You can think of it as a next generation small business server. Through the intuitive Web-based management console, an administrator can configure the server software along with integrated cloud-based services.
HLBRW is an acronym for Hogwash Light BR Watch. It is a tool to help make rules for HLBR. In other words, HLBRW was made to be used by HLBR users needing make new rules. It requires some expertise with HLBR, the TCP/IP protocol suite, and regular expressions. HLBRW is a script started by iwatch (a system events watch program) when the HLBR event log is modified. The concept is very single: if the HLBR log was modified, then a known attack was blocked. But the attacker might take other subsequent actions unknown by HLBR. When HLBRW starts, it will coordinate a tcpdump session to record the traffic generated by the attacker's IP address for the next few minutes. If the recorded traffic isn't relevant (without a push in TCP or another relevant protocol), the created file will be deleted. Based on the recorded traffic, the network security manager can make new rules. HLBRW is part of the HLBR project, an intrusion prevention system (IPS) used in firewall systems.
Altimate Firewall is a small and easy-to-use firewall, based on a hardened Gentoo system. It has an intuitive and easy-to-use Web interface. The Altimate Firewall uses Shorewall (LAN, WAN, DMZ), OpenVPN, PPTPD, IPSEC, and many more. It includes Avira WebGate and MailGate for safer browsing and for securing your email messages. The network settings can be easily managed by a non-professional.
check_nwc_health is a plugin for the Shinken (or Nagios/Icinga) monitoring system. It is used to check hardware health, environment, interfaces, pools, uptime, etc. of a great range of the most popular network components like switches, routers, firewalls, proxies, load balancers, etc. Currently it can monitor: Cisco IOS, Cisco Nexus, F5 BIG-IP, CheckPoint Firewall1, Juniper NetScreen, HP Procurve, Nortel, Brocade 4100/4900, EMC DS 4700, EMC DS 24, Allied Telesyn, and Blue Coat SG600.
Dowse eases the configuration of network routing for a local area network, starting from the setup of ARP-level static entries of known peers, IP-level firewall, DHCP configuration, and local DNS cache, up to an application layer transparent proxy and optional gateways to anonymous networks such as Tor and I2P. It consists of a minimalistic script which can run on any GNU/Linux box and which, from a central configuration point, controls Ebtables, Iptables, and all the daemons needed for such operations: DnsMasq, Squid2, and Privoxy. It comes with a module system for contributed add-ons like DNSCrypt-proxy and HTTPS-everywhere.