360-FAAR (Firewall Analysis Audit and Repair) is an offline, command line, Perl firewall policy manipulation tool to filter, compare to logs, merge, translate, and output firewall commands for new policies, in Checkpoint dbedit, Cisco ASA, or ScreenOS commands. It is all contained in one file. It can read policy and logs for: Checkpoint FW1 (in odumper.csv / logexport format), Netscreen ScreenOS (in get config / syslog format), and Cisco ASA (show run / syslog format). It uses both inclusive and exclusive CIDR and text filters, permitting you to split large policies into smaller ones for virutalization at the same time as removing unused connectivity. It supports policy to log association, object translation, rulebase reordering and simplification, rule moves, and duplicate matching automatically. It allows you to seamlessly move rules to where you need them. 'print' mode creates a spreadsheet for your audit needs with one command.
Aps is a small tool for analyzing network traffic. It prints out a great deal of information about the relevant protocols including TCP, UDP, ARP, and ICMP. It allows you to filter IP addresses, hardware addresses, ports, and specific protocols. It comes with a little GTK-GUI displaying packet counters for each protocol.
AstroFlowGuard is a Linux-based bandwidth manager, stateful firewall, intrusion detection system, and VPN server. With its user-friendly interface, automatic failover, and smart recovery system, it is the complete tool for anyone wanting to manage bandwidth and network security. It uses a hierarchical class-based system which provides a logical, intuitive view of network classes along with their priorities. It has the ability to manage P2P applications such as Kazaa and the like, manage firewall and bandwidth by time of the day, precedence, strings in any packet, and much more. Diagnose your network by powerful reporting tools that drill down to IP, port, and protocol level with graph and pie charts. It is a self-contained system that offers simple installation by means of a bootable CD and ease of use via a Web based GUI.
BBStatus is an IP accounting package and an SNMP and IP monitoring tool for Linux. It collects, summarizes, and displays the values from its database. It can be used for IP accounting (allows you to design various kinds of accounting filters), SNMP monitoring (collects data making SNMP requests), ICMP monitoring (stores and summarizes values like min, avg, max reply time, and packet loss), and client traffic filtering (using various types of filters). It also provides user based access so that every user can log in and visualize various data (depending on access rights). It requires PostgreSQL, Apache with mod_auth_pgsql, Perl(Net::SNMP), and RRDTool.
The Bait and Switch Honeypot System combines the snort Intrusion Detection System (IDS) with honeypot technology to create a system that reacts to hostile intrusion attempts by marking and then redirecting all "bad" traffic to a honeypot that partially mirrors your production system. Once switched, the would-be hacker is unknowingly attacking your honeypot instead of the real data, while your clients and/or users are still safely accessing the real system. Life goes on, your data is safe, and you get to learn about the bad guy as an added benefit. It works with Snort 1.9.0, 1.9.1, and 2.0.2.
Bandwidth Management Tools is a total bandwidth management solution for Linux and can be used for firewalling, traffic graphing, and shaping. It is not based on any currently-available bandwidth management software and supports packet queues, bursting, complex traffic flow hierarchies, flow groups, traffic logging, and a simple real-time monitoring front-end.