Nmap ("Network Mapper") is a utility for network exploration, administration, and security auditing. It uses IP packets in novel ways to determine which hosts are available online (host discovery), which TCP/UDP ports are open (port scanning), and what applications and services are listening on each port (version detection). It can also identify remote host OS and device types via TCP/IP fingerprinting. Nmap offers flexible target and port specifications, decoy/stealth scanning for firewall and IDS evasion, and highly optimized timing algorithms for fast scanning.
MailScanner is an email virus scanner, vulnerability protector, and spam tagger. It supports the Postfix, Sendmail, Exim, Qmail, and ZMailer MTAs, and the Sophos, McAfee, F-Prot, F-Secure, CommandAV, InoculateIT, Inoculan, eTrust, Kaspersky, Nod32, AntiVir, BitDefender, RAV, Panda, DrWeb, ClamAV, and other anti-virus scanners. It uses SpamAssassin for highly successful spam identification, and is designed to handle denial of service attacks. It will detect password-protected zip files and apply filename checking to their contents. It is very easy to install, requires no changes at all to your sendmail.cf file, is designed to be lightweight, and won't grind your mail system to a halt with its load. It can be integrated into any email system, regardless of the software in use.
Firewall Builder consists of a GUI and set of policy compilers for various firewall platforms. It helps users maintain a database of objects and allows policy editing using simple drag-and-drop operations. The GUI and policy compilers are completely independent, which provides for a consistent abstract model and the same GUI for different firewall platforms. It currently supports iptables, ipfilter, ipfw, OpenBSD pf, Cisco PIX and FWSM, and Cisco routers access lists.
Arno's IPTABLES Firewall Script is a secure stateful firewall for both single and multi-homed machines. It supports NAT and SNAT, port forwarding, ADSL ethernet modems with both static and dynamically assigned IPs, MAC address filtering, stealth port scan detection, DMZ support, protection against SYN/ICMP flooding, experimental IPv6 support, multi-interface/aliased-IP support, and extensive user definable logging with rate limiting to prevent log flooding. It has plugin support to add extra features (like SSH Brute Force protection and (Racoon) IPSEC support). It is easy to configure and highly customizable. A filter script that makes your firewall log more readable is also included.
The Port Scan Attack Detector (psad) is a collection of three system daemons that are designed to work with the Linux iptables firewalling code to detect port scans and other suspect traffic. It features a set of highly configurable danger thresholds (with sensible defaults), verbose alert messages, email alerting, DShield reporting, and automatic blocking of offending IP addresses. Psad incorporates many of the packet signatures included in Snort to detect various kinds of suspicious scans, and implements the same passive OS fingerprinting algorithm used by p0f.
OpenVPN is a robust and highly configurable VPN (Virtual Private Network) daemon which can be used to securely link two or more private networks using an encrypted tunnel over the Internet. OpenVPN's principal strengths include wide cross-platform portability, excellent stability, support for dynamic IP addresses and NAT, adaptive link compression, single TCP/UDP port usage, a modular design that offloads most crypto tasks to the OpenSSL library, and relatively easy installation that in most cases doesn't require a special kernel module.
Pound is a reverse HTTP proxy, load balancer, and SSL wrapper. It proxies client HTTPS requests to HTTP backend servers, distributes the requests among several servers while keeping sessions, supports HTTP/1.1 requests even if the backend server(s) are HTTP/1.0, and sanitizes requests.
FireHOL a simple yet powerful way to configure stateful iptables firewalls. It can be used for almost any purpose, including control of any number of internal/external/virtual interfaces, control of any combination of routed traffic, setting up DMZ routers and servers, and all kinds of NAT. It provides strong protection (flooding, spoofing, etc.), transparent caches, source MAC verification, blacklists, whitelists, and more. Its goal is to be completely abstracted and powerful but also easy to use, audit, and understand.