The Network Security Policy Compiler (NetSPoC) is a tool for security management of large computer networks with different security domains. It generates configuration files for packet filters controlling the borders of security domains. It provides its own language for describing security policy and the topology of a network. The security policy is a set of rules that state which packets are allowed to pass the network and which are not. NetSPoC is topology aware; a rule for traffic from A to B is automatically applied to all managed packet filters on the path from A to B.
Hyenae is a highly flexible and platform independent network packet generator. It allows you to reproduce low level Ethernet attack scenarios (such as MITM, DoS, and DDoS) to reveal potential security vulnerabilities of your network. Besides smart wildcard-based address randomization, a highly customizable packet generation control, and an interactive attack assistant, Hyenae comes with a clusterable remote daemon for setting up distributed attack networks.
The Firewall Tester is a tool designed for testing firewalls' filtering policies. It includes an Intrusion Detection System testing feature, along with a packet generator tool and a sniffer. Unlike common firewall testing tools or packet generators, ftester is capable of generating network traffic that will look like real connections to the firewall or IDS system tested, which allows users to test stateful inspection firewalls (like netfilter or ipfilter) and IDS (like snort).
Nagios is a host, service, and network monitoring system that will watch your network and alert you to problems before your clients or end-users do. The system runs checks on hosts and services that you specify using plugins that return status information to Nagios. When problems are encountered, the system will send notifications to system administrators so that they can take action on the problem. The JumpBox for Nagios gives you a head start to using the system. It eliminates the complexity involved in getting the application installed, and allows you to focus on the configuration for your specific environment. Since Nagios is based on plugins, depending on what you want to do this will vary in complexity.
AnomicFTPD is an RFC959-compliant FTP server with OS- independent user and group management. Active and passive modes, non-root mode, and anonymous and/or read-only modes are supported. A built-in client IP filter acts as a firewall and provides additional access limitation. The server has no online interface; attributes, groups, and user accounts are configured through text files. The protocol/ format-unspecified LIST command produces output that is compatible with most FTP clients, including common Web browsers in FTP mode.
SOHT (Socket over HTTP Tunneling) allows you to tunnel socket connections through an HTTP proxy. Restrictive firewalls often prohibit all outgoing trafic except for HTTP. This application allows you to tunnel socket connections over the HTTP protocol. This application consists of a server that serves as a proxy and a client which tunnels a socket connection over an HTTP connection to the server. The current server is written in Java, and there are clients in Java and .NET.
Nuface is a Web-based administration tool that generates Edenwall, NuFW, or simple Netfilter firewall rules. It features a high level abstraction on the security policy set by the administrator, and works internally on an XML data scheme. Its philosophy is to let you agglomerate subjects, resources, or protocols into meta-objects, and use those meta objects to generate ACLs, which are then interpreted as netfilter rules by Nupyf, the internal XML parser. This tool may easily be extended to support firewall implementations other than Netfilter.