SING stands for 'Send ICMP Nasty Garbage.' It is a tool that sends ICMP packets fully customized from command line. Its main purpose is to replace and complement the ping command, adding certain enhancements as fragmentation; send and receive spoofed packets; send many ICMP information types (echo as the old ping, address mask, timestamp, and router discovery) and errors (redirect, unreach, and time exceeded); and send monster packets. It also supports loose and strict source routing and record routing.
vpnd is a daemon which connects two networks on network level either via TCP/IP or a (virtual) leased line attached to a serial interface. All data transfered between the two networks are encrypted using the unpatented free Blowfish encryption algorithm with a key length of up to 576 bits (may be downgraded to a minimum of 0 bits to suit any legal restrictions).
ssh-smart is a basic proof-of-concept implementation of ssh authentication via smartcard. The smartcard which is used to store the ssh identity is a memory card (I2C 16KBIT/2048 bytes). ssh-smart uses multiple Perl scripts and the smartcard program to establish communication with the reader and the memory card. It has only been tested with the Towitoko chip drive micro, but it could work with other card reader terminal drivers using the CT-API library. The project is in an early stage of development and a lot has to be done before it can be considered a reliable solution to store an ssh identity in a secure way.
OpenVPN is a robust and highly configurable VPN (Virtual Private Network) daemon which can be used to securely link two or more private networks using an encrypted tunnel over the Internet. OpenVPN's principal strengths include wide cross-platform portability, excellent stability, support for dynamic IP addresses and NAT, adaptive link compression, single TCP/UDP port usage, a modular design that offloads most crypto tasks to the OpenSSL library, and relatively easy installation that in most cases doesn't require a special kernel module.
NetUP UTM is a universal billing system for internet service providers of any size. Its modern approach to traffic accounting makes the system compatible with all popular platforms and network devices. Its key features include realtime traffic processing, Cisco Netflow and IP Accounting data collection, support for RADIUS authentication, and cross-platform compatibility. The core of the system is a smart and reliable accounting engine working directly with network equipment. It supports up to 100,000 users at a total speed of up to 3 Gbps. A flexible ratings engine and efficient administration tools make UTM a complete solution for IP/VoIP/WiFi/dial-up billing.
Pound is a reverse HTTP proxy, load balancer, and SSL wrapper. It proxies client HTTPS requests to HTTP backend servers, distributes the requests among several servers while keeping sessions, supports HTTP/1.1 requests even if the backend server(s) are HTTP/1.0, and sanitizes requests.
rpfcd (Remote packet filter control daemon) allows remote control and monitoring of OpenBSD's packet filter. It communicates with clients using the RPFC protocol running on top of SSL. The protocol is designed to be relatively forgiving and easy to use. Its goal is to provide a common framework for pf control and monitoring. Instead of running pfctl/tcpdump/pflogd, writing ad-hoc parsing scripts, and sending the results by mail, rpfcd will provide the same and much more via a transparent server-client interface. Together with a decent CLI/GUI client, pf firewall monitoring becomes rather easy. This is especially interesting if you have several pf firewalls to control and monitor.