Gibraltar is a Debian GNU/Linux-based router/firewall distribution, fully workable from a bootable, live CD-ROM. Log files can be stored on a hard disk, and configuration data is stored on a USB mass storage media or a floppy disk and kept on a RAM disk during run-time. Due to its Debian base, a vast manifold of firewalling, routing, and proxy packages is available. It comes with an intuitive, easy to use Web administration interface and support, and is free to use for home users.
GreenSQL is a database firewall used to protect databases from SQL injection attacks. GreenSQL works in a proxy mode and has built-in support for MySQL. The logic is based on evaluation of SQL commands using a risk scoring matrix, as well as blocking known DB administrative commands (such as DROP and CREATE).
HAVP (HTTP Anti Virus Proxy) is a proxy which scans downloads for viruses with several scanners (ClamAV, F-Prot, Kaspersky, NOD32, Sophos) at the same time. The main aims are continuous, non-blocking downloads and smooth scanning of dynamic and password protected HTTP traffic. It can be used with squid or standalone, and it also supports transparent proxy mode.
HTTPTunnel is a simple client/server application for creating an HTTP tunnel between two machines, optionally via a Web proxy. This tunnel can then be used to wrap arbitrary TCP socket traffic in HTTP, thus allowing communications even through a restrictive firewall that only allows outgoing HTTP connections.
Hardened Debian improves Debian GNU/Linux with high security and hardening features, hardened kernels and packages, DHKP, and other security related enhancements. It makes systems more difficult to compromise using common attacks such as race conditions, chroot jail escapes, and buffer overflows.
Harm acts as a four-way socket redirector that allows you to effectively make a TCP connection from the Internet to a host behind a Linux masquerade-style firewall. The server (behind the firewall) makes connections to the client (on the Internet). After a successful connection, it will bounce packets from a telnet client (Windows and Linux) to the Harm client, to the Harm server (Linux only), or to the telnet daemon behind the firewall.