The Horatio system is a firewall authentication tool. The premise: legitimate users want to attach laptops and other mobile hosts to the network, but security demands that illegitimate users be prevented from accessing the internal, secure network and from abusing the general Internet. The approach taken by Horatio is to provide a separate, untrusted network that only connects to the internal network (and thus to the Internet) through a firewall that by default does not pass any traffic. When a legitimate user connects his or her host, it is assigned an address by a DHCP server (such as dhcpd), but is unable to contact anything outside the untrusted network. The user must point a Web browser at the Horatio web server, which runs on the firewall machine, and provide a username and password. Once the username and password have been validated, the firewall rules are modified to allow the host access to the rest of the network.
Yafig is a LAMP-based firewall rule generator that creates shell scripts for use with Linux netfilter/iptables. The user interface is similar to the FireWall-1 policy editor. Its main features are Web-based host, network, and service management. support for multiple policies with individual password protection, shared objects for multiple policies, support for chains (default and custom), and architecture independence.
SoL (Server optimized Linux) is a Linux distribution completely independent from other Linux distributions. It was built from the original source packages and is optimized for heavy-duty server work. It contains all common server applications, and features XML boot and script technology that makes it easy to configure and make the server work.
Wfconvert is a firewalling policy compiler which imports and translates rules to and from any supported firewalling language. It provides a very simple and powerful language for describing firewalling rulesets. Wfconvert is part of the WallFire project, whose aim is to create a very general and modular firewalling management application based on Netfilter or any kind of low-level framework.
Fireflier is a firewall tool which is built on top of the iptables framework. It allows you to create rules based on single incoming network packets or to simply allow/deny single packets to pass. It features a client-server approach for administering from another PC, SSL connection between client and server, rules with timeouts (rules are deleted after some time or when fireflier-server shuts down), and filtering based on applications.
NetUP UTM is a universal billing system for internet service providers of any size. Its modern approach to traffic accounting makes the system compatible with all popular platforms and network devices. Its key features include realtime traffic processing, Cisco Netflow and IP Accounting data collection, support for RADIUS authentication, and cross-platform compatibility. The core of the system is a smart and reliable accounting engine working directly with network equipment. It supports up to 100,000 users at a total speed of up to 3 Gbps. A flexible ratings engine and efficient administration tools make UTM a complete solution for IP/VoIP/WiFi/dial-up billing.
Mail2sh makes it possible to carry out shell commands by email. Email is sent to a particular user on your host and the commands will be carried out if the user and password given matches ones in /etc/passwd. Commands are executed with the user's privileges, and combined with a PGP module ensures a certain level of security for use. Note that the system is not natively encrypted, so use of an encryption mechanism is highly recommended for security reasons.