Dr.Morena is a tool to confirm the rule configuration of a firewall. It inspects all the firewall rules that are currently in effect, and tests these rules by sending various kinds of test packets through the firewall. This allows you to confirm that the rules that you intend to be in effect are actually in effect.
DummyIdentd Server Daemon is a Perl program that accepts identd requests (port 113), and responds with a valid response, but giving out no useful information. It is written in Perl, and is suitable for running on company gateways/firewalls to enable your users to access services such as IRC, which require identd.
EndoShield is a fully configurable firewall that will run under a 2.2 or 2.4 Linux kernel (ipchains or iptables). It requires no knowledge of firewalls or how ipchains or iptables works. It is perfect for home users wanting to secure their systems, but can also be configured for internet connection gateways or server systems.
tcpxd is a TCP/IP relay or proxy, allowing a connection to a port on a system to be forwarded to another port on any other system. It is useful for firewalls and service relocations, and is small, simple, and fast. It's also easier to learn than netcat and supports TCP_NODELAY, alternate local ports, partial connection closures, and non-blocking connects.
Mason is a tool that interactively builds a firewall using Linux' ipfwadm or ipchains firewalling. You leave mason running on the firewall machine while you are making all the kinds of connections that you want the firewall to support (and want it to block). Mason gives you a list of firewall rules that exactly allow and block those connections. It can either build a firewall from scratch for you or supplement an existing firewall.
rc.firewall is configurable for dialup and static IP addresses. It is based on Linux-kernel 2.4.x, and it generates it's own configuration file. It supports specific port filtering for the internet- , intranet-, and a dmz-zone. For the DMZ-Zone, there is also a machine-specific port filtering, and redirection of specific ports of the internet-interface available. Note: Do not install this in productive environments, until you have checked the rules/tables with your own eyes.
ssh-smart is a basic proof-of-concept implementation of ssh authentication via smartcard. The smartcard which is used to store the ssh identity is a memory card (I2C 16KBIT/2048 bytes). ssh-smart uses multiple Perl scripts and the smartcard program to establish communication with the reader and the memory card. It has only been tested with the Towitoko chip drive micro, but it could work with other card reader terminal drivers using the CT-API library. The project is in an early stage of development and a lot has to be done before it can be considered a reliable solution to store an ssh identity in a secure way.
http_filter is an HTTP tunnel with filtering and multiplexing. It runs on a firewall, sitting in front of not-so-secure Web servers (like IIS), and it accepts requests, applies a set of rules to them, and allows the requests to be passed through to the back-end Web server only if they pass all filters. The rules can be defined globally or per-server.