Bruteblock allows system administrators to block various bruteforce attacks on UNIX services. The program analyzes system logs and adds attackers' IP addresses into the ipfw2 table, effectively blocking them. Addresses are automatically removed from the table after specified amount of time. Bruteblock uses regular expressions to parse logs, which gives it enough flexibility to be used with almost any network service. Bruteblock doesn't use any external programs and works with ipfw2 tables via the raw sockets API.
FlowTuner is a program to manage employees' Internet activities. It allows you to set quotas for each employee or for whole departments. It can automatically disconnect employees from the Internet when the quota is reached. Managers can inspect the sites visited by employees and build Internet usage statistics reports.
FreeBSDShield is a DShield.org reporting client for FreeBSD and the ipfw firewall. It allows you to report attempted security breaches to the DShield cooperative firewall logging effort, which in turn helps the Internet Storm Center (and netizens at large) track trends in network security and catch emerging vulnerabilities.
Impost is a network security auditing tool designed to analyze the forensics behind compromised and/or vulnerable daemons. There are two different kinds of operating modes; it can either act as a honey pot and take orders from a Perl script controlling how it responds and communicates with connecting clients, or it can operate as a packet sniffer and monitor incoming data to specified destination port supplied by the command-line arguments.
Lire is a pluggable log analyzer. It has analyzers for over 25 log file formats, ranging from Apache WWW log files to iptables firewall logs and CUPS printing logs. Reports are generated in 9 different output formats, ranging from Excel 95 to PDF to HTML, optionally with included graphs.
OpenVISP Admin is a fork of Postfix Admin. Its aim is to provide a unique ISP tool as a Web panel for end users, postmasters, and site administrator to manage their data. It allows site administrators to update amavisd-new values, spam-assassin values, greylisting, domains checks, and sender verification. It can also provide datacenter admins with a central point of access, by having APC Masterswitch configuration and access, hosting access requests, and PPTP access and statistics views.
Pathalizer is a tool for visualizing the paths most users take when browsing a Web site. This information can be used to decide how to improve the navigation of the site, and for determining which parts are most worth improving and keeping up to date. It generates a directed, weighed graph from an Apache log, but could easily be modified to analyze any list of events.
ProviderTool Internet server administration program with email protection. The software is divided into a subcomponent Admin Tool, Customer Tool, and a Reseller Tool. Each subcomponent tool manages a separate zone that is setup for the specific needs of your administrator, end user, and reseller. If you have a Red Hat, SuSE, or Debian Internet or intranet server, you will be able to add, delete, and change settings and users with just a couple of clicks. ProviderTool is delivered with a separate Apache and PHP server environment. There is also an email protection tool included.