grepcidr can be used to filter a list of IP addresses against one or more Classless Inter-Domain Routing (CIDR) specifications, or arbitrary networks specified by an address range. As with grep, there are options to invert matching and load patterns from a file. grepcidr is capable of comparing thousands or even millions of IPs to networks with little memory usage and in reasonable computation time. It has endless uses in network software, including mail filtering and processing, network security, log analysis, and many custom applications.
Webalizer Xtended is a fork of Webalizer and contains a great number of feature improvements, such as monthly statistics for all "HTTP 404 Not Found" errors (including the number of these errors and the corresponding URLs) and additional configuration file keywords. Furthermore, all colors of the statistics can be defined by the user. Webalizer Xtended also fixes several (security-related) bugs in the original Webalizer code and contains the "Apache mod_logio" patch to generate more reliable traffic statistics.
The Subukan Sensor is a complete Network Intrusion Detection System (NIDS) platform. It is not simply an application one can install on an existing operating system. Rather, Subukan is a total software solution including both an operating system and a unique compilation of security tools. It is based on a single file image or firmware that transforms almost any hardware equipment into a fully functional NIDS appliance. Appliance- based technology simplifies administration and provides the capability for remote upgrades.
OpenVISP Admin is a fork of Postfix Admin. Its aim is to provide a unique ISP tool as a Web panel for end users, postmasters, and site administrator to manage their data. It allows site administrators to update amavisd-new values, spam-assassin values, greylisting, domains checks, and sender verification. It can also provide datacenter admins with a central point of access, by having APC Masterswitch configuration and access, hosting access requests, and PPTP access and statistics views.
FreeBSDShield is a DShield.org reporting client for FreeBSD and the ipfw firewall. It allows you to report attempted security breaches to the DShield cooperative firewall logging effort, which in turn helps the Internet Storm Center (and netizens at large) track trends in network security and catch emerging vulnerabilities.
Bruteblock allows system administrators to block various bruteforce attacks on UNIX services. The program analyzes system logs and adds attackers' IP addresses into the ipfw2 table, effectively blocking them. Addresses are automatically removed from the table after specified amount of time. Bruteblock uses regular expressions to parse logs, which gives it enough flexibility to be used with almost any network service. Bruteblock doesn't use any external programs and works with ipfw2 tables via the raw sockets API.