tpe-lkm is a Linux kernel module implementing Trusted Path Execution, a security feature that denies users from executing programs that are not owned by root, or are writable. This closes the door on a whole category of exploits where a malicious user tries to execute his or her own code to hack the system. Since the module doesn't use any kind of ACLs, it works out of the box with no configuration. It isn't complicated to test or deploy to current production systems. The module also has a few other grsecurity-inspired features implemented as "extras".
KaOS is a lightweight, multi-purpose embedded Linux platform designed for virtualization and cloud computing applications. KaOS is based on Linux KVM and is a true enterprise grade hypervisor platform. KaOS makes it easy to deploy KVM based virtualization solutions. KaOS is a lightweight platform, less than 10MB in size. The SDK provides everything necessary to rebuild the platform and comes with scripts to assist with building a KaOS-enabled Linux kernel. KaOS has a menu-driven CLI called AppQueue and a management process that replaces init and other functions called kattach.
netsniff-ng is a high performance Linux network sniffer for packet inspection. It is similar to analyzers like tcpdump, but without the need to perform system calls for fetching network packets. A memory-mapped area within kernelspace will be used for accessing packets, so there is no requirement for copying them to userspace (a 'zero-copy' mechanism). For this purpose, netsniff-ng is libpcap independent, but nevertheless supports the pcap file format for capturing, replaying, and performing offline analysis of pcap dumps. The project is focused on building a robust, clean, and secure analyzer and utilities that complete netsniff-ng as a support for penetration testing. netsniff-ng can be used for protocol analysis, reverse engineering, and network debugging.
dtrace for Linux is a native port of dtrace to Linux. dtrace is a kernel and user space tracing mechanism available on Solaris, FreeBSD, and Apple Mac OS X. It entails no performance cost when it is not activated. This implementation has the same functionality as the original, allowing arbitrary kernel probes. It is provided as a kernel module, so no kernel source code changes are required. It has been tested mostly on Ubuntu 7/8 systems and is known to compile on other kernels. Both 32-bit and 64-bit kernels are supported.
Traffic Squeezer is a Linux kernel based WAN network traffic accelerator from Doublefish Solutions. It uses methods such as traffic compression, traffic PDU coalescing, protocol specific acceleration (such as TCP acceleration mechanisms), and quality of service. Traffic Squeezer also contains custom L7filters (application protocol filters), DPI (Deep Packet Engines) and so on to control and administrate your traffic. With Traffic Squeezer, you can optimize MPLS,ISDN, leased links, Satellite Networks, and Marine Internet, and even build your own custom WAN Appliance with Traffic Squeezer. A GUI is now supported via Doublefish Solution Aquarium. Aquarium is a Web-GUI that also supports Traffic Squeezer, Squid, and other open source solutions.
Fiwix is an operating system kernel based on the Unix architecture and fully focused on being Linux compatible. It is designed exclusively for educational purposes, so the kernel code is kept as simple as possible for the benefit of students. It runs on the 32-bit x86 hardware platform, and is compatible with a good base of existing GNU applications.