Autossh is a program to monitor and automatically reestablish SSH connections. It is similar to rstunnel (Reliable SSH Tunnel), however, it is implemented in C, and is easier to set up and use, especially for connections to multiple hosts. Autossh has been compiled and tested on OpenBSD, Linux, and Solaris, and should run without needing changes on FreeBSD and NetBSD.
BSDftpd-ssl is a secure and easy-to-use FTP server that supports industry standard TLS/SSL encryption and authentication for whole FTP sessions and data transfers. This implementation supports both the original FTP protocol and the RFC2228-compliant TLS/SSL enhancement. The package contains the secure FTP server (named "ftpd") and a command line TLS/SSL-aware FTP client (named "ftps"). The server's features include logging of transfers, changing of a session root (known as "chroot"), and virtual host support.
Botan is a crypto library written in C++. It provides a variety of cryptographic algorithms, including common ones such as AES, MD5, SHA, HMAC, RSA, Diffie-Hellman, DSA, and ECDSA, as well as many others that are more obscure or specialized. It also offers SSL/TLS (client and server), X.509v3 certificates and CRLs, and PKCS #10 certificate requests. A message processing system that uses a filter/pipeline metaphor allows for many common cryptographic tasks to be completed with just a few lines of code. Assembly and SIMD optimizations for common CPUs offers speedups for critical algorithms like AES and SHA-1.
C-Kermit is a combined serial and network communication software package offering a consistent, medium-independent, cross-platform approach to connection establishment, terminal sessions, file transfer, character-set translation, numeric and alphanumeric paging, and automation of communication tasks. Recent versions include FTP and HTTP clients as well as an SSH interface, all of which can be scripted and aware of character-sets. It supports built-in security methods, including Kerberos IV, Kerberos V, SSL/TLS, and SRP, FTP protocol features such as MLSD, and source-code parity with Kermit 95 2.1 for Windows and OS/2.
The CyaSSL embedded SSL library is a lightweight SSL library written in ANSI C and targeted for embedded and RTOS environments, primarily because of its small size, speed, and feature set. It is commonly used in standard operating environments and cloud services as well because of its royalty-free pricing and excellent cross platform support. CyaSSL supports industry standards up to the current TLS 1.2 and DTLS 1.2 levels, is up to 20 times smaller than OpenSSL, and offers progressive ciphers such as HC-128, RABBIT, and NTRU.
DansGuardian is a Web content filtering proxy that uses Squid to do all the fetching. It filters using multiple methods including, but not limited to, phrase matching, file extension matching, MIME type matching, PICS filtering, and URL/domain blocking. It has the ability to switch off filtering by certain criteria including username, domain name, source IP, etc. The configurable logging produces a log in an easy to read format. It has the option to only log text-based pages, thus significantly reducing redundant information (such as every image on a page).
Dar is a shell command that makes backup of a directory tree and files. Its features include splitting archives over several files, DVD, CD, ZIP, or floppies, compression, full or differential backups, strong encryption, proper saving and restoration of hard links, extended attributes, file forks, Door inodes, and sparse files, remote backup using pipes and external commands (such as ssh), and rearrangement of the "slices" of an existing archive. It can run commands between slices, before and after saving some defined files or directories (for a proper database backup, for example), and quickly retrieve individual files from differential and full backups. Several external GUIs exist as alternatives to its CLI interface, like kdar, DarGUI, SaraB, etc.
Email Security through Procmail (the Procmail Sanitizer) provides methods to sanitize email, removing obvious exploit attempts and disabling the channels through which exploits are delivered. Facilities for detecting and blocking Trojan Horse exploits and worms are also provided.
Ettercap is a network sniffer/interceptor/logger for ethernet LANs. It supports active and passive dissection of many protocols (even ciphered ones, like SSH and HTTPS). Data injection in an established connection and filtering on the fly is also possible, keeping the connection synchronized. Many sniffing modes were implemented to give you a powerful and complete sniffing suite. Plugins are supported. It has the ability to check whether you are in a switched LAN or not, and to use OS fingerprints (active or passive) to let you know the geometry of the LAN.