Keepalived for LVS aims to add a strong and robust keepalive facility to the Linux Virtual Server project. This project is written in C with multilayer TCP/IP stack checks. It implements a framework based on three family checks: Layer3, Layer4, and Layer5. This framework gives the daemon the ability of checking a LVS server pool states.When one of the servers in the LVS server pool is down, keepalived informs the Linux kernel via a setsockopt call to remove this server entry from the LVS topology. In addition, it implements a VRRPv2 stack to handle director failover.
Firewall Builder consists of a GUI and set of policy compilers for various firewall platforms. It helps users maintain a database of objects and allows policy editing using simple drag-and-drop operations. The GUI and policy compilers are completely independent, which provides for a consistent abstract model and the same GUI for different firewall platforms. It currently supports iptables, ipfilter, ipfw, OpenBSD pf, Cisco PIX and FWSM, and Cisco routers access lists.
Performance Co-Pilot (PCP) is a framework and set of services for supporting system-level performance monitoring and performance management. It provides a unifying abstraction for all of the interesting performance data in a system, and allows client applications to easily retrieve and process any subset of that data using a single API. A client-server architecture allows multiple clients to monitor the same host, and a single client to monitor multiple hosts. Archive logging and replay are integrated so that a client application can use the same API to process real-time data from a host or historical data from an archive.
INSERT (the Inside Security Rescue Toolkit) aims to be a multi-functional, multi-purpose disaster recovery and network analysis system. It boots from a credit card-sized CD-ROM and is basically a stripped-down version of Knoppix. It features good hardware detection, fluxbox, emelfm, links-hacked, ssh, tcpdump, nmap, chntpwd, and much more. It provides full read-write support for NTFS partitions (using ntfs-3g), and the ClamAV virus scanner (including a fairly recent signature database and a GUI). It provides partition handling with gParted and also has a network boot facility.
NASLite is a Network Attached Storage (NAS) server operating system designed to transform a basic computer into a dedicated file server. Utilizing highly optimized versions of Samba, uCLibc, BusyBox, and various other Linux tools, it provides SMB/CIFS, FTP, or NFS filesystem support. It accommodates multiple client OSes: Windows, Mac OS X, and Linux. NASLite offers SMART disk monitoring and large file support, and is incredibly easy to install and administer.
L7-filter is a packet classifier for Netfilter that identifies packets based on application layer (OSI layer 7) data. This means that it is able to classify packets as HTTP, FTP, Gnucleus, Kazaa, etc., regardless of ports. It complements existing matches that classify based on port numbers, packet length, TOS bits, and so on. Combined with Linux QoS, it allows for full layer 7 packet shaping.
Unison is a file-synchronization tool for Unix and Windows. It allows two copies of a collection of files and directories to be stored on different hosts (or different disks on the same host), modified separately, and then brought up to date by propagating the changes in each replica to the other. Unison can deal with updates to both replicas of a distributed directory structure. Updates that do not conflict are propagated automatically. Conflicting updates are detected and displayed. Unison can communicate through a direct socket link or through an rsh/ssh tunnel. It uses network bandwidth efficiently.
Linux Bandwidth Arbitrator allows beginning-to-advanced network administrators to control bandwidth. It is designed to be completely turn-key in its default configuration. You just plug it into your network trunk, and it self configures and immediately starts slowing "bandwidth hogs". It can be configured to target specific applications such as Kazaa, IMAP, and POP. It is compatible with the 2.4.25 kernel, ebtables, and brouter (bridging router). It also comes with denial of service protection.
nss-pam-ldapd is a Name Service Switch module and Pluggable Authentication Module using an LDAP server. It allows your LDAP server to provide user account, group, host name, alias, netgroup, and almost any other information that you would normally get from /etc flat files or NIS, and allows you to do authentication to an LDAP server.