Sanewall is a firewall builder for Linux that uses an elegant language abstracted to just the right level. This makes it powerful and easy to use, audit, and understand. It allows you to create very readable configurations even for complex stateful firewalls. Sanewall can be used for almost any purpose, including control of any number of internal/external/virtual interfaces, control of any combination of routed traffic, setting up DMZ routers and servers, all kinds of NAT, providing strong protection (flooding, spoofing, etc.), transparent caches, source MAC verification, blacklists, and whitelists. Newer versions abstract the differences between IPv4 and IPv6, allowing you to define a common set of rules for both, while permitting specific rules for each as you need. Sanewall is a fork of FireHOL and can make use of existing FireHOL configurations.
txtorcon is a Twisted-based asynchronous Tor control protocol implementation. Twisted is an event-driven networking engine written in Python, and Tor is an onion-routing network designed to improve people’s privacy and security on the Internet. It includes unit-tests with 96%+ coverage, multiple examples, and documentation. There are abstractions to track Tor configuration and state (circuits, streams), launch private instances, support Hidden Service, and more.
CERTivity is a powerful multi-platform visual tool for creating, managing, and handling different key store types (such as JKS, JCEKS, PKCS12, the Bouncy Castle types BKS and UBER, and Windows Native), public, private and secret keys in different formats (PKCS, OpenSSL, RSA/DSA, etc.), certificates (version 1 and 3), and certificates chains. It allows you to import and export keys, key pairs and certificates, manage certificate extensions, extend the validity period for self-signed certificates, test certificates, obtain revocation status, convert from one key store type to another, and much more.
CryptNET Passgen (passgen) is a password generator. It generates a list of password candidates for the user to choose from by mapping operating system sources of pseudo-randomness into printable character arrays using a mod operation. A number of available command line options gives it a great deal of flexibility. It is capable of generating passwords composed of printable characters, alphanumeric characters, alphabetic characters, or only numeric characters.
PacketFence Zero Effort NAC (ZEN) is a network access control (NAC) system. It supports registration of new network devices, detection of abnormal network activities, isolation of problematic devices, remediation through a captive portal, registration-based and scheduled vulnerability scans, VLAN isolation with VoIP support (even in heterogeneous environments) for multiple switch vendors, support for 802.1X through a FreeRADIUS module, wireless integration with FreeRADIUS, DHCP fingerprinting, and more. It consists of a fully installed and preconfigured version of PacketFence inside a VMWare image.
jEncrypt is a commandline file encryption archiver. Files are encrypted with the AES-CTR mode, which was recommended by the National Institute of Standards and Technology in 2001 (NIST SP 800-38A). AES-CTR mode only provides confidentiality. It requires a message authentication code such as CBC-MAC to ensure an encrypted message is not accidentally modified or maliciously tampered with, which jEncrypt currently does not provide.
Collax Groupware Suite is a complete collaboration, e-mail, and messaging server with Outlook MAPI support. It offers enterprise email server functions, anti-spam and anti-virus filters, GUI management, a file server for SMB, NFS, FTP, and Apple shares, backup/restore server, IM server, and fax and SMS server. The groupware offers AJAX Web mail, calendar, team calendar, contacts, and tasks, and supports ActiveSync for mobile devices. It is free for private or commercial use of up to five users.
iptables-bash_completion provides programmable completion for the iptables and ip6tables programs. iptables options are shown only if they are valid at the current context. It supports completion of options, matches, and targets, and dynamic retrieval of data from the system, including chains, set names, interfaces, and hostnames. Environment variables allow completion options to be tuned. IP and MAC addresses can be supplied using a file.