The WiKID Strong Authentication System is a highly scalable, secure two-factor authentication system. It is simple to implement and maintain, allows users to be validated automatically, requires no hardware tokens, has a simple API for application support (via Ruby, PHP, Java, COM, Python, etc.), supports multiple domains, and supports replication for fault tolerance and scalability. It also supports mutual /host and transaction authentication, wireless tokens only domains, locked tokens (to your PC), anti-keystroke logger keypad PIN entry, etc.
haveged is a daemon that feeds the /dev/random pool on Linux using an adaptation of the HArdware Volatile Entropy Gathering and Expansion algorithm invented at IRISA. The implementation attempts to be self-tuning on a wide variety of hardware and includes runtime validation testing. The tarball uses the GNU build mechanism and includes a devel sub-package, self test targets, init system options, and spec file samples for building an RPM. haveged may be used independently of the /dev/random interface through the filesystem at the command line. haveged functionality may be incorporated directly into other components directly through the devel sub-package.
Suricata is an Intrusion Detection and Prevention (IDS/IPS) engine developed by the Open Information Security Foundation and its supporting vendors. The engine is multi-threaded and has native IPv6 support, file extraction capabilities, and many more features. It's capable of loading existing Snort rules and signatures, and supports many frontends through Barnyard2.
fwlogwatch is a packet filter and firewall log analyzer with support for Linux ipchains, Linux netfilter/iptables, Solaris/BSD/HP-UX/IRIX ipfilter, Cisco IOS, Cisco PIX/ASA, Netscreen, Elsa Lancom router, and Snort IDS log files. It can output its summaries in text and HTML and has a lot of options. fwlogwatch also features a realtime anomaly response capability with a Web interface.
PacketFence Zero Effort NAC (ZEN) is a network access control (NAC) system. It supports registration of new network devices, detection of abnormal network activities, isolation of problematic devices, remediation through a captive portal, registration-based and scheduled vulnerability scans, VLAN isolation with VoIP support (even in heterogeneous environments) for multiple switch vendors, support for 802.1X through a FreeRADIUS module, wireless integration with FreeRADIUS, DHCP fingerprinting, and more. It consists of a fully installed and preconfigured version of PacketFence inside a VMWare image.
PacketFence is a fully supported, trusted network access control (NAC) system. It includes a captive portal for registration and remediation, centralized wired and wireless management, 802.1X support, layer-2 isolation of problematic devices, and integration with the Snort IDS and the Nessus vulnerability scanner. It can be used to effectively secure networks, from small to very large heterogeneous networks.
cryptmount is a utility for creating and managing secure filing systems on GNU/Linux systems. After initial setup, it allows any user to mount or unmount filesystems on demand, solely by providing the decryption password, with any system devices needed to access the filing system being configured automatically. A wide variety of encryption schemes (provided by the kernel dm-crypt system and the libgcrypt library) can be used to protect both the filesystem and the access key. The protected filing systems can reside in either ordinary files or disk partitions. The package also supports encrypted swap partitions, and automatic configuration on system boot-up.
DJIGZO Email Encryption Gateway is a centrally managed email server that encrypts and decrypts incoming and outgoing email at the gateway level. Djigzo currently supports two encryption standards: S/MIME and PDF encryption. The built-in Data Leak Prevention (DLP) module can be used to prevent certain information from leaving the organization via email. DLP can be configured to filter on credit card numbers, bank account numbers, excessive amounts of email addresses or other personal information in one email message, and more. DJIGZO can be installed on most Linux and Unix based systems. Installation packages are available for Ubuntu, Debian, Red Hat and CentOS. A ready to run virtual appliance for VMware and Hyper-V is available. An add-on for BlackBerry is available.
CryptNET Passgen (passgen) is a password generator. It generates a list of password candidates for the user to choose from by mapping operating system sources of pseudo-randomness into printable character arrays using a mod operation. A number of available command line options gives it a great deal of flexibility. It is capable of generating passwords composed of printable characters, alphanumeric characters, alphabetic characters, or only numeric characters.
segatex is a tool to configure SELinux policy with the help of a GUI. At the push of a button, it can generate a .te file in the /usr/share/segatex directory. You can then edit your .te file, make a module, and install. You can make any module name and edit current modules. You can install, update, and remove modules. You can semanage list and semanage login, fcontext, and port or set some domain permissive. You can download SELinux-related RPMs, including xguest, sepostgresql, and mod_selinux. You can download Fedora DVD or CDs. You can relabel your system. You can audit2allow by GUI. You can check refpolicy by analyzer. segatex includes its own policy.