Suricata is an Intrusion Detection and Prevention (IDS/IPS) engine developed by the Open Information Security Foundation and its supporting vendors. The engine is multi-threaded and has native IPv6 support, file extraction capabilities, and many more features. It's capable of loading existing Snort rules and signatures, and supports many frontends through Barnyard2.
AntiJOP is an anti-malware solution that recodes assembly language to remove JOP attack gadgets. JOP attacks on x86 often hinge on the availability of 0xFF bytes in preexisting code, which can be co-opted to serve as register-indirect call instructions. AntiJOP removes instances of 0xFF bytes that may exist, for example, in immediate values, MOD/RM bytes, etc.
Lynis is an auditing and hardening tool for Unix derivatives like Linux/BSD/Solaris. It scans systems to detect software and security issues. Besides security-related information, it will also scan for general system information, installed packages, and possible configuration mistakes. The software is aimed at assisting automated auditing, software patch management, and vulnerability and malware scanning of Unix-based systems.
PeaZip is a cross-platform file archiver utility that provides a unified portable GUI for many open source technologies like 7-Zip, FreeArc, PAQ, UPX, etc. Creates 7Z, ARC, BZ2, GZ, *PAQ, PEA, QUAD/BALZ, TAR, UPX, WIM, XZ, and ZIP files. It extracts more than 150 archive types: ACE, ARJ, CAB, DMG, ISO, LHA, RAR, UDF, ZIPX, and more. Features of PeaZip include extracting, creating, and converting multiple archives at once, creating self-extracting archives, split/join files, strong encryption with two factor authentication, an encrypted password manager, secure deletion, find duplicate files, calculate hashes, and export job definitions as scripts.
segatex is a tool to configure SELinux policy with the help of a GUI. At the push of a button, it can generate a .te file in the /usr/share/segatex directory. You can then edit your .te file, make a module, and install. You can make any module name and edit current modules. You can install, update, and remove modules. You can semanage list and semanage login, fcontext, and port or set some domain permissive. You can download SELinux-related RPMs, including xguest, sepostgresql, and mod_selinux. You can download Fedora DVD or CDs. You can relabel your system. You can audit2allow by GUI. You can check refpolicy by analyzer. segatex includes its own policy.
LinOTP is a solution for strong two-factor authentication with one time passwords. It features a modular architecture into which UserIdResolver, authentication, and OTP calculation modules can be plugged. It includes UserIdResolver modules for LDAP/AD, SQL, and flat file user databases, and authentication modules for PAM and RADIUS. New modules can be developed easily. Supported tokens are HMAC-OTP/HOTP (RFC 4226/ OATH compliant), Aladdin eToken PASS, eToken NG-OTP, Safeword Alpine, Yubikey, Google Authenticator, motp, SMS OTP/Mobile TAN, email token, and a Simple Pass token for users without token hardware. TOTP is supported, along with a new algorithm for daily passwords for applications not supporting RADIUS. OCRA tokens are supported to allow transaction signing in banking environments. CLI, Web, and GTK+ GUI clients are available for management. LinOTP features multi-client capability, redundancy, and a self-service portal. It has been used with PAM for local and SSH logins, Apache, VPN, and Windows Terminal Server, and is OATH certified.
MQ Standard Security Exit is a solution that allows a company to control and restrict who is accessing a WebSphere MQ resource. The security exit will operate with WebSphere MQ v6.0, v7.0, v7.1, or v7.5 in Windows, IBM i (OS/400), Unix, and Linux environments. It works with Server Connection, Receiver, Requestor, and Cluster-Receiver channels of WebSphere MQ queue manager. The MQ Standard Security Exit solution is comprised of a server-side security exit.
MQ Message Encryption (MQME) is a solution that provides encryption for WebSphere MQ message data while it resides in a queue and in the MQ logs. It uses AES and offers the ability to control who accesses protected queues. This control is obtained through the use of UserID grouping, and group files are similar to the Unix /etc/group file. It also has the ability to generate and validate messages using a SHA-2 digital signature.