Arno's IPTABLES Firewall Script is a secure stateful firewall for both single and multi-homed machines. It supports NAT and SNAT, port forwarding, ADSL ethernet modems with both static and dynamically assigned IPs, MAC address filtering, stealth port scan detection, DMZ support, protection against SYN/ICMP flooding, experimental IPv6 support, multi-interface/aliased-IP support, and extensive user definable logging with rate limiting to prevent log flooding. It has plugin support to add extra features (like SSH Brute Force protection and (Racoon) IPSEC support). It is easy to configure and highly customizable. A filter script that makes your firewall log more readable is also included.
fwknop implements an authorization scheme called Single Packet Authorization that requires only a single encrypted packet to communicate various pieces of information, including desired access through an iptables, ipfw, or pf firewall policy and/or specific commands to execute on the target system. The main application of this program is to protect services such as SSH with an additional layer of security in order to make the exploitation of vulnerabilities much more difficult. The authorization server works by passively monitoring authorization packets via libpcap. Also supported is a robust port knocking implementation based around iptables log messages.
GNUnet is a peer-to-peer framework with focus on providing security. All peer-to-peer messages in the network are confidential and authenticated. The framework provides a transport abstraction layer and can currently encapsulate the network traffic in UDP, TCP, HTTP, HTTPS, or direct 802.11 (WLAN). GNUnet supports accounting to provide contributing nodes with better service. The services built on top of the framework include anonymous file sharing and a virtual network providing IPv4-IPv6 transition via protocol translation over the P2P network.
For users on Linux and Unix, KDE offers a full suite of user workspace applications which allow interaction with these operating systems in a modern, graphical user interface. This includes Plasma Desktop, KDE's innovative and powerful desktop interface. Other workspace applications are included to aid with system configuration, running programs, or interacting with hardware devices. While the fully integrated KDE Workspaces are only available on Linux and Unix, some of these features are available on other platforms. In addition to the workspace, KDE produces a number of key applications such as the Konqueror Web browser, Dolphin file manager, and Kontact, the comprehensive personal information management suite. The list of applications includes many others, including those for education, multimedia, office productivity, networking, games, and much more. Most applications are available on all platforms supported by the KDE Development. KDE also brings to the forefront many innovations for application developers. An entire infrastructure has been designed and implemented to help programmers create robust and comprehensive applications in the most efficient manner, eliminating the complexity and tediousness of creating highly functional applications.
The WiKID Strong Authentication System is a highly scalable, secure two-factor authentication system. It is simple to implement and maintain, allows users to be validated automatically, requires no hardware tokens, has a simple API for application support (via Ruby, PHP, Java, COM, Python, etc.), supports multiple domains, and supports replication for fault tolerance and scalability. It also supports mutual /host and transaction authentication, wireless tokens only domains, locked tokens (to your PC), anti-keystroke logger keypad PIN entry, etc.
Observium is an autodiscovering network monitoring system focused primarily on Cisco and Linux networks but includes support for a wide range of network hardware and operating systems. Observium has grown out of a lack of easy to use NMSes. It is intended to provide a more navigable interface to the health and performance of your network. Its design goals include collecting as much historical data about devices as possible, being completely autodiscovered with little or no manual intervention, and having a very intuitive interface.
isdn4net is a collection of scripts and configuration files to help you run isdn4linux. It is designed for fast setup of a simple dialout to one ISP, but may also be used for management of complex setups. It is intended for Mandrake systems, but if there is interest, it could be adapted to others as well.