DansGuardian is a Web content filtering proxy that uses Squid to do all the fetching. It filters using multiple methods including, but not limited to, phrase matching, file extension matching, MIME type matching, PICS filtering, and URL/domain blocking. It has the ability to switch off filtering by certain criteria including username, domain name, source IP, etc. The configurable logging produces a log in an easy to read format. It has the option to only log text-based pages, thus significantly reducing redundant information (such as every image on a page).
Email Security through Procmail (the Procmail Sanitizer) provides methods to sanitize email, removing obvious exploit attempts and disabling the channels through which exploits are delivered. Facilities for detecting and blocking Trojan Horse exploits and worms are also provided.
Email sends email to remote SMTP servers via the command line, which makes it useful in cron jobs. It will send to any RFC standard remote ESMTP server, is TLS/SSL enabled, and will allow you to encrypt, sign, and design your message on the fly. It has the capability to use signature files with dynamic options, address book functionality, and users can also attach pictures, binary files, documents, or whatever they want. It is completely compatible with GNUPG for encryption and signing, and is easy to configure and use.
iplog is a TCP/IP traffic logger. Currently, it is capable of logging TCP, UDP, and ICMP traffic. iplog is able to detect TCP port scans, TCP null scans, FIN scans, UDP and ICMP "smurf" attacks, bogus TCP flags, TCP SYN scans, TCP "Xmas" scans, ICMP ping floods, UDP scans, and IP fragment attacks. iplog is able to run in promiscuous mode and monitor traffic to all hosts on a network. iplog uses libpcap to read data from the network and can be ported to any system that supports pthreads and on which libpcap will function.
This patch integrates SecurID authentication services directly into the OpenSSH daemon, allowing users to use SecurID tokens directly as their passwords instead of relying on the clunky sdshell. It rides on the plain password auth architecture in OpenSSH to avoid requiring ChallengeResponse or email@example.com style auth. It supports full privilege separation.
C-Kermit is a combined serial and network communication software package offering a consistent, medium-independent, cross-platform approach to connection establishment, terminal sessions, file transfer, character-set translation, numeric and alphanumeric paging, and automation of communication tasks. Recent versions include FTP and HTTP clients as well as an SSH interface, all of which can be scripted and aware of character-sets. It supports built-in security methods, including Kerberos IV, Kerberos V, SSL/TLS, and SRP, FTP protocol features such as MLSD, and source-code parity with Kermit 95 2.1 for Windows and OS/2.