360-FAAR (Firewall Analysis Audit and Repair) is an offline, command line, Perl firewall policy manipulation tool to filter, compare to logs, merge, translate, and output firewall commands for new policies, in Checkpoint dbedit, Cisco ASA, or ScreenOS commands. It is all contained in one file. It can read policy and logs for: Checkpoint FW1 (in odumper.csv / logexport format), Netscreen ScreenOS (in get config / syslog format), and Cisco ASA (show run / syslog format). It uses both inclusive and exclusive CIDR and text filters, permitting you to split large policies into smaller ones for virutalization at the same time as removing unused connectivity. It supports policy to log association, object translation, rulebase reordering and simplification, rule moves, and duplicate matching automatically. It allows you to seamlessly move rules to where you need them. 'print' mode creates a spreadsheet for your audit needs with one command.
IronBox Linux is a Linux distribution based on Linux From Scratch and designed for usage in high security server environments. Its main goal is to ensure a stable and secure deploy where patching and system upgrades do not depend on security bugs, but on the task team schedules and the needed features of the system or the software it runs.
Hovitaga OpenSQL Editor is a powerful tool for SAP consultants, ABAP developers, and basis administrators that helps to work with the database of a SAP system. It provides an intuitive way to build ad-hoc reports and statistics with OpenSQL commands. Writing programs that access the database in any form becomes much easier since all commands accessing the database can be developed, tested, and analyzed with many user-friendly features.
libtransliterate is a C++ library converts “transliterated” representations of non-English languages (that use sequences as ANSI characters to represent characters) to Unicode. It supports TLG's Beta Code and cjhebrew. The library comes with a SWIG interface definition that may work with your favorite scripting language and a hand-coded Python interface with native Python Unicode support.
mod_ipblock aims to provide protection from aggressive clients by blocking or reporting them with a script. Users can set a limit to simultaneous connections. When this limit is reached, the module will execute the defined command. You can then write a simple bash script which can run commands with sudo(8) in order to limit the client or notify the admins.
mod_rangelimit aims to provide protection from DoS attacks using the Range header in Apache. It does so by analyzing the ranges supplied in the Range header. It checks the headers before mod_setenvif, and if there is even one invalid range in the request, the whole request is declined. The module also checks the number of supplied ranges and the number of overlapping ranges. It provides two options, MaxRanges (defaulting to 20) and MaxOverlappingRanges (defaulting to 5).
Hawk IDS/IPS is a lightweight log analyzer which was designed to be fast and efficient. It scans log files on the fly and bans IPs which make too many password failures. It adds iptables rules to reject the IP addresses. You can define the logfiles. Hawk provides a unique Web interface and flexibility, and supports sshd, dovecot, courier, pure-ftpd, proftpd, cPanel, and DirectAdmin.