FireHOL a simple yet powerful way to configure stateful iptables firewalls. It can be used for almost any purpose, including control of any number of internal/external/virtual interfaces, control of any combination of routed traffic, setting up DMZ routers and servers, and all kinds of NAT. It provides strong protection (flooding, spoofing, etc.), transparent caches, source MAC verification, blacklists, whitelists, and more. Its goal is to be completely abstracted and powerful but also easy to use, audit, and understand.
ipt-netflow is high performance NetFlow exporting module for Linux kernel (up to 3.x). It is designed for Linux router with heavy network load. This is netfilter/iptables module adding support for NETFLOW target. It is designed to work without conntrack. It supports NetFlow protocols versions 5, 9, and IPFIX. It has accounting for IPv4, IPv6 traffic, and (NEL) NAT translation events.
Collax Business Server is an all-in-one Linux server for small- and medium-sized businesses. It delivers all the important network services within a heterogeneous business environment for communication, infrastructure, compliance, groupware, and storage, all in a reliable and secure way which is easy to manage. It also provides essential security functions such as firewalling and virus and spam filtering, to protect against hacker attacks, viruses, and unsolicited email messages.
Andrisoft WANSIGHT is a fully featured network traffic analyzer and collector. It provides in-depth traffic analysis, traffic accounting, and bandwidth monitoring, and enables you to generate complex traffic reports, graphs, and tops, instantly pin down the cause of network incidents, understand patterns in application performance, and make the right capacity planning decisions. It supports 10GbE packet sniffing and NetFlow, sFlow, and IPFIX.
HTTP Time Protocol is a time synchronization tool that uses Web server responses (HTTP headers) instead of the NTP protocol. If you are behind a corporate firewall, NAT device, or proxy server, HTP will still be able to synchronize the time. For high precision time synchronization, use ntpd.
The GNU Gatekeeper is a free H.323 gatekeeper based on the OpenH323 project. You can use it to manage a Voice-over-IP network and let endpoints (e.g., Netmeeting) communicate through symbolic names. It also has an external interface for billing and other applications. It runs on a number of Unix versions (including Linux and Solaris) and Windows.
Snort is a network intrusion detection and prevention system. It is the most widely deployed technology of its kind in the world. It performs detection using a variety of methods including rules-based detection, anomaly detection, and heuristic analysis of network traffic. Its rules language is open source and available to the public as well.
For users on Linux and Unix, KDE offers a full suite of user workspace applications which allow interaction with these operating systems in a modern, graphical user interface. This includes Plasma Desktop, KDE's innovative and powerful desktop interface. Other workspace applications are included to aid with system configuration, running programs, or interacting with hardware devices. While the fully integrated KDE Workspaces are only available on Linux and Unix, some of these features are available on other platforms. In addition to the workspace, KDE produces a number of key applications such as the Konqueror Web browser, Dolphin file manager, and Kontact, the comprehensive personal information management suite. The list of applications includes many others, including those for education, multimedia, office productivity, networking, games, and much more. Most applications are available on all platforms supported by the KDE Development. KDE also brings to the forefront many innovations for application developers. An entire infrastructure has been designed and implemented to help programmers create robust and comprehensive applications in the most efficient manner, eliminating the complexity and tediousness of creating highly functional applications.
A fail2ban lite. IPQ BDB is a netfilter userspace daemon that can block or mark IP packets according to iptables rules that issue the corresponding -j NFQUEUE, as well as a Berkeley database of bad IPv4 addresses. A log parser and a banning utility add entries to the database. An IP has to be caught a configurable number of times before being blocked. Transitions between blocked and non-blocked are faded using probabilities. A halving period governs IP rehabilitation.