iPAQ Hanheld Linux is a distribution for the iPAQ H36xx series handheld computer (PDA). It consists of a bootloader, several cramfs binary images of file systems to be loaded into flash, and the sources of modified components. It also consists of some other software that may be of use to others working on handheld computers: a Grafitti-like program, etc. It includes a fully-functioning X server based on XFree86, and basic applications.
The ipaudit package records and displays network activity. It is useful for identifying heavy bandwidth users, intrusive telnet sessions, denial of service attacks, and scans. It includes ipaudit, which stores counts of bytes and packets for every combination of host/port pairs and protocol. The utilities total and ipstrings can be used to investigate network traffic records from the command line. ipaudit-web can collect network traffic statistics and generate Web reports.
The IPchains Firewalling Module, part of the RockSolid Linux Distribution, allows you to easily maintain a firewall based on ipchains with the Webmin look and feel. It has three modes: Newbie (select one of five security levels), Template (define from a table with protocols and directions what should be allowed to pass your firewall), and Expert (have the real ipchains experience by having every parameter under control by editing a script file which has all ipchains rules). Nearly all of the ipchains options are supported.
iplog is a TCP/IP traffic logger. Currently, it is capable of logging TCP, UDP, and ICMP traffic. iplog is able to detect TCP port scans, TCP null scans, FIN scans, UDP and ICMP "smurf" attacks, bogus TCP flags, TCP SYN scans, TCP "Xmas" scans, ICMP ping floods, UDP scans, and IP fragment attacks. iplog is able to run in promiscuous mode and monitor traffic to all hosts on a network. iplog uses libpcap to read data from the network and can be ported to any system that supports pthreads and on which libpcap will function.
iptables is built on top of netfilter, the packet alteration framework for Linux 2.4.x and 2.6.x. It is a major rewrite of its predecessor ipchains, and is used to control packet filtering, Network Address Translation (masquerading, portforwarding, transparent proxying), and special effects such as packet mangling.