segatex is a tool to configure SELinux policy with the help of a GUI. At the push of a button, it can generate a .te file in the /usr/share/segatex directory. You can then edit your .te file, make a module, and install. You can make any module name and edit current modules. You can install, update, and remove modules. You can semanage list and semanage login, fcontext, and port or set some domain permissive. You can download SELinux-related RPMs, including xguest, sepostgresql, and mod_selinux. You can download Fedora DVD or CDs. You can relabel your system. You can audit2allow by GUI. You can check refpolicy by analyzer. segatex includes its own policy.
PacketFence is a fully supported, trusted network access control (NAC) system. It includes a captive portal for registration and remediation, centralized wired and wireless management, 802.1X support, layer-2 isolation of problematic devices, and integration with the Snort IDS and the Nessus vulnerability scanner. It can be used to effectively secure networks, from small to very large heterogeneous networks.
The OATH Toolkit makes it easy to build one-time password authentication systems. It contains shared libraries, commandline tools, and a PAM module. Supported technologies include the event-based HOTP algorithm (RFC4226) and the time-based TOTP algorithm (RFC6238). OATH stands for Open AuTHentication, which is the organization which specifies the algorithms. For managing secret key files, the Portable Symmetric Key Container (PSKC) format described in RFC6030 is supported.
The IDAutomation MICR E13B Font Advantage package includes a single precise MICR E-13B font which usually avoids the need to calibrate the font to the printer, calibration software for printers that are out of alignment, 24 additional MICR fonts at various widths and intensities, security fonts for printing secure names and amounts, MICR E13B print specifications and an easy to use Bank Check Design and Printing Software application.
SSLsplit is a tool that performs man-in-the-middle attacks against SSL/TLS encrypted network connections for network forensics and penetration testing. It terminates SSL/TLS and initiates a new connection to the original destination, logging all data transmitted. It supports plain TCP and SSL, HTTP and HTTPS, and IPv4 and IPv6. For SSL and HTTPS, it generates and signs forged X509v3 certificates on-the-fly using the original certificate's subject DN and subjectAltName extension. It supports Server Name Indication, RSA, DSA, and ECDSA keys, and DHE and ECDHE cipher suites. It can also use existing certificates if the private key is available.
ivepkg is a package manager with a focus on homebuilt distributions like Linux From Scratch. Therefore, ivepkg has no repository or network abilities, but is specialized on installing tarballs to a system. Its key features are an easy-to-use database (sqlite3) and a sha1 checksum of every installed file. These make it possible to know which files have been altered (for example, by a malicious attack).
haveged is a daemon that feeds the /dev/random pool on Linux using an adaptation of the HArdware Volatile Entropy Gathering and Expansion algorithm invented at IRISA. The implementation attempts to be self-tuning on a wide variety of hardware and includes runtime validation testing. The tarball uses the GNU build mechanism and includes a devel sub-package, self test targets, init system options, and spec file samples for building an RPM. haveged may be used independently of the /dev/random interface through the filesystem at the command line. haveged functionality may be incorporated directly into other components directly through the devel sub-package.
Moscrack is a WPA cracker for use on clusters. It supports MOSIX, SSH, and RSH connectivity and works by reading a word list from STDIN or a file, breaking it into chunks, and passing those chunks off to separate processes that run in parallel. The parallel processes are then executed on different nodes in your cluster. All results are checked and recorded on your master node. Logging and error handling are taken care of. It is capable of running reliably for long periods of time, without the risk of losing data or having to restart. Moscrack uses aircrack-ng by default. Pyrit for WPA cracking and Dehasher for Unix password hashes are supported via plugins.
fwlogwatch is a packet filter and firewall log analyzer with support for Linux ipchains, Linux netfilter/iptables, Solaris/BSD/HP-UX/IRIX ipfilter, Cisco IOS, Cisco PIX/ASA, Netscreen, Elsa Lancom router, and Snort IDS log files. It can output its summaries in text and HTML and has a lot of options. fwlogwatch also features a realtime anomaly response capability with a Web interface.