360-FAAR (Firewall Analysis Audit and Repair) is an offline, command line, Perl firewall policy manipulation tool to filter, compare to logs, merge, translate, and output firewall commands for new policies, in Checkpoint dbedit, Cisco ASA, or ScreenOS commands. It is all contained in one file. It can read policy and logs for: Checkpoint FW1 (in odumper.csv / logexport format), Netscreen ScreenOS (in get config / syslog format), and Cisco ASA (show run / syslog format). It uses both inclusive and exclusive CIDR and text filters, permitting you to split large policies into smaller ones for virutalization at the same time as removing unused connectivity. It supports policy to log association, object translation, rulebase reordering and simplification, rule moves, and duplicate matching automatically. It allows you to seamlessly move rules to where you need them. 'print' mode creates a spreadsheet for your audit needs with one command.
DenyThem is a program designed to protect your Linux system from malicious attacks. It is an active response system to disrupt and block dictionary attacks and DOS attacks. DenyThem by default uses /var/log/syslog and /var/log/auth.log and searches for hack attempts. When DenyThem finds enough hack attempts from a single host, it will add a DROP statement to your system's firewall, thus preventing future attacks. DenyThem uses iptables, so it will only work on Linux or any other system that uses iptables. It can also block traffic from specific countries.
Traffpro is a Linux-based traffic control, traffic accounting, bandwidth shaping, bandwidth management, and network security system with many features for reporting and billing. Internet access can be distributed to a LAN and users can be assigned a traffic quota. Networks are protected from external intrusions with a firewall. You can control ports, blacklist URLs, add iptables rules, configure multiple ISPs and multiple subnets, detect viruses, view URL histories (without Squid), see the traffic consumed by individual users, and more. It also has a ticket support system and a captive portal module.
Nagios is a host, service, and network monitoring system that will watch your network and alert you to problems before your clients or end-users do. The system runs checks on hosts and services that you specify using plugins that return status information to Nagios. When problems are encountered, the system will send notifications to system administrators so that they can take action on the problem. The JumpBox for Nagios gives you a head start to using the system. It eliminates the complexity involved in getting the application installed, and allows you to focus on the configuration for your specific environment. Since Nagios is based on plugins, depending on what you want to do this will vary in complexity.
Gargoyle is an interface for small, widely available routers such as the Linksys WRT54G series and the La Fonera. It provides functionality above and beyond what the default software provides including sophisticated dynamic DNS, quality of service, and bandwidth monitoring tools. The primary goal is to provide a polished interface for these advanced tools that is at least as easy to configure as any existing firmware. This project is based on top of OpenWrt, but unlike other Web interfaces for OpenWrt it places a strong focus an usability and is meant for average users, not just power users.
Service Guardian aims to protect servers against various things such as resource exhaustion and connection floods. It can measure the number of connections to servers' ports and, after a grace time period, compares and sees if the host is still in violation of the specified settings. If a host is in violation of the settings, it will be filtered out and dropped via netfilter/iptables.
ips-qos is a flexible firewall and traffic shaping tool. It was formerly offered as installers for the popular Linux distributions. The current version is available under Debian GNU/Linux. It was intended to give administrators more control over a shared Internet connection. It includes ips, a flexible and easy-to-use configurable firewall with the ability to control access to the Internet (or selected services) from a LAN. It also includes qos, a traffic shaping tool that measures and controls the traffic load for every computer in a LAN.
Swan is a bandwidth manager and Internet gateway that effectively controls and manages the collective bandwidth of an organization. As an Internet gateway it includes a transparent proxy, caching engine, access control lists, caching DNS server, logging and monitoring tools, an authentication mechanism, bandwidth clubbing, and policy management. It is ideal for ISPs, corporations, schools, colleges, etc. Both GUI and console-based interfaces are available for controlling the software. Installation is through a bootable CD that automatically formats the system.