RSS 13 projects tagged "Operating System Kernels"

Download No website Updated 16 Feb 2014 ipt_pkd

Screenshot
Pop 428.55
Vit 25.26

ipt_pkd is an iptables extension implementing port knock detection with SPA (single packet authorization). This project provides 3 parts: the kernel module ipt_pkd, the iptables user space module libipt_pkd.so, and a user space client knock program. For the knock packet, it uses a UDP packet sent to a random port that contains a SHA-256 of a timestamp, small header, random bytes, and a shared key. ipt_pkd checks the time window of the packet and does the SHA-256 to verify the packet. The shared key is never sent.

No download Website Updated 13 Dec 2007 grsecurity

Screenshot
Pop 323.78
Vit 11.71

grsecurity is a complete security system for Linux 2.4 and 2.6 that implements a detection/prevention/containment strategy. It prevents most forms of address space modification, confines programs via its Role-Based Access Control system, hardens syscalls, provides full-featured auditing, and implements many of the OpenBSD randomness features. It was written for performance, ease-of-use, and security. The RBAC system has an intelligent learning mode that can generate least privilege policies for the entire system with no configuration. All of grsecurity supports a feature that logs the IP of the attacker that causes an alert or audit.

Download Website Updated 01 Mar 2013 Tin Hat

Screenshot
Pop 113.76
Vit 10.07

Tin Hat is a Linux distribution derived from hardened Gentoo. It aims to provide a very secure, stable, and fast desktop environment that lives purely in RAM. Tin Hat boots from CD, or optionally USB pen drive, but it is not a LiveCD in that it does not mount any file system from the boot device. Rather, Tin Hat employs a massive squashfs image which expands into tmpfs upon booting. This makes for long boot times, but remarkable speeds during human-computer interaction.

Download Website Updated 14 Feb 2011 ctunnel

Screenshot
Pop 102.61
Vit 3.25

ctunnel is a program for tunneling and proxying TCP or UDP connections via a cryptographic tunnel. ctunnel can be used to secure any existing TCP or UDP based protocol, such as HTTP, Telnet, FTP, RSH, MySQL, VNC, DNS, XDMCP, NFS, etc. You can also chain or bounce connections to any number of intermediary hosts.

Download Website Updated 05 Jul 2005 pptp proxy

Screenshot
Pop 73.46
Vit 2.90

pptp proxy forwards a PPTP VPN connection through a Linux firewall.

Download Website Updated 05 Jan 2002 Linux VPN Masquerade

Screenshot
Pop 68.85
Vit 2.72

Linux VPN Masquerade allows you to use an IPSec or PPTP VPN host (client or server) behind a Linux masquerading firewall. No more hogging the cable modem when you need to connect to the office network.

Download Website Updated 05 Dec 2004 Hardened Debian

Screenshot
Pop 68.33
Vit 1.75

Hardened Debian improves Debian GNU/Linux with high security and hardening features, hardened kernels and packages, DHKP, and other security related enhancements. It makes systems more difficult to compromise using common attacks such as race conditions, chroot jail escapes, and buffer overflows.

Download Website Updated 21 Jan 2004 SEPPL

Screenshot
Pop 43.45
Vit 2.12

SEPPL is both a protocol definition and a software implementation of a new encryption layer for IPv4. It is extremely leightweight and easy to use. It is implemented for the Linux kernel and makes use of netfiler and the Linux CryptoAPI. It is intended as a software replacement for WEP but may be used on non-wireless lans as well. It even fits for VPN solutions.

Download Website Updated 15 Dec 2003 /dev/random for HP-UX 11.00

Screenshot
Pop 35.24
Vit 1.43

/dev/random for HP-UX 11.00 provides a device driver that generates high-quality random numbers.

Download Website Updated 12 Jul 2006 HAVEGE

Screenshot
Pop 29.70
Vit 1.00

HAVEGE (HArdware Volatile Entropy Gathering and Expansion) is a user-level software unpredictable random number generator for general-purpose computers that exploits modifications of the internal volatile hardware states as a source of uncertainty. It combines on-the-fly hardware volatile entropy gathering with pseudo-random number generation. The internal state includes thousands of internal volatile hardware states and is merely unmonitorable. It can support several hundreds of megabits per second on current workstations and PCs.

Screenshot

Project Spotlight

ToPIA

A persistence and application distribution framework.

Screenshot

Project Spotlight

Lunzip

A decompressor for lzip files.