ipt_pkd is an iptables extension implementing port knock detection with SPA (single packet authorization). This project provides 3 parts: the kernel module ipt_pkd, the iptables user space module libipt_pkd.so, and a user space client knock program. For the knock packet, it uses a UDP packet sent to a random port that contains a SHA-256 of a timestamp, small header, random bytes, and a shared key. ipt_pkd checks the time window of the packet and does the SHA-256 to verify the packet. The shared key is never sent.
Mail2sh makes it possible to carry out shell commands by email. Email is sent to a particular user on your host and the commands will be carried out if the user and password given matches ones in /etc/passwd. Commands are executed with the user's privileges, and combined with a PGP module ensures a certain level of security for use. Note that the system is not natively encrypted, so use of an encryption mechanism is highly recommended for security reasons.
Grml is a live system (live CD) based on Debian. It includes a collection of GNU/Linux software especially for system administrators and users of texttools. It provides automatic hardware detection and its default shell is the zsh. You can use it e.g. as a rescue system, for analyzing systems/networks, or as a working environment. It is not necessary to install anything to a hard disk; you don't even need a hard disk to run it. Due to on-the-fly decompression, it includes more than 2 GB of software and documentation on the CD.
The SRR Module (srripc) is a synchronous message-passing module for the Linux kernel versions 2.2.x, 2.4.x, and 2.6.x. This module provides synchronous message passing among processes and threads, queued asynchronous event notification (proxies), timed delivery of proxies and signals, triggering of proxies between tasks, and user-space interrupt handling. Synchronous message passing is a fast, flexible, and robust IPC mechanism, particularly useful for building modular systems. The SRR Module installs automatically and provides an API that allows for porting of applications between QNX and Linux.
ctunnel is a program for tunneling and proxying TCP or UDP connections via a cryptographic tunnel. ctunnel can be used to secure any existing TCP or UDP based protocol, such as HTTP, Telnet, FTP, RSH, MySQL, VNC, DNS, XDMCP, NFS, etc. You can also chain or bounce connections to any number of intermediary hosts.
NASLite is a Network Attached Storage (NAS) server operating system designed to transform a basic computer into a dedicated file server. Utilizing highly optimized versions of Samba, uCLibc, BusyBox, and various other Linux tools, it provides SMB/CIFS, FTP, or NFS filesystem support. It accommodates multiple client OSes: Windows, Mac OS X, and Linux. NASLite offers SMART disk monitoring and large file support, and is incredibly easy to install and administer.
Noca is a shared library that prevents the page cache from filling with data that we know we only need once. It hooks read, lseek, and close. If some conditions are met, they trigger an fadvise call so that the memory is freed. An example of its use could be to limit the page cache of a "tar zxvf" operation to a specified size, no matter how big the archive is.
kernbench is a CPU throughput benchmark. It is designed to compare kernels on the same machine, or to compare hardware. It runs a kernel compile at various numbers of concurrent jobs: 1/2 number of CPUs, optimal (default is 4xnumber of CPUs), and maximal job count. Optionally it can also run single threaded. It then prints out a number of useful statistics for the average of each group of runs.