Linux is a clone of the Unix kernel, written from scratch by Linus Torvalds with assistance from a loosely-knit team of hackers across the Net. It aims towards POSIX and Single UNIX Specification compliance. It has all the features you would expect in a modern fully-fledged Unix kernel, including true multitasking, virtual memory, shared libraries, demand loading, shared copy-on-write executables, proper memory management, and TCP/IP networking.
The Advanced Linux Sound Architecture is composed of several parts. The first is a fully modularized sound driver which supports module autoloading, devfs, isapnp autoconfiguration, and gives complete access to analog audio, digital audio, control, mixer, synthesizer, DSP, MIDI, and timer components of audio hardware. It also includes a fully-featured kernel-level sequencer, a full compatibility layer for OSS/Free applications, an object-oriented C library which covers and enhances the ALSA kernel driver functionality for applications (client/server, plugins, PCM sharing/multiplexing, PCM metering, etc.), an interactive configuration program for the driver, and some simple utilities for basic management.
Astaro Portscan Detection is a netfilter target which will attempt to detect TCP and UDP port scans and log them to syslog. This target is based upon Solar Designer's scanlogd. It suppports mutliple levels of logging, custom prefixes for entries, weighted total port scan detection, and port scan temporal spread detection.
T/TCP For Linux is an implementation and integration of T/TCP (Transaction TCP) into Linux kernels. T/TCP is an extension for standard TCP which uses a monotonically increasing variable, CC (Connection Counts), to bypass the 3-way handshake and reduce TIME_WAIT perild. T/TCP greatly decreases the overhead that standard TCP introduces when dealing with transaction-oriented connections. T/TCP for Linux also focuses on the promotion of wide adoption of T/TCP, since it has indisputable performance advantages over standard TCP.
Gircap is a set of tools to help you use the widely unknown "capabilities" that Linux has in place of conventional Unix superuser privilege. That means you can give programs and processes only as much privilege as they need and greatly limit your security exposure due to system bugs. A Linux kernel patch fixes some basically broken aspects of capabilities. setcap and getcap let you set and show capabilities of a running process. capexec runs a program with certain capabilities, UID, GID, and supplemental GIDs. It can be used to have init start a daemon with only a subset of init's privileges. binfmt_capx is an executable interpreter in the form of a loadable kernel module. It lets you do a setuid kind of thing for files, only with fine grained capabilities. This is a cheap substitute for real "file capabilities."
Kernel Analyzer monitors system activity by recording information about task preemptions and interruptions. The data generated is intended for real-time developers and is useful for analyzing driver timing issues and scheduling efficiency. It can also help by giving an overview of a system.