Bastille Unix (formerly Bastille Linux) aims to be the most comprehensive, flexible, and educational Security Hardening Program for Red Hat (Fedora Core, Enterprise Linux, and original Red Hat), SuSE, Gentoo, Mandrake, and Debian Linux, as well as HP-UX and Mac OS X. Virtually every task it performs is optional, providing immense flexibility. It educates the installing admin regarding the topic at hand before asking any question. The interactive nature allows the program to be more thorough when securing, while the educational component produces an admin who is less likely to compromise the increased security.
Liberté Linux is a secure, reliable, lightweight, and easy to use Gentoo-based live USB Linux distribution intended as a communication aid in hostile environments. It installs as a regular directory on a USB/SD key, and after a single-click setup, boots on any desktop computer or laptop. The Internet connection is then used to set up a Tor circuit, which handles all network communication. During first boot, a unique email ID is generated from fingerprints of user's certificate and Tor hidden service key. This persistent ID allows one to stealthily communicate with other Liberté users. The distribution includes image and document processing applications, and can function as a secure Web browsing platform. For developers, Liberté can also serve as a robust framework for mastering Gentoo-based live USBs/CDs. The build process is fully automated with incremental build support, and is more mature and reliable than most of Gentoo's own outdated live CD tools.
LinuxMCE is an add-on to Kubuntu that provides a complete whole-house media solution. It provides PVR and distributed media functions. It is stable, easy to use, and requires no knowledge of Linux and only basic computer skills. It allows you to set up a computer system that centralizes audio/video equipment, allowing you to access all media functions in other rooms with only thin clients. It supports home automation protocols including KNX, EIB, Z-Wave, DMX, EnOcean, and PLCBUS.
LoginIDS provides functions to analyze log files from different services in order to detect unusual login behavior. The normal user behavior is learned by analyzing log files and saved in a database. Logins are analyzed by time, service, source, and destination address. If a user's login is new or considered unlikely by LoginIDS, an alert is generated. Alerts can be handled by external scripts and viewed using the log file management system Splunk and the LoginIDS App.
Netzob supports the expert in reverse engineering, evaluation, and simulation of communication protocols. Its main goals are to help security evaluators to assess the robustness of proprietary or unknown protocol implementations, simulate realistic communications to test third-party products (IDS, firewalls, etc.), and create an Open Source implementation of a proprietary or unknown protocol. Netzob provides a semi-automatic inferring process, and includes everything necessary to passively learn the vocabulary of a protocol and actively infer its grammar. The learnt protocol can afterward be simulated. Netzob handles text protocols (like HTTP and IRC), fixed field protocols (like IP and TCP), and variable field protocols (like ASN.1-based formats).
Nova is a software application for preventing and detecting hostile network reconnaissance (such as nmap scans). It does this by first creating the Haystack: a large collection of low interaction honeypots using an updated version of Honeyd. Finding real machines on the network becomes like finding a needle in a haystack of fake machines. Second, Nova uses machine learning algorithms to automatically detect and classify attempts at hostile reconnaissance, so there's no need to go searching manually through your honeypot's log files. It provides an easy to use Web-based interface powered by Node.js to configure itself and Honeyd instances.
Tenable Nessus is a world-leader in active vulnerability scanners. It features high-speed discovery, configuration auditing, asset profiling, sensitive data discovery, and vulnerability analysis of your security posture. Nessus scanners may be distributed throughout an entire enterprise, inside DMZs, and across physically separate networks. It is free of charge for personal use in a non-enterprise environment.