RSS 208 projects tagged "Security"

No download Website Updated 14 Apr 2014 nftables

Screenshot
Pop 267.81
Vit 5.64

nftables aims to replace the existing {ip,ip6,arp,eb}tables framework. It provides a new packet filtering framework, a new userspace utility, and a compatibility layer for {ip,ip6}tables. nftables is built upon the building blocks of the Netfilter infrastructure such as the existing hooks, the connection tracking system, the userspace queueing component, and the logging subsystem.

Download Website Updated 14 Apr 2014 fwknop

Screenshot
Pop 502.95
Vit 160.22

fwknop implements an authorization scheme called Single Packet Authorization that requires only a single encrypted packet to communicate various pieces of information, including desired access through an iptables, ipfw, or pf firewall policy and/or specific commands to execute on the target system. The main application of this program is to protect services such as SSH with an additional layer of security in order to make the exploitation of vulnerabilities much more difficult. The authorization server works by passively monitoring authorization packets via libpcap. Also supported is a robust port knocking implementation based around iptables log messages.

Download Website Updated 13 Apr 2014 ips-qos

Screenshot
Pop 72.83
Vit 1.82

ips-qos is a flexible firewall and traffic shaping tool. It was formerly offered as installers for the popular Linux distributions. The current version is available under Debian GNU/Linux. It was intended to give administrators more control over a shared Internet connection. It includes ips, a flexible and easy-to-use configurable firewall with the ability to control access to the Internet (or selected services) from a LAN. It also includes qos, a traffic shaping tool that measures and controls the traffic load for every computer in a LAN.

Download No website Updated 04 Mar 2014 IPCop Firewall

Screenshot
Pop 473.69
Vit 27.64

IPCop Linux is a complete Linux distribution whose sole purpose is to protect the networks on which it is installed.

Download No website Updated 16 Feb 2014 ipt_pkd

Screenshot
Pop 436.86
Vit 24.66

ipt_pkd is an iptables extension implementing port knock detection with SPA (single packet authorization). This project provides 3 parts: the kernel module ipt_pkd, the iptables user space module libipt_pkd.so, and a user space client knock program. For the knock packet, it uses a UDP packet sent to a random port that contains a SHA-256 of a timestamp, small header, random bytes, and a shared key. ipt_pkd checks the time window of the packet and does the SHA-256 to verify the packet. The shared key is never sent.

No download Website Updated 11 Feb 2014 Zorp

Screenshot
Pop 309.59
Vit 32.23

Zorp is a proxy firewall suite with its core architecture is built around today's security demands: it uses application level proxies, is modular and component based, uses a script language to describe policy decisions, makes it possible to monitor encrypted traffic, lets you override client actions, and lets you protect your servers with its built in IDS capabilities.

Download Website Updated 21 Jan 2014 Endian Firewall

Screenshot
Pop 734.28
Vit 29.45

Endian Firewall is an all-in-on Linux security distribution that turns any system into a full-featured security appliance. It features a stateful packet inspection firewall, application-level proxies for various protocols (HTTP, POP3, SMTP), anti-virus support, virus and spam filtering for email traffic (POP and SMTP), content filtering of Web traffic, and a "hassle free" VPN system based on OpenVPN.

No download No website Updated 22 Oct 2013 Trigger

Screenshot
Pop 25.24
Vit 13.43

Trigger is a robust network automation toolkit that was designed for interfacing with network devices and managing network configuration and security policy. It increases the speed and efficiency of managing large-scale networks while reducing the risk of human error.

No download Website Updated 17 Oct 2013 FireHOL

Screenshot
Pop 473.36
Vit 7.68

FireHOL a simple yet powerful way to configure stateful iptables firewalls. It can be used for almost any purpose, including control of any number of internal/external/virtual interfaces, control of any combination of routed traffic, setting up DMZ routers and servers, and all kinds of NAT. It provides strong protection (flooding, spoofing, etc.), transparent caches, source MAC verification, blacklists, whitelists, and more. Its goal is to be completely abstracted and powerful but also easy to use, audit, and understand.

Download Website Updated 23 Sep 2013 NetSPoC

Screenshot
Pop 144.93
Vit 8.13

The Network Security Policy Compiler (NetSPoC) is a tool for security management of large computer networks with different security domains. It generates configuration files for packet filters controlling the borders of security domains. It provides its own language for describing security policy and the topology of a network. The security policy is a set of rules that state which packets are allowed to pass the network and which are not. NetSPoC is topology aware; a rule for traffic from A to B is automatically applied to all managed packet filters on the path from A to B.

Screenshot

Project Spotlight

cego

A relational and transaction-based database system.

Screenshot

Project Spotlight

Ultra

A Web server with an in-built data store.