debcheckroot is a tool that retrieves file checksums online or from read only media. It provides trusted verification of your root file system at least as far as you can trust your Internet connection or your verification medium (DVD, BD, etc.). Unlike debsums, it doesn't rely on locally stored md5sums which can be modified by an attacker along with the files themselves. It also provides cleaner and better structured output, and can spot files added to your system by someone else.
Endian Firewall is an all-in-on Linux security distribution that turns any system into a full-featured security appliance. It features a stateful packet inspection firewall, application-level proxies for various protocols (HTTP, POP3, SMTP), anti-virus support, virus and spam filtering for email traffic (POP and SMTP), content filtering of Web traffic, and a "hassle free" VPN system based on OpenVPN.
fwknop implements an authorization scheme called Single Packet Authorization that requires only a single encrypted packet to communicate various pieces of information, including desired access through an iptables, ipfw, or pf firewall policy and/or specific commands to execute on the target system. The main application of this program is to protect services such as SSH with an additional layer of security in order to make the exploitation of vulnerabilities much more difficult. The authorization server works by passively monitoring authorization packets via libpcap. Also supported is a robust port knocking implementation based around iptables log messages.
x509watch is a simple command line application that can be used to list soon expiring or already expired X.509 certificates, such as SSL certificates. All certificates are searched by default in the standard PKI directory, but any other directory can be specified as a parameter. Only Base64 encoded DER and PEM X.509 certificates are supported.
Collax Groupware Suite is a complete collaboration, e-mail, and messaging server with Outlook MAPI support. It offers enterprise email server functions, anti-spam and anti-virus filters, GUI management, a file server for SMB, NFS, FTP, and Apple shares, backup/restore server, IM server, and fax and SMS server. The groupware offers AJAX Web mail, calendar, team calendar, contacts, and tasks, and supports ActiveSync for mobile devices. It is free for private or commercial use of up to five users.
Collax Business Server is an all-in-one Linux server for small- and medium-sized businesses. It delivers all the important network services within a heterogeneous business environment for communication, infrastructure, compliance, groupware, and storage, all in a reliable and secure way which is easy to manage. It also provides essential security functions such as firewalling and virus and spam filtering, to protect against hacker attacks, viruses, and unsolicited email messages.
The Network Security Policy Compiler (NetSPoC) is a tool for security management of large computer networks with different security domains. It generates configuration files for packet filters controlling the borders of security domains. It provides its own language for describing security policy and the topology of a network. The security policy is a set of rules that state which packets are allowed to pass the network and which are not. NetSPoC is topology aware; a rule for traffic from A to B is automatically applied to all managed packet filters on the path from A to B.
ssmart is a little Perl script to store a secure shell identity/cfs passwords blowfish encrypted to a smartcard. There will be no local copy of your identity on your hard drive, or even worse on an NFS share. It also allows you to quick mount all stored cfs directories, and it has a GNOME GUI (useful if you want it to use it with your .xinitrc). It uses the smartcard program to interact with the chipdrive.