Lokiwall is a firewall script for Linux. In addition to the standard function of easily limiting network traffic, it features dual routing (using two Internet connections simultaniously), connection fail-over, load balancing, traffic control, advanced masquerading, advanced DNAT, and advanced marking (to direct specific traffic to a certain interface). The advanced features require some kernel patches. The standard features will work on a default Linux system with iptables and iproute2.
checkroot is an openSUSE equivalent of debsums. It enables retrieval of fingerprint updates online, allowing trusted verification of a root filesystem. This prevents a cracker from hiding his traces from "rpm --verify -a". If the verification fails, checkroot can download the package header containing the md5sums online. Alternatively, all md5sums can be fetched online (if you mistrust some of the fingerprints/private keys the locally stored md5sums are signed with).
CacheGuard Appliance is an all-in-one OS appliance providing firewall, antivirus, caching, compression, bandwidth allocation, load balancing, reverse and forward proxy, high availability, Web application firewall, URL guarding, and more. It can be purchased as an OS to install on your server, as an OS to run in a virtual machine, or as a hardware appliance.
losetup-utils are three bash scripts that attempt to make the use of losetup a bit easier and faster. losetup can be fast, easy, and practical if you need to transport sensitive information over the Internet or in CD's, DVD's, or a pendrive. Also, if you want to store private data on your hard disk or in the cloud, an encrypted volume can be a convenient choice. The types of encryption can be any installed on the system.
CIRCLean aims to be used by someone receiving a USB key from an untrusted source who wants to see the content without opening the original and potentially malicious files. The code runs on a Raspberry Pi, which means it is never required to plug the original USB key into a computer.
vlock is a program to lock one or more sessions on the Linux console. This is especially useful for Linux machines which have multiple users with access to the console. One user may lock his or her session(s) while still allowing other users to use the system on other virtual consoles. If desired, the entire console may be locked and virtual console switching disabled.
FireHOL a simple yet powerful way to configure stateful iptables firewalls. It can be used for almost any purpose, including control of any number of internal/external/virtual interfaces, control of any combination of routed traffic, setting up DMZ routers and servers, and all kinds of NAT. It provides strong protection (flooding, spoofing, etc.), transparent caches, source MAC verification, blacklists, whitelists, and more. Its goal is to be completely abstracted and powerful but also easy to use, audit, and understand.