Tor-ramdisk is a uClibc-based micro Linux distribution whose only purpose is to host a Tor server in an environment that maximizes security and privacy. Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. Security is enhanced in tor-ramdisk by employing a monolithically compiled GRSEC/PAX patched kernel and hardened system tools. Privacy is enhanced by turning off logging at all levels so that even the Tor operator only has access to minimal information. Finally, since everything runs in ephemeral memory, no information survives a reboot, except for the Tor configuration file and the private RSA key, which may be exported and imported by FTP or SSH.
Trustix™ Enterprise Firewall is a WYSIWYG firewall for iptables. It provides drag and drop security policy deployment and allows you to visualise DMZs, integrate branch offices with 3DES encrypted VPN tunnels, accelerate Internet access times with proxy caching server, and authenticate remote workers with PKI X.509 certificates. The unique GUI also allows you to manage traffic for all your zones (up to 24) as well as port forwarding and network address translation (NAT).
TigerCube is an operating system that offers an all-in-one communications platform (including an advanced phone system and email), network security (with a firewall, content filtering, and virtual private networking), file sharing, and a fully integrated backup solution under a single, unified environment. TigerCube is free to use for up to 5 users.
Endian Firewall is an all-in-on Linux security distribution that turns any system into a full-featured security appliance. It features a stateful packet inspection firewall, application-level proxies for various protocols (HTTP, POP3, SMTP), anti-virus support, virus and spam filtering for email traffic (POP and SMTP), content filtering of Web traffic, and a "hassle free" VPN system based on OpenVPN.
haveged is a daemon that feeds the /dev/random pool on Linux using an adaptation of the HArdware Volatile Entropy Gathering and Expansion algorithm invented at IRISA. The implementation attempts to be self-tuning on a wide variety of hardware and includes runtime validation testing. The tarball uses the GNU build mechanism and includes a devel sub-package, self test targets, init system options, and spec file samples for building an RPM. haveged may be used independently of the /dev/random interface through the filesystem at the command line. haveged functionality may be incorporated directly into other components directly through the devel sub-package.
Devil-Linux is a special secure Linux distribution which is used for firewalls, routers, gateways, and servers. The goal of Devil-Linux is to have a small, customizable, and secure Linux system. Configuration is saved on a floppy disk or USB stick, and it has several optional packages. Devil-Linux boots from CD, but can be stored on CF cards or USB sticks.
Tin Hat is a Linux distribution derived from hardened Gentoo. It aims to provide a very secure, stable, and fast desktop environment that lives purely in RAM. Tin Hat boots from CD, or optionally USB pen drive, but it is not a LiveCD in that it does not mount any file system from the boot device. Rather, Tin Hat employs a massive squashfs image which expands into tmpfs upon booting. This makes for long boot times, but remarkable speeds during human-computer interaction.
redWall is a bootable CD-ROM firewall which focuses on Web-based reporting of the firewall's status. It includes Snort, snortsam, dansguardian, and support for fwbuilder, squidguard, reporting (using BASE/sarg/ntop/webfwlog), VPN (Openswan/PoPToP/Openvpn), Spam Filtering (spamassassin, dcc, razor2, clamav, amavis-new, dspam and maia mailguard), and mail-based, alerting. Configuration data are stored on a floppy or USB disk.