The MD5 message digest library implements the MD5 message digest algorithm specified in RFC 1321 directly from the specification, without copying from the reference implementation and therefore without requiring mention of RSA when used. It uses the same unrestricted-distribution license as zlib.
md5mon is a shell script that verifies files by computing their checksums. The script is suitable for use as a basic security checking tool from cron. It features configurable monitoring levels, local copies of find/md5sum, and integrity checks to prevent tampering with itself. It can also use a more secure shasum instead of md5sum.
Medusa DS9 is used to increase Linux's security. It consists of two major parts, Linux kernel changes and the user-space daemon. Kernel changes do the monitoring of syscalls, filesystem actions, and processes, and they implement the communication protocol. The security daemon communicates with the kernel using the character device to send and receive packets. It contains the whole logic and implements the concrete security policy. That means that Medusa can implement any model of data protection; it depends only on configuration file, which is in fact a program in the internal programming language, somewhat similiar to C.
MIMEDefang is a flexible MIME email scanner designed to do all kinds of email processing, including anti-virus scanning, anti-spam scanning, replacing parts of messages with URLs, adding boilerplate disclaimers, and so on. It can alter or delete various parts of a MIME message according to a Perl-based policy filter. It can also bounce messages with unacceptable attachments and modify SMTP response codes on the fly. It works with the Sendmail 8.11 and newer "Milter" API, which makes it more flexible and efficient than procmail-based approaches.
ModiWrap is a scriptable, configurable, paranoid setuid wrapper for CGI and other Web scripts (such as PHP). It aims at full compliance with the CGI specifications. It allows users to run their own CGI/webscripts with their own UID while minimizing the risk of compromising the host system. All resource limits and running time alarms can be configured on the fly on a per-user basis with an optional limits daemon. It can be made fully compatible with suexec, cgiwrap, and mod_php. It should be compatible with any Web server.
The modular syslog allows for an easy implementation of input and output modules. The modules that mantain compatibility with its precursor are included in the standard distribution along with four modules: om_peo (an implementation of PEO-1 and L-PEO, two algorithmic protocols for integrity checking), om_mysql and om_pgsql (modules that sends output to a mysql and postgresql database, respectively) and om_regex (a module that allows output redirection using regular expressions).
Mod_auth_kerb is an Apache module designed to provide Kerberos user authentication to the Apache web server. Using the Basic Auth mechanism, it retrieves a username/password pair from the browser and checks them against a Kerberos server as set up by your particular organization. It also supports mutual ticket authentication, although most browsers do not support that natively.
mod_sequester is a module for the Apache Web server 1.3 which allows you to control access to Web documents according to the date and time of the request. It provides four basic ways to control access: allow until time t, allow after time t, allow between times t and t', and allow except between times t and t'. It is useful for controlling access to time-sensitive things like press releases (disallow until after), special offers (allow until), or windowed 'this week only' opportunities (allow between).
motion uses a video4linux device for detecting movement. It makes snapshots of the movement which can be converted to MPEG movies in realtime (or later for low CPU usage), making it usable as an observation or security system. It can take actions like sending out email and SMS messages when detecting motion.
mxCrypto is an extension package that provides OO-style access to the cipher algorithms and hash functions included in OpenSSL/SSLeay, a very nifty cryptographic library originally written by Eric Young and now maintained by the OpenSSL team. Its main purpose is filling in the missing parts in Andrew Kuchling's pycrypt export package with high quality implementations. Due to the ITAR export restrictions on cryptographic software, Andrew's implementations are not legally downloadable from outside the US.