CIPE (Crypto IP Encapsulation) is an ongoing project to build encrypting IP routers. The protocol used is as lightweight as possible. It is designed for passing encrypted packets between prearranged routers in the form of UDP packets. This is not as flexible as IPSEC but it is enough for the original intended purpose: securely connecting subnets over an insecure transit network.
CLNoFault is a tool to protect your files or plain text. Using XOR encryption, it can quickly encrypt data using either a username and a password of your choice, or an external file that will serve as a key. Encrypted files can't be recovered in any way besides re-encrypting them with CLNoFault with the correct user/pass combination or keyfile. CLNoFault is the console-based interface for the NoFault library (like KNoFault for KDE), so it is useful in scripts.
CODEX (the Cornell Data Exchange) is a key distribution system. It is designed for applications with a moderate number of clients (tens or hundreds) requesting keys that change often but not continuously (on the scale of minutes to hours). It employs the RSA and ElGamal encryption schemes, as well as techniques such as threshold cryptography and proactive secret sharing.
CacheGuard Appliance is an all-in-one OS appliance providing firewall, antivirus, caching, compression, bandwidth allocation, load balancing, reverse and forward proxy, high availability, Web application firewall, URL guarding, and more. It can be purchased as an OS to install on your server, as an OS to run in a virtual machine, or as a hardware appliance.
Campagnol is a distributed IP-based VPN program able to open new connections through NATs or firewalls without any configuration. It uses UDP for the transport layer, and utilizes tunneling and encryption (with DTLS) and the UDP hole punching NAT traversal technique. The established connections are P2P.
Cancerbero is a port scan engine based on nmap. It scans the hosts of a defined network once every configured time interval and stores the results in a MySQL database. It detects changes from last scan, generates alerts with differences, and optionally sends the alert by mail to the owner of the host. It provides a snapshot of the ports which a host has open over time. A Web interface is provided for configuring the system and data mining.