Tor-ramdisk is a uClibc-based micro Linux distribution whose only purpose is to host a Tor server in an environment that maximizes security and privacy. Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. Security is enhanced in tor-ramdisk by employing a monolithically compiled GRSEC/PAX patched kernel and hardened system tools. Privacy is enhanced by turning off logging at all levels so that even the Tor operator only has access to minimal information. Finally, since everything runs in ephemeral memory, no information survives a reboot, except for the Tor configuration file and the private RSA key, which may be exported and imported by FTP or SSH.
Failtence is a text-based password management tool for Linux. Only hashes of passwords are stored. It is a single script that is simple and easy to modify as needed. It uses GPG to save info for recovery when needed. It encourages the use of sentences, hints, and passwords. Ideally, one can write down password hints on pieces of paper rather than the actual passwords.
Lokiwall is a firewall script for Linux. In addition to the standard function of easily limiting network traffic, it features dual routing (using two Internet connections simultaniously), connection fail-over, load balancing, traffic control, advanced masquerading, advanced DNAT, and advanced marking (to direct specific traffic to a certain interface). The advanced features require some kernel patches. The standard features will work on a default Linux system with iptables and iproute2.
FastFlex is a cryptographic function, which uses a new approach to construct a secure cryptographic function which performs quite fast on processors of varying word length and architectures. FastFlex uses only four basic operations, word additions, word XORs, word rotations, and word multiplications, found in instruction sets of almost all processor architectures. FastFlex also has a manageable internal state size of 256 bits. A single 1KB s-box is used. The function accepts 8 words as inputs and as output produces 8 words.
Trustix™ Enterprise Firewall is a WYSIWYG firewall for iptables. It provides drag and drop security policy deployment and allows you to visualise DMZs, integrate branch offices with 3DES encrypted VPN tunnels, accelerate Internet access times with proxy caching server, and authenticate remote workers with PKI X.509 certificates. The unique GUI also allows you to manage traffic for all your zones (up to 24) as well as port forwarding and network address translation (NAT).
Tenable Nessus is a world-leader in active vulnerability scanners. It features high-speed discovery, configuration auditing, asset profiling, sensitive data discovery, and vulnerability analysis of your security posture. Nessus scanners may be distributed throughout an entire enterprise, inside DMZs, and across physically separate networks. It is free of charge for personal use in a non-enterprise environment.
PacketFence is a fully supported, trusted network access control (NAC) system. It includes a captive portal for registration and remediation, centralized wired and wireless management, 802.1X support, layer-2 isolation of problematic devices, and integration with the Snort IDS and the Nessus vulnerability scanner. It can be used to effectively secure networks, from small to very large heterogeneous networks.
The goal of Escape-K is to provide an all-in-one platform for IT service management. This means that using a single application (the Escape-K client console), users are able to manage any sized computer organization, from workstation and printers to servers, databases, or network devices. Escape-K follows the main guidelines recommended by ITIL. Therefore, the core of the application is the composed of the CMDB. Depending of the chosen perspective, Escape-K users can deal with incidents and problem resolution as well as server or database administration.