Labrova is a PHP gateway that can be integrated in any Web application as an intrusion protection system (IPS). It prevents SQL injections, XSS, and many other known attacks. It intercepts all submitted parameters and compares them with its knowledge base. If the parameters passed are identified as a threat, the values will be blocked before reaching the underlying Web application, a report will be shown to the attacker, and the attack details will be logged into the Labrova database.
SecureNet PRO is a network monitoring and intrusion detection platform. It combines powerful scripting functionality with real-time session viewing and control capabilities. It goes beyond network-grep and signature-based intrusion detection offerings, offering a combination of true state-based decoding of application-layer protocol traffic and high-speed pattern matching. It offers full IP fragment reassembly functionality, TCP session reconstruction, and an advanced TCP/IP stack emulation facility.
Nift (Network Intrusion Footprinting Tool) is graphical frontend (written in GTK+) for footprinting tools and methods already freely avaliable. Its purpose is to aid sysadmins in securing their site by allowing them to quickly check their network to see how much data can be gained by an attacker and used towards cracking their systems.
Tomld (tomoyo learning daemon) is an extension to the Tomoyo security framework. Tomoyo increases security by confining applications and services into domains using rules. Tomld automates this process, helping users harden their systems more easily. To do this, tomld starts in learning mode, creates Tomoyo domains, collects rules, changes them, and, once the rules appear to be complete, tomld enforces the policy.