PIKT is cross-categorical, multi-purpose software for monitoring and configuring computer systems, administering networks, organizing system security, and much more. PIKT is intended primarily for system monitoring, and secondarily for configuration management, but its versatility and extensibility evoke many other wide-ranging uses. PIKT consists of a sophisticated, feature-rich file preprocessor; an innovative scripting language with unique labor-saving features; a flexible, centrally directed process scheduler; a customizing file installer; a collection of powerful command-line extensions; and other useful tools.
Email Security through Procmail (the Procmail Sanitizer) provides methods to sanitize email, removing obvious exploit attempts and disabling the channels through which exploits are delivered. Facilities for detecting and blocking Trojan Horse exploits and worms are also provided.
mxCrypto is an extension package that provides OO-style access to the cipher algorithms and hash functions included in OpenSSL/SSLeay, a very nifty cryptographic library originally written by Eric Young and now maintained by the OpenSSL team. Its main purpose is filling in the missing parts in Andrew Kuchling's pycrypt export package with high quality implementations. Due to the ITAR export restrictions on cryptographic software, Andrew's implementations are not legally downloadable from outside the US.
CIPE (Crypto IP Encapsulation) is an ongoing project to build encrypting IP routers. The protocol used is as lightweight as possible. It is designed for passing encrypted packets between prearranged routers in the form of UDP packets. This is not as flexible as IPSEC but it is enough for the original intended purpose: securely connecting subnets over an insecure transit network.
Nmap ("Network Mapper") is a utility for network exploration, administration, and security auditing. It uses IP packets in novel ways to determine which hosts are available online (host discovery), which TCP/UDP ports are open (port scanning), and what applications and services are listening on each port (version detection). It can also identify remote host OS and device types via TCP/IP fingerprinting. Nmap offers flexible target and port specifications, decoy/stealth scanning for firewall and IDS evasion, and highly optimized timing algorithms for fast scanning.
Gpasman is a password manager. People working with the internet have to remember lots of passwords. Saving them in a textfile is not a secure idea. Gpasman is a GTK solution to this problem since it saves the password information encrypted, so now you have to remember only one password instead of ten (or more).
Xautolock monitors console activity under the X window system, and fires up a program of your choice if nothing happens during a user configurable period of time. You can use this to automatically start up a screen locker in case you tend to forget to do so manually before having a coffee break.
Rule Set Based Access Control (RSBAC) is a Free Software security extension for current Linux kernels. It is based on the Generalized Framework for Access Control (GFAC) by Abrams and LaPadula and provides a flexible system of access control based on several modules. All security relevant system calls are extended by security enforcement code. This code calls the central decision component, which in turn calls all active decision modules and generates a combined decision. This decision is then enforced by the system call extensions.