Collax Business Server is an all-in-one Linux server for small- and medium-sized businesses. It delivers all the important network services within a heterogeneous business environment for communication, infrastructure, compliance, groupware, and storage, all in a reliable and secure way which is easy to manage. It also provides essential security functions such as firewalling and virus and spam filtering, to protect against hacker attacks, viruses, and unsolicited email messages.
Trusion is a physical intrusion system that uses users' Webcams to detect motion, which serves as an indicator to start recording video. Optionally, users can choose to have the program upload the videos to an FTP server in the unfortunate event your computer gets stolen or the perpetrator manages to delete the user's local video files. This is a very new project that is enthusiastically welcoming new contributors and their ideas. This project was build using Qt and OpenCV.
StopHack is a simple to use and easy to install intrusion prevention system. It is fully adaptable and easily customized to your environment. It is built on top of proven bandwidth arbitration technology so the traffic passing through it won't be slowed down. Every packet is analyzed with regular expression-based behavior anomaly detection, and hackers are blocked immediately. It prevents reflected cross-site scripting, SQL injection, directory traversal, reflected URL redirects, login brute forcing, remote shell execution, and more.
Netscape Security Wrapper manages the loading of NPAPI (Netscape Plugin API) plugins and applies simple policy decisions. The intention is to allow administrators to deploy deprecated, unreliable, or unsafe third party plugins while minimizing the security exposure. Safari, Google Chrome, Firefox, and other NPAPI-compatible browsers are supported on OS X and Linux. Use cases include: restricting plugins to certain domains, restricting the use of deprecated plugins to known outliers, allowing internal corporate workflows which use insecure or deprecated plugins without exposing the plugin to the hostile Internet, and allowing multiple outdated plugin versions (e.g., Java) to co-exist for use in whitelisted, trusted enterprise tools.
Caume Data Security Engine is a REST API platform for storing and processing files in uncontrolled environments. It provides a Free Software solution which allows the creation of reasonably secure and isolated workspaces to process and store sensitive data within uncontrolled environments. With concepts such as "the cloud" and "bring your own device", as well as an increasing demand for mobile devices, it has become clear that the way in which companies operate is changing dramatically, and, with it, the way in which we secure information and the infrastructure which supports business processes. CaumeDSE has been designed as a service platform which provides security to data by using free, well-known, and robust cryptographic software, as well as open and simple data structures and interfaces to make portability and extensibility easy.
The Dynamic Router Lite II project is a router project by the Dutch national police agency that allows Web-based client-control over the next-hop router for the client. A Dynamic Router Lite II system is placed as a default gateway between one or more client networks and a router network with multiple gateway-routers on it. The Dynamic Router Lite II system does policy-based routing with policy-based DNS to match the routing policy. By default a client will have no active gateway, and any attempted HTTP traffic to any domain will lead the user to the router's Web interface, where the user can then pick an appropriate next-hop router. Once picked, all traffic for the client including DNS will be forwarded to the next-hop router the user picked.
The Whitewash module allows Ruby programs to clean up any HTML document or fragment coming from an untrusted source and to remove all dangerous constructs that could be used for cross-site scripting or request forgery. All HTML tags, attribute names and values, and CSS properties are filtered through a whitelist that defines which names and what kinds of values are allowed; everything that doesn’t match the whitelist is removed. The whitelist is provided externally, and the default whitelist is loaded from the whitelist.yaml shipped with Whitewash. The default is the most strict (for example, it does not allow cross-site links to images in IMG tags) and can be considered safe for all uses.
jPDFSecure is a Java library which can digitally sign PDF documents and change security settings on PDF Documents. With jPDFSecure, your application or Java applet can encrypt PDF documents, set permissions and passwords, and create and apply digital signatures. jPDFSecure is optimized for performance and is built on top of Qoppa's proprietary PDF technology, so there is no need for any third party software or drivers. jPDFSecure has a simple interface to load PDF documents from files, network drives, URLs, and even input streams, which can be generated at runtime or come directly from a database. After changing security settings, jPDFSecure can save the document to a file, a java.io.OutputStream, or a javax.servlet.ServletOutputStream when running in a J2EE application server to output the file directly to a browser. jPDFSecure is platform-independent and can be used in any environment which supports Java.
log2command was created as a sort of reverse fail2ban or cheap VPN-firewall: a machine with a closed firewall can be told, by a foreign machine, to accept connections from a specific IP. log2command then keeps track of the Web server log file and watches for inactivity from the user's IP. After an amount of time, another command is executed that can remove the user's IP from the firewall, closing down the machine again. The PHP script is a command line program that can be run in the background.