Bcfg2 helps system administrators produce a consistent, reproducible, and verifiable description of their environment, and offers visualization and reporting tools to aid in day-to-day administrative tasks. It is based on an operational model in which the specification can be used to validate and optionally change the state of clients, but in a feature unique to bcfg2 the client's response to the specification can also be used to assess the completeness of the specification. Using this feature, bcfg2 provides an objective measure of how good a job an administrator has done in specifying the configuration of client systems. Bcfg2 is therefore built to help administrators construct an accurate, comprehensive specification. Bcfg2 has been designed from the ground up to support gentle reconciliation between the specification and current client states. It is designed to gracefully cope with manual system modifications. Bcfg2 can also enable the construction of complex change management and deployment strategies.
BlackRay is a relational database system designed to offer performance features commonly associated with search engines. It offers SQL support and sophisticated operational and management features. Load-balancing and operational stability by means of N+1 redundance are included. BlackRay is called a "Data Engine" since it combines traditional, relational database features and SQL with the power and flexibility of search engines. It is a true hybrid, offering transaction support, data-versioned snapshots, and sophisticated function-based indices. Wildcards, phonetic, and fuzzy logic searches are supported, as well. BlackRay supports a subset of the SQL92 standard and provides JDBC/ODBC/native driver options via the PostgreSQL protocol, in addition to an API based query option. The project is released under the GPLv2, with some drivers available under BSD-style licenses. Commercial support contracts are available as well.
CACKey provides a standard interface (PKCS#11) for smartcards connected to a PC/SC compliant reader. It performs a similar function to "CoolKey", but only supports Government Smartcards. It supports all Government Smartcards that implement the Government Smartcard Interoperability Specification (GSC-IS) v2.1 or newer.
The LibPKI Project is aimed to provide an easy-to-use PKI library for PKI-enabled application development. The library provides the developer with all the needed functionality to manage certificates, from generation to validation. It helps developers integrate X509 digital certificates into their applications, and implement complex cryptographic operations with a few simple function calls using a high-level cryptographic API. The library constitutes the core of other OpenCA Labs Projects like the PRQP Server, the OCSP Responder, and the OpenCA-NG PKI.
LibU is a multiplatform C library that comes under a BSD-style license. It includes many interdependent modules for accomplishing several tasks: memory allocation, networking and URI parsing, string manipulation, debugging, and logging in a very compact way, plus many other miscellaneous tasks. It has a small footprint (about 70KB for the default configuration), it is modular, and it has a multiplatform nature, making it an ideal candidate for embedded systems. KLone is an example of such usage.
Moose File System (MooseFS / MFS) is a fault tolerant, network distributed file system. It spreads data over several physical servers, which are visible to the user as one resource. For standard file operations MooseFS mounted with FUSE acts like other Unix-alike file systems: it has a hierarchical structure; it stores POSIX file attributes; and it supports special files, symbolic links, and hard links. Access to the file system can be limited based on IP address and/or password. It offers high reliability, since several copies of the data can be stored across separate computers. Capacity is dynamically expandable by attaching new computers or disks. Deleted files are retained for a configurable period of time (with a file system level "trash bin"). MooseFS supports coherent snapshots of files, even while the file is being written or accessed.
agentsmith is a daemon that continuously monitors a log file for break-in attempts by remote hosts. Upon detection of a break-in attempt, it launches a user defined script or application, which can do virtually anything from sending mail messages to whatever else you might think of. The criteria for what is considered a break-in attempt can be configured by means of a regular expression.