fwlogwatch is a packet filter and firewall log analyzer with support for Linux ipchains, Linux netfilter/iptables, Solaris/BSD/HP-UX/IRIX ipfilter, Cisco IOS, Cisco PIX/ASA, Netscreen, Elsa Lancom router, and Snort IDS log files. It can output its summaries in text and HTML and has a lot of options. fwlogwatch also features a realtime anomaly response capability with a Web interface.
SING stands for 'Send ICMP Nasty Garbage.' It is a tool that sends ICMP packets fully customized from command line. Its main purpose is to replace and complement the ping command, adding certain enhancements as fragmentation; send and receive spoofed packets; send many ICMP information types (echo as the old ping, address mask, timestamp, and router discovery) and errors (redirect, unreach, and time exceeded); and send monster packets. It also supports loose and strict source routing and record routing.
tsocks provides transparent network access through a SOCKS version 4 or 5 proxy (usually on a firewall). tsocks intercepts the calls applications make to create TCP connections and determines if they can be directly accessed or need the SOCKS server. If they need the SOCKS server they connection is negotiated with the server transparently to the application. This allows existing applications to use SOCKS without recompilation or modification. tsocks is a wrapper library for the libc connect() call.
vpnd is a daemon which connects two networks on network level either via TCP/IP or a (virtual) leased line attached to a serial interface. All data transfered between the two networks are encrypted using the unpatented free Blowfish encryption algorithm with a key length of up to 576 bits (may be downgraded to a minimum of 0 bits to suit any legal restrictions).
Xtradius is a radius server that permits you to handle user authentication and accounting request via external scripts. You can handle script requests for user accounting, user authentication, NAS start and NAS stop packets. You can also write additional information into the NAS detail logfile. Parameters to scripts are passed via command line options or environment variables, making it very simple to implement SQL-based user accounting, authentication and account expiration. It is also compatible with "standard" cistron radius server.
TransConnect is an implementation of function interposing to allow users on *nix platforms to transparenly tunnel all networking applications over an HTTPS proxy. It has been extensively tested with telnet, SSH, fetchmail, IRC, whois, Pine, Netscape, Mozilla, Evolution, etc. over squid proxy.
MailScanner is an email virus scanner, vulnerability protector, and spam tagger. It supports the Postfix, Sendmail, Exim, Qmail, and ZMailer MTAs, and the Sophos, McAfee, F-Prot, F-Secure, CommandAV, InoculateIT, Inoculan, eTrust, Kaspersky, Nod32, AntiVir, BitDefender, RAV, Panda, DrWeb, ClamAV, and other anti-virus scanners. It uses SpamAssassin for highly successful spam identification, and is designed to handle denial of service attacks. It will detect password-protected zip files and apply filename checking to their contents. It is very easy to install, requires no changes at all to your sendmail.cf file, is designed to be lightweight, and won't grind your mail system to a halt with its load. It can be integrated into any email system, regardless of the software in use.
myNetWatchman Perl Agent is a client for myNetWatchman.com. This program is designed to capture rejected packet information from various firewall logs and forward this attack information to central analysis servers at myNetWatchman.com, which then analyze events and escalate to the provider of the source.
OpenVPN is a robust and highly configurable VPN (Virtual Private Network) daemon which can be used to securely link two or more private networks using an encrypted tunnel over the Internet. OpenVPN's principal strengths include wide cross-platform portability, excellent stability, support for dynamic IP addresses and NAT, adaptive link compression, single TCP/UDP port usage, a modular design that offloads most crypto tasks to the OpenSSL library, and relatively easy installation that in most cases doesn't require a special kernel module.