TrinityOS is a step-by-step, example-driven HOWTO on building a very functional Linux box with strong security in mind. TrinityOS is well known for its strong packet firewall ruleset, Chrooted and Split DNS (v9 and v8), secured Sendmail (8.x), Linux PPTP, Serial consoles and Reverse TELNET, DHCPd, SSHd, UPSes, system performance tuning, the automated TrinityOS-Security implementation scripts, and much more.
redWall is a bootable CD-ROM firewall which focuses on Web-based reporting of the firewall's status. It includes Snort, snortsam, dansguardian, and support for fwbuilder, squidguard, reporting (using BASE/sarg/ntop/webfwlog), VPN (Openswan/PoPToP/Openvpn), Spam Filtering (spamassassin, dcc, razor2, clamav, amavis-new, dspam and maia mailguard), and mail-based, alerting. Configuration data are stored on a floppy or USB disk.
Conserver provides remote access to serial port consoles and logs all data to a central host. Local and network serial connections are supported. Server console history can be replayed from the console app even if the server is down, and multiple users can connect to a single serial connection.
C-Kermit is a combined serial and network communication software package offering a consistent, medium-independent, cross-platform approach to connection establishment, terminal sessions, file transfer, character-set translation, numeric and alphanumeric paging, and automation of communication tasks. Recent versions include FTP and HTTP clients as well as an SSH interface, all of which can be scripted and aware of character-sets. It supports built-in security methods, including Kerberos IV, Kerberos V, SSL/TLS, and SRP, FTP protocol features such as MLSD, and source-code parity with Kermit 95 2.1 for Windows and OS/2.
The Linux Serial Sniffer allows you to sniff serial data up to 460Kbs via a Comtrol RocketPort or to 115Kbs using the standard ttyS0 and ttyS1 ports. Sniffed output can be captured to disk or displayed directly on screen. A user filter is included to assist specific customisation. The Linux Serial Sniffer can selectively operate in either a "ghost mode" where there is no data flow time impediments, or via a "capture and forward mode", where the user can flexibily intercept and extend the data stream to suit from either direction.
conexus is a generalized C++ I/O library that includes network support for IPv4 and IPv6 sockets, serial/TTY communications, kernel message queues, pipes, and files. Objects use sigc++ for signaling property changes and other information. Sub-libraries include conexus-gtkmm (provides a set of gtkmm widgets), conexus-dbus (provides dbus support for endpoints), conexus-nspr (provides NSPR endpoints), conexus-nss (provides NSS endpoints), and conexus-ssl (provides OpenSSL endpoints).
The mgetty package contains an intelligent getty for allowing logins over a serial line (such as through a modem) and receiving incoming faxes. The companion program sendfax is used for sending faxes from the commandline or from other applications. The third main component is vgetty/vm which can be used with a voice-capable modem to implement an answering machine, a voice menu system, and similar things.
ThePacketMaster Linux Security Server is a CD-based security auditing tool that boots and runs penetration testing and forensic analysis tools. It is handy for security auditors. Some tools included are nessus, ethereal, The Coroner's Toolkit, chntpw, and minicom. It includes modules for any Linux 2.4.20 SCSI driver.