Clonezilla is a partition or disk cloning tool similar to Symantec Ghost. It saves and restores only blocks in use on the hard drive if the file system is supported. For unsupported file systems, dd is used instead. It has been used to clone a 5 GB system to 40 clients in about 10 minutes.
Since v2.04, bash has allowed you to intelligently program and extend its standard completion behavior to achieve complex command lines with just a few keystrokes. Imagine typing ssh [Tab] and being able to complete on hosts from your ~/.ssh/known_hosts files. Or typing man 3 str [Tab] and getting a list of all string handling functions in the UNIX manual. mount system: [Tab] would complete on all exported file-systems from the host called system, while make [Tab] would complete on all targets in Makefile. This project was conceived to produce programmable completion routines for the most common Linux/UNIX commands, reducing the amount of typing sysadmins and programmers need to do on a daily basis.
Diskless Remote Boot in Linux (DRBL) provides a diskless or systemless environment for client machines. It works on Debian, Mandriva, Red Hat, Fedora, and SuSE. Unlike LTSP, it uses distributed hardware resources and makes it possible for clients to fully access local hardware. It also includes Clonezilla, a partitioning and disk cloning utility similar to Symantec Ghost.
The Mandos system allows computers to have encrypted root file systems and at the same time be capable of remote or unattended reboots. The computers run a small client program in the initial RAM disk environment which will communicate with a server over a network. All network communication is encrypted using TLS. The clients are identified by the server using an OpenPGP key that is unique to each client. The server sends the clients an encrypted password. The encrypted password is decrypted by the clients using the same OpenPGP key, and the password is then used to unlock the root file system.
fwsnort translates snort rules into an equivalent iptables ruleset. By making use of the iptables string match module, fwsnort can detect application layer signatures which exist in many snort rules. fwsnort adds a --hex-string option to iptables, which allows snort rules that contain hex characters to be input directly into iptables rulesets without modification. In addition, fwsnort makes use of the IPTables::Parse Perl module in order to (optionally) restrict the snort rule translation to only those rules that specify traffic that could potentially be allowed through an existing iptables policy.
Apache Toolbox provides a means to easily compile Apache (IPv4/6) SSL, PHP(v3/v4), MySQL, Jakarta, a large number of modules (61 3rd party modules and 36 default Apache modules, static or as DSOs), and GD libraries with PNG+JPEG+Freetype2+zlib support. It is fully customizable and menu-driven. Everything is compiled from source, and wget is used to download any missing modules. It can also check for RPMs that might cause problems and create an RPM with your selections.
GNU Bash is an sh-compatible command language interpreter that executes commands read from the standard input or from a file. Bash also incorporates useful features from the Korn and C shells (ksh and csh). Bash is intended to be a conforming implementation of the IEEE POSIX Shell and Tools specification (IEEE Working Group 1003.2).
MailScanner is an email virus scanner, vulnerability protector, and spam tagger. It supports the Postfix, Sendmail, Exim, Qmail, and ZMailer MTAs, and the Sophos, McAfee, F-Prot, F-Secure, CommandAV, InoculateIT, Inoculan, eTrust, Kaspersky, Nod32, AntiVir, BitDefender, RAV, Panda, DrWeb, ClamAV, and other anti-virus scanners. It uses SpamAssassin for highly successful spam identification, and is designed to handle denial of service attacks. It will detect password-protected zip files and apply filename checking to their contents. It is very easy to install, requires no changes at all to your sendmail.cf file, is designed to be lightweight, and won't grind your mail system to a halt with its load. It can be integrated into any email system, regardless of the software in use.
Arno's IPTABLES Firewall Script is a secure stateful firewall for both single and multi-homed machines. It supports NAT and SNAT, port forwarding, ADSL ethernet modems with both static and dynamically assigned IPs, MAC address filtering, stealth port scan detection, DMZ support, protection against SYN/ICMP flooding, experimental IPv6 support, multi-interface/aliased-IP support, and extensive user definable logging with rate limiting to prevent log flooding. It has plugin support to add extra features (like SSH Brute Force protection and (Racoon) IPSEC support). It is easy to configure and highly customizable. A filter script that makes your firewall log more readable is also included.