MailScanner is an email virus scanner, vulnerability protector, and spam tagger. It supports the Postfix, Sendmail, Exim, Qmail, and ZMailer MTAs, and the Sophos, McAfee, F-Prot, F-Secure, CommandAV, InoculateIT, Inoculan, eTrust, Kaspersky, Nod32, AntiVir, BitDefender, RAV, Panda, DrWeb, ClamAV, and other anti-virus scanners. It uses SpamAssassin for highly successful spam identification, and is designed to handle denial of service attacks. It will detect password-protected zip files and apply filename checking to their contents. It is very easy to install, requires no changes at all to your sendmail.cf file, is designed to be lightweight, and won't grind your mail system to a halt with its load. It can be integrated into any email system, regardless of the software in use.
Arno's IPTABLES Firewall Script is a secure stateful firewall for both single and multi-homed machines. It supports NAT and SNAT, port forwarding, ADSL ethernet modems with both static and dynamically assigned IPs, MAC address filtering, stealth port scan detection, DMZ support, protection against SYN/ICMP flooding, experimental IPv6 support, multi-interface/aliased-IP support, and extensive user definable logging with rate limiting to prevent log flooding. It has plugin support to add extra features (like SSH Brute Force protection and (Racoon) IPSEC support). It is easy to configure and highly customizable. A filter script that makes your firewall log more readable is also included.
FireHOL a simple yet powerful way to configure stateful iptables firewalls. It can be used for almost any purpose, including control of any number of internal/external/virtual interfaces, control of any combination of routed traffic, setting up DMZ routers and servers, and all kinds of NAT. It provides strong protection (flooding, spoofing, etc.), transparent caches, source MAC verification, blacklists, whitelists, and more. Its goal is to be completely abstracted and powerful but also easy to use, audit, and understand.
AMaViS (A Mail Virus Scanner) scans e-mail attachments for viruses using third-party virus scanners available for UNIX environments. It resides on a UNIX (Linux) machine and looks through the attached files arriving via e-mail, generates reports when a virus is found and sets the delivery on hold.
fwsnort translates snort rules into an equivalent iptables ruleset. By making use of the iptables string match module, fwsnort can detect application layer signatures which exist in many snort rules. fwsnort adds a --hex-string option to iptables, which allows snort rules that contain hex characters to be input directly into iptables rulesets without modification. In addition, fwsnort makes use of the IPTables::Parse Perl module in order to (optionally) restrict the snort rule translation to only those rules that specify traffic that could potentially be allowed through an existing iptables policy.