Projects tagged ‘firewall’ and ‘internet’

OpenVPN is a robust and highly configurable VPN (Virtual Private Network) daemon which can be used to securely link two or more private networks using an encrypted tunnel over the Internet. OpenVPN's principal strengths include wide cross-platform ... [More] portability, excellent stability, support for dynamic IP addresses and NAT, adaptive link compression, single TCP/UDP port usage, a modular design that offloads most crypto tasks to the OpenSSL library, and relatively easy installation that in most cases doesn't require a special kernel module. [Less]

PF (Packet Filter) is OpenBSD's system for filtering TCP/IP traffic, doing Network Address Translation, normalizing and conditioning TCP/IP traffic and providing bandwidth control and packet prioritization. PF has also been ported to FreeBSD, NetBSD, and DragonFly BSD, and is an integral part of MirBSD.

Snort® is an open source network intrusion prevention and detection system using a flexible rule-driven language, which combines the benefits of signature, protocol and anomaly based inspection methods. With millions of downloads to date, Snort is ... [More] the most widely deployed intrusion detection and prevention technology worldwide and has become the de facto standard for the industry. [Less]

Privoxy is a web proxy with advanced filtering capabilities for protecting privacy, filtering web page content, managing cookies, controlling access, and removing ads, banners, pop-ups and other obnoxious junk. It is based on the Internet Junkbuster.

Endian Firewall Community is a "turn-key" linux security distribution that turns every system into a full featured security appliance with Unified Threat Management (UTM) functionality. The software has been de signed with "usability in mind" and is ... [More] very easy to install, use and manage, without losing its flexibility. The features include a stateful packet inspection firewall, application-level proxies for various protocols (HTTP, FTP, POP3, SMTP) with antivirus support, virus and spamfiltering for email traffic (POP and SMTP), content filtering of Web traffic and a "hassle free" VPN solution (based on OpenVPN). The main advantage of Endian Firewall is that it is a pure "Open Source" solution that is sponsored by Endian. [Less]

IPCop Linux is a complete Linux distribution whose sole purpose is to protect the networks on which it is installed.

Firestarter is a firewall tool for Linux, and uses GNOME. You can use the wizard to create a basic firewall, then streamline it further using the dynamic rules. You can open and close ports with a few clicks, or stealth your services giving access ... [More] only to a select few. It features a real-time hit monitor which you can watch as attackers probe your machine for open ports. [Less]

Prelude is an Hybrid IDS framework, that is, it is a product that enable all available security application, be it opensource or proprietary, to report to a centralized system. In order to achieve this task, Prelude relies on the IDMEF (Intrusion ... [More] Detection Message Exchange Format) IETF standard, that enables different kinds of sensors to generate events using an unified language. Prelude benefits from its ability to find traces of malicious activity from different sensors (Snort, honeyd, Nessus Vulnerability Scanner, Samhain, over 30 types of systems logs, and many others) in order to better verify an attack and in the end to perform automatic correlation between the various events. Prelude is commited to providing an Hybrid IDS that offers the ability to unify currently available tools. [Less]

IPFire is new-developed firewall build with the latest releases of linux 2.6 and tools. You are able to install a lot of addons and you will see a firewall can become a home server.

strongSwan is an OpenSource IPsec implementation for the Linux operating system. It is based on the discontinued FreeS/WAN project and the X.509 patch which we developed over the last three years. It features IKEv1 and IKEv2 keying capabilities and targets Linux 2.6 native IPsec.

SME Server is a leading distribution for small and medium enterprises. It stands apart from the competition by shipping with most common functionality preconfigured and features a number of popular additional enhancements in the form of ... [More] downloadable 'contributions'. It is published under the GPL license and while freely available, a small donation is requested. [Less]

This is a piece of software that lets you tunnel IPv4 data through a DNS server. This can be usable in different situations where internet access is firewalled, but DNS queries are allowed. It runs on Linux, Mac OS X, FreeBSD, NetBSD and OpenBSD ... [More] and needs a TUN/TAP device. The bandwidth is assymetrical with limited upstream and up to 1 Mbit/s downstream. [Less]

Hardened Linux is a secured and minimalized operating system designed to run as a firewall, IDS host, authentication system and VPN gateway.

ITVal is an open source utility for testing, and debugging iptables firewall policies. It can detect many different kinds of errors, such as typos, out-of-order rules, faulty understanding of the firewall, or poor assumptions about the policy logic. ... [More] ITVal can also generate a "policy map" that illustrates how the firewall treats various groups of hosts on the network. This grouping is automatically calculated from the policy and can make it very easy to spot anomalies in the policy. Current development on ITVal focuses on ways to partially automate repair of the policy. [Less]

A gateway implementation of the NAT Port Mapping Protocol (NAT-PMP) to allow applications on a private network to acquire publicly-accessible TCP and UDP ports.

Vulpes is an access management system for gateways and proxies. Vulpes consists of two components: - Vulpes vulpes - the backend, written in PHP - Vulpes corsac - the frontend, written in Adobe Flex The latest stable version is Vulpes 0.3.1 ... [More] Features: - Authentication through Captive Portal - Access control using IP & MAC - Client management - Plan management - Register various contracts per client - Bandwith control through HTB - Schedules for internet access Finance: - Registers various bank accounts - Prints bills - Automatically blocks non-payers - Calculates fines for overdue payments Tools: - Ping local network from browser - ARP from browser [Less]

SquidGuard is a URL redirector used to use blacklists with the proxysoftware Squid. There are two big advantages to squidguard: it is fast and it is free. Features: * Included configurable logging. * Progress bar when compiling ... [More] blacklists. * Full sed compliance for rewrite statements. * Blocking of urls with hostnames. Some more details about features and bug fixes can be found on the 1.3 feature page. [Less]

libproxy is a library that provides automatic proxy configuration management.

SpotSec Network Gateway (spotsecng) is an all-in-one Linux firewall/gateway distribution which features an easy to use web-based management console to protect and defend your network.