Projects tagged ‘firewall’, ‘networking’, and ‘security’

OpenVPN is a robust and highly configurable VPN (Virtual Private Network) daemon which can be used to securely link two or more private networks using an encrypted tunnel over the Internet. OpenVPN's principal strengths include wide cross-platform ... [More] portability, excellent stability, support for dynamic IP addresses and NAT, adaptive link compression, single TCP/UDP port usage, a modular design that offloads most crypto tasks to the OpenSSL library, and relatively easy installation that in most cases doesn't require a special kernel module. [Less]

iptables is the userspace command line program used to configure the Linux 2.4.x and 2.6.x IPv4 packet filtering ruleset. It is targeted towards system administrators.

PF (Packet Filter) is OpenBSD's system for filtering TCP/IP traffic, doing Network Address Translation, normalizing and conditioning TCP/IP traffic and providing bandwidth control and packet prioritization. PF has also been ported to FreeBSD, NetBSD, and DragonFly BSD, and is an integral part of MirBSD.

Snort® is an open source network intrusion prevention and detection system using a flexible rule-driven language, which combines the benefits of signature, protocol and anomaly based inspection methods. With millions of downloads to date, Snort is ... [More] the most widely deployed intrusion detection and prevention technology worldwide and has become the de facto standard for the industry. [Less]

Endian Firewall Community is a "turn-key" linux security distribution that turns every system into a full featured security appliance with Unified Threat Management (UTM) functionality. The software has been de signed with "usability in mind" and is ... [More] very easy to install, use and manage, without losing its flexibility. The features include a stateful packet inspection firewall, application-level proxies for various protocols (HTTP, FTP, POP3, SMTP) with antivirus support, virus and spamfiltering for email traffic (POP and SMTP), content filtering of Web traffic and a "hassle free" VPN solution (based on OpenVPN). The main advantage of Endian Firewall is that it is a pure "Open Source" solution that is sponsored by Endian. [Less]

m0n0wall (monowall) is a project aimed at creating a complete, embedded firewall software package that, when used together with an embedded PC, provides all the important features of commercial firewall boxes (including ease of use) at a fraction of ... [More] the price (free software). m0n0wall is based on a bare-bones version of FreeBSD, along with a web server, PHP and a few other utilities. The entire system configuration is stored in one single XML text file to keep things transparent. m0n0wall is probably the first UNIX system that has its boot-time configuration done with PHP, rather than the usual shell scripts, and that has the entire system configuration stored in XML format. [Less]

IPCop Linux is a complete Linux distribution whose sole purpose is to protect the networks on which it is installed.

eBox is a framework for the development and deployment of network services in small and medium-sized networks, offering a simplified graphical interface to non expert users. It can be set up as a gateway, having some extra features over a usual router.

The pfSense software group is a group of firewalling, operating system and usability enthusiast. Each member is dedicated to create a eye popping firewall platform that can be easily administered using a web 2.0 driven GUI. pfSense is an open ... [More] source firewall derived from the m0n0wall operating system platform with radically different goals such as using OpenBSD's ported Packet Filter, FreeBSD 6.1 ALTQ (HFSC) for excellent packet queuing and finally an integrated package management system for extending the environment with new features. [Less]

Firestarter is a firewall tool for Linux, and uses GNOME. You can use the wizard to create a basic firewall, then streamline it further using the dynamic rules. You can open and close ports with a few clicks, or stealth your services giving access ... [More] only to a select few. It features a real-time hit monitor which you can watch as attackers probe your machine for open ports. [Less]

Vyatta software is a Linux-based, open-source networking (router, firewall, VPN) solution that leverages x86 hardware and components to deliver a flexible, affordable alternative to Cisco 1800 through 7200 series routers. Vyatta is a enterprise class, commercial open source offering with a staff of full-time engineers and support personnel.

EasyBSD is a modular automation script designed to assist in the extensive post installation process that is required in FreeBSD. The following are modules that are included with EasyBSD, Checks, Update, Security, Networking, Firewall, Recommended Ports, Tips and Tweaks, Daemon, and Universe.

Prelude is an Hybrid IDS framework, that is, it is a product that enable all available security application, be it opensource or proprietary, to report to a centralized system. In order to achieve this task, Prelude relies on the IDMEF (Intrusion ... [More] Detection Message Exchange Format) IETF standard, that enables different kinds of sensors to generate events using an unified language. Prelude benefits from its ability to find traces of malicious activity from different sensors (Snort, honeyd, Nessus Vulnerability Scanner, Samhain, over 30 types of systems logs, and many others) in order to better verify an attack and in the end to perform automatic correlation between the various events. Prelude is commited to providing an Hybrid IDS that offers the ability to unify currently available tools. [Less]

NuFW, Now user Filtering Works, is an "authenticating gateway". It fully integrates with Netfilter and Iptables and adds authentication capabilities. Its exclusive algorithm allows network wide identity-based filtering.

IPFire is new-developed firewall build with the latest releases of linux 2.6 and tools. You are able to install a lot of addons and you will see a firewall can become a home server.

Nulog2 is a firewall logs analysis solution. It is build upon Twisted and is able to extract information from Netfilter and/or NuFW logs.

strongSwan is an OpenSource IPsec implementation for the Linux operating system. It is based on the discontinued FreeS/WAN project and the X.509 patch which we developed over the last three years. It features IKEv1 and IKEv2 keying capabilities and targets Linux 2.6 native IPsec.

GreenSQL is a database firewall engine used to protect Open Source Databases from SQL injection attacks. It works in proxy mode. Application logics is based on evaluating of SQL commands using risk score factors, as well as blocking of administrative commands.

Nulog is a firewall log analysis interface written in php. Netfilter and NuFW are able to log selected packets directly in a database like MySQL or PostgreSQL. Nulog uses this interface to display security events in real-time on a user-friendly interface.

Hardened Linux is a secured and minimalized operating system designed to run as a firewall, IDS host, authentication system and VPN gateway.

This is a piece of software that lets you tunnel IPv4 data through a DNS server. This can be usable in different situations where internet access is firewalled, but DNS queries are allowed. It runs on Linux, Mac OS X, FreeBSD, NetBSD and OpenBSD ... [More] and needs a TUN/TAP device. The bandwidth is assymetrical with limited upstream and up to 1 Mbit/s downstream. [Less]

Nuface is an intuitive firewall configuration interface for EdenWall/NuFW as well as for Netfilter. It lets you use high level objects, agglomerate objects into ACLs, and deals with generating Netfilter rules as well as LDAP Acls for NuFW.

Lorica is an IIOP Firewall - commonly known as a CORBA Firewall. Lorica is, to the best of my knowledge, the only Open Source IIOP firewall on the planet. Lorica is build upon TAO (The ACE ORB).

SquidGuard is a URL redirector used to use blacklists with the proxysoftware Squid. There are two big advantages to squidguard: it is fast and it is free. Features: * Included configurable logging. * Progress bar when compiling ... [More] blacklists. * Full sed compliance for rewrite statements. * Blocking of urls with hostnames. Some more details about features and bug fixes can be found on the 1.3 feature page. [Less]

ITVal is an open source utility for testing, and debugging iptables firewall policies. It can detect many different kinds of errors, such as typos, out-of-order rules, faulty understanding of the firewall, or poor assumptions about the policy logic. ... [More] ITVal can also generate a "policy map" that illustrates how the firewall treats various groups of hosts on the network. This grouping is automatically calculated from the policy and can make it very easy to spot anomalies in the policy. Current development on ITVal focuses on ways to partially automate repair of the policy. [Less]

Firewall Builder consists of a GUI and set of policy compilers for various firewall platforms. It helps users maintain a database of objects and allows policy editing using simple drag-and-drop operations. The GUI and policy compilers are completely ... [More] independent, which provides for a consistent abstract model and the same GUI for different firewall platforms. It currently supports iptables, ipfilter, ipfw, OpenBSD pf, Cisco PIX, and FWSM. [Less]