Projects

pfSense

pfSense is a free, open source customized distribution of FreeBSD tailored for use as a firewall and router. In addition to being a powerful, flexible firewalling and routing platform, it includes a long list of related features and a package system allowing further expandability without adding ... [More] bloat and potential security vulnerabilities to the base distribution. pfSense is a popular project with more than 1 million downloads since its inception, and proven in countless installations ranging from small home networks protecting a single PC to large corporations, universities and other organizations protecting thousands of network devices. This project started in 2004 as a fork of the m0n0wall project, but focused towards full PC installations rather than embedded hardware. [Less]

IPCop Firewall

IPCop Linux is a complete Linux distribution whose sole purpose is to protect the networks on which it is installed.

Tunnelblick

Tunnelblick is a free, open source Graphic User Interface (GUI) for OpenVPN on Mac OS X. It provides easy control of OpenVPN connections. Tunnelblick runs on OS X Tiger (10.4) and up and comes as a ready-to-use Universal application with all necessary binaries and drivers (including OpenVPN and ... [More] tun/tap). No additional installation is necessary -- just add your configuration and encryption information. [Less]

Endian Firewall

Endian Firewall Community is a "turn-key" linux security distribution that turns every system into a full featured security appliance with Unified Threat Management (UTM) functionality. The software has been de signed with "usability in mind" and is very easy to install, use and ... [More] manage, without losing its flexibility. The features include a stateful packet inspection firewall, application-level proxies for various protocols (HTTP, FTP, POP3, SMTP) with antivirus support, virus and spamfiltering for email traffic (POP and SMTP), content filtering of Web traffic and a "hassle free" VPN solution (based on OpenVPN). The main advantage of Endian Firewall is that it is a pure "Open Source" solution that is sponsored by Endian. [Less]

ClearOS

ClearOS is an integrated network server gateway solution for small and distributed organizations. The software provides all the necessary server tools to run an organization including email, antivirus, antispam, file sharing, groupware, VPN, firewall, intrusion detection/prevention, content ... [More] filtering, bandwidth management, multi-WAN and more. Through the intuitive web-based management console, an administrator can configure local ClearOS server software along with integrated cloud-based services. [Less]

IPFire

IPFire is new-developed firewall build with the latest releases of linux 2.6 and tools. You are able to install a lot of addons and you will see a firewall can become a home server.

Vyatta

Vyatta software is a Linux-based, open networking (advanced routing & security) solution that leverages x86 hardware and components to deliver a flexible, affordable alternative to Cisco 1800 through 7200 series routers. Vyatta is a enterprise class, commercial open source offering that can ... [More] deliver BGP, OSPF, RIP routing, firewall, IPSec and SSL VPN, Intrusion Prevention and more that can scale from the branch office to the service provider edge for a fraction of the cost of proprietary alternatives. Being software-based also allows Vyatta to deliver a full suite of Layer-3 routing and security services to VMware and Xen virtualization platforms. [Less]

OpenVPN MySQL Auth

OpenVPN MySQL Auth is an authentication plugin for OpenVPN using a MySQL database backend. It attempt to be as flexible as possible and work on any database structure by using user defined queries in config file.

gopenvpn

GNOME graphical front-end for OpenVPN. System tray icon, can open multiple VPN connections and display log information.

openvpn-auth-ldap

DescriptionThe OpenVPN Auth-LDAP Plugin implements username/password authentication via LDAP for OpenVPN 2.x. FeaturesUser authentication against LDAP. Simple Apache-style configuration file. LDAP group-based access restrictions. Integration with the OpenBSD packet filter, supporting adding and ... [More] removing VPN clients from PF tables based on group membership. Tested against OpenLDAP, the plugin will authenticate against any LDAP server that supports LDAP simple binds -- including Active Directory. BuildingRequirementsOpenLDAP Headers and Library GNU Objective-C Compiler OpenVPN Plugin Header (included with the OpenVPN sources) re2c (used for the configuration file lexer) To build, you will need to configure the sources appropriately. Example: ./configure --prefix=/usr/local --with-openldap=/usr/local --with-openvpn=/usr/ports/security/openvpn/work/openvpn-2.0.2The module will be build in src/openvpn-auth-ldap.so and installed as ${prefix}/lib/openvpn-auth-ldap.so. UsageAdd the following to your OpenVPN configuration file (adjusting the plugin path as required): plugin /usr/local/lib/openvpn-auth-ldap.so ""The config directive must point to an auth-ldap configuration file. An example configuration file is provided with the distribution, or see the Configuration page. SecurityPlease report all security issues directly to landonf+security (at) bikemonkey (dot) org. Through the use of extensive unit testing, valgrind, and regression testing, we are very confident in the overall code quality of the plugin. There has been one security vulnerability to date, due to misinterpretation of LDAP RFCs. 2006-12-02: OpenVPN Auth-LDAP would accept empty passwords when validating against Novell Directory Server. This is known to not affect default installs of OpenLDAP (our test platform). Strict implementation of the LDAP RFCs requires that a directory server treat a bind with a valid DN and an empty password as an "anonymous" bind. If anonymous binds are enabled, this could lead to password bypass. [Less]