Projects

Wireshark

Wireshark is the world's foremost network protocol analyzer, and is the de facto (and often de jure) standard across many industries and educational institutions. (Wireshark was known as Ethereal until June 09, 2006)

iptables

iptables is the userspace command line program used to configure the Linux 2.4.x and 2.6.x IPv4 packet filtering ruleset. It is targeted towards system administrators.

pf

PF (Packet Filter) is OpenBSD's system for filtering TCP/IP traffic, doing Network Address Translation, normalizing and conditioning TCP/IP traffic and providing bandwidth control and packet prioritization. PF has also been ported to FreeBSD, NetBSD, and DragonFly BSD, and is an integral part of MirBSD.

pfSense

pfSense is a free, open source customized distribution of FreeBSD tailored for use as a firewall and router. In addition to being a powerful, flexible firewalling and routing platform, it includes a long list of related features and a package system allowing further expandability without adding ... [More] bloat and potential security vulnerabilities to the base distribution. pfSense is a popular project with more than 1 million downloads since its inception, and proven in countless installations ranging from small home networks protecting a single PC to large corporations, universities and other organizations protecting thousands of network devices. This project started in 2004 as a fork of the m0n0wall project, but focused towards full PC installations rather than embedded hardware. [Less]

IPCop Firewall

IPCop Linux is a complete Linux distribution whose sole purpose is to protect the networks on which it is installed.

m0n0wall

m0n0wall (monowall) is a project aimed at creating a complete, embedded firewall software package that, when used together with an embedded PC, provides all the important features of commercial firewall boxes (including ease of use) at a fraction of the price (free software). m0n0wall is based on a ... [More] bare-bones version of FreeBSD, along with a web server, PHP and a few other utilities. The entire system configuration is stored in one single XML text file to keep things transparent. m0n0wall is probably the first UNIX system that has its boot-time configuration done with PHP, rather than the usual shell scripts, and that has the entire system configuration stored in XML format. [Less]

untangle

Untangle delivers an integrated family of applications that help you simplify and consolidate the network and security products you need, in one place at the network gateway. The most popular applications let businesses block spam, spyware, viruses, and phish, filter out inappropriate web content ... [More] , control unwanted protocols like instant messaging, and provide remote access and support options to their employees. Every downloadable application is pre-configured and guaranteed to work together. * All applications run on one off-the-shelf server * Pre-configured on-demand downloads * Integrated administration and reporting The Platform provides the GUI, logging, reporting and virtual pipelining technology to make all of the apps run together smoothly. Commercial Add-ons are also available. [Less]

firehol

FireHOL is a stateful iptables packet filtering firewall configurator. It is abstracted, extensible, easy and powerful. It can handle any kind of firewall, but most importantly, it gives you the means to configure it, the same way you think of it.

WireSPY

Network Packet Sniffer based on pcap library

denyssh

DenySSH monitors the auth log of a BSD system for failed SSH login attempts and adds repeat attackers to a Packet Filter table, allowing you to define PF rules to block the attacking hosts or redirect them to a honeypot for your amusement.