|
FireHOL
|
|
Hits: 2 |
|
Date added: 07/07/2005 |
|
FireHOL - Stateful Iptables Configuratio:
FireHOL a simple yet powerful way to configure stateful iptables firewalls. It can be used for almost any purpose, including control of any number of internal/external/virtual interfaces, control of any combination of routed traffic, setting up DMZ routers and servers, and all kinds of NAT. It provides strong protection (flooding, spoofing, etc.), transparent caches, source MAC verification, blacklists, whitelists, and more. Its goal is to be completely abstracted and powerful but also easy to use, audit, and understand. |
|
|
|
|
|
|
NTP fingerprinting utility
|
|
Hits: 2 |
|
Date added: 10/21/2006 |
|
ntp-fingerptint is an active fingerprinting utility specifically designed to identify the OS the NTP server is running on. |
|
|
|
|
|
|
Base v1.2
|
|
Hits: 2 |
|
Date added: 01/04/2006 |
|
BASE is the Basic Analysis and Security Engine. It is based on the code from the Analysis Console for Intrusion Databases (ACID) project. This application provides a Web frontend to query and analyze the alerts coming from a Snort IDS. |
|
|
|
|
|
|
IP Array v0.05.68
|
|
Hits: 2 |
|
Date added: 03/18/2006 |
|
IP-Array is a Linux iptables Firewall script written in bash. It allows the creation of precise, stateful rules, while remaining easy to configure. IP-Array supports VPN, Traffic Shaping (creation of custom HTB and SFQ qdiscs, Classes, and Filters), multiple external interfaces, multiple LANs, multiple DMZs, NAT, logging, MAC address matching, packet marking, syslog logging, and various sysctl settings. It also includes some presets and autoconfig options for common needs like DNS, FTP, SMTP. |
|
|
|
|
|
|
NuFW v1.0.20
|
|
Hits: 2 |
|
Date added: 04/22/2006 |
|
NuFW is an enterprise grade firewall that performs an authentication of every single connection passing through the IP filter, by transparently requesting user’s credentials before any filtering decision is taken. Practically, this means security policies can integrate with the users directory, and bring the notion of user ID down to the IP layers.
NuFW lays on Netfilter, the state of the art IP filtering layer from the Linux kernel. It fully integrates with Netfilter and extends its capabilities.
The daemons currently run on Linux and software clients are available for Windows, Linux, FreeBSD et Mac OSX.
NuFW Capabilities
(PNG)
Comparison between a classical firewall and NuFW
NuFW can :
- Authenticate any connection that goes through your gateway or only from/to a chosen subset or a specific protocol (iptables is used to select the connections to authenticate).
- Perform accounting, routing and quality of service based on users and not simply on IPs.
- Filter packets with criterium such as application and OS used by distant users.
- Be the key of a secure and simple Single Sign On system.
NuFW is :
- Scalable : NuFW is composed of two daemons that can be put on different systems and the main daemon is heavily multithreaded.
- Modular : User authentication and Access control list verification are performed via loadable module (system, ldap, dbm, plaintext modules are provided). User activity logging can be done via syslog, mysql or postgresql.
- Open : NuFW is released under the GNU GPL licence v2 and all protocols are fully documented. |
|
|
|
