< Prev 7 8 9 10 11 12 13 14 15 16 17 Next >
Category: Access Control » Firewall
PortSentry is part of the TriSentry suite of security tools. It is a program designed to detect and respond to port scans against a target host in real-time. Stealth detection modes are available under all Unix platforms and detects SYN, FIN, NULL, XMAS, and Oddball packet scans. All modes support real-time blocking and reporting of violations.
cp2fwbuilder (Checkpoint Firewall 1 to FwBuilder) helps you to migrate an existing Checkpoint Firewall 1 installation and its rulesets to Linux with iptables or a BSD-based firewall. This is done by converting the Rulebase- and the Objects-database from Checkpoint to the FirewallBuilder XML Format.
A firewall configuration project based on Linux 2.4.x and iptables. It has a web interface with an intuitive Webmin module.
DeleGate is a multi-purpose application level gateway, or a proxy server which runs on multiple platforms (Unix, Windows and OS/2). DeleGate mediates communication of various protocols (HTTP, FTP, NNTP, POP, Telnet, etc.), applying cache and conversion for mediated data, controlling access from clients and routing toward servers. It translates protocols between clients and servers, merging several servers into a single server view with aliasing and filtering. Born as a tiny proxy for Gopher in March 1994, it has steadily grown into a general purpose proxy server. Besides proxy, DeleGate can be used as a simple origin server for some protocols (HTTP, FTP and NNTP).
DAXFi is a Python script that helps configure several different kinds of firewalls in a consistent way. It can run as daemon to adapt its behavior to external conditions; rules can be described with XML files, XML strings, or generated directly by the code; the program can be configured and extended with a sort of plug-ins written in Python. It comes with a Python package, useful to build other applications aimed to manipulate different firewalls in a uniform way (some example programs are included).
GIPTables Firewall is a set of shell scripts that helps you generate iptables rules for Linux 2.4.x and newer kernels. It is very easy to configure and designed to run on hosts with one or two network cards. It uses NAT, stateful packet filtering, rate-limited connection, and logging. It provides protection against DoS attacks and IP spoofing, as well as TCP packet health checks.
mod_protection is an Apache module that integrates the basic function of an IDS (Intrusion Detection System) and a firewall. When a malicious client sends a request that matches a rule, the administrator will be warned and the client gets an error message.
SOCKS V4 proxy (usually on a firewall). tsocks intercepts the calls applications make to create TCP connections and determines if they can be directly accessed or need the SOCKS server. If they need the SOCKS server they connection is negotiated with the server transparently to the application. This allows existing applications to use SOCKS without recompilation or modification. tsocks is a wrapper library for the libc connect() call. Changes: Fixes to compile on Solaris 2.6, 2.7, and 2.8, and fixes for makefile problems. Fixes were made for bugs with setting socket options, and for problems with unresolved symbols. Support was added for forcing all applications to use TCP DNS so it can be transparently proxied.
Advanced Administrative Tools
AATools for Windows is a great set of utilities for analyzing network properties. It will test pretty much every network operation you could want to know about. AATools will check Email properties, Scan ports and proxies, give network and system statuses, clean up unnecessary registry entries in your registry, etc. The information it conveys is easy to digest and setting up a test is likewise very simple. A worthwhile download for anyone wanting to gather info on their network or PC. AATools should be a part of your security toolkit and you should employ them regularly.
theWall is a single floppy firewall and NAT box based on PicoBSD/FreeBSD. The primary aim is to allow a small network to share a cable modem or DSL Internet connection. It currently supports static or DHCP IP address assignment.
Browse by category