Section: .. / UNIX / firewall /
| /// File Name: |
pfpro-0.1.1.tar.gz |
Description:
|
PfPro is a Java based GUI for creating OpenBSD PF firewall configurations.
| | Author: | acidos | | Homepage: | http://pfpro.sf.net/ | | Changes: | Minor changes. | | File Size: | 76911 | | Last Modified: | Dec 12 14:34:58 2004 |
| MD5 Checksum: | 203ed8c254c7b182ec2529bb9c32ef6d |
|
| /// File Name: |
nufw-0.8.6.tar.bz2 |
Description:
|
NuFW is a set of daemons that filters packets on a per-user basis. The gateway authorizes a packet depending on which remote user has sent it. On the client side, users have to run a client that sends authentication packets to the gateway. On the server side, the gateway associates user ids to packets, thus enabling the possibility to filter packets on a user basis. Furthermore, the server architecture is done to use external authentication source such as an LDAP server.
| | Author: | regit | | Homepage: | http://www.nufw.org/ | | Changes: | Two small bug fixes. | | File Size: | 323525 | | Last Modified: | Dec 11 20:48:33 2004 |
| MD5 Checksum: | dc720aebe2b3dd27943534320649ecd7 |
|
| /// File Name: |
ipfreeze-0.4.9.tar.gz |
Description:
|
Ipfreeze is a program that listens to the netlink device. It takes the source address from every incoming packet and adds it to a Netfilter "blacklist" chain. The address is removed from this chain after a user-definable period of time. This allows you to create rules that detect and halt certain odd behaviors, such as ports scans, syn floods, or connection attempts on forbidden ports. The attacker's IP address is blacklisted using the QUEUE target. There is also a whitelist where you can declare hosts that you never want to be blacklisted.
| | Author: | greg | | Homepage: | http://savannah.nongnu.org/projects/yaffl/ | | File Size: | 5523 | | Last Modified: | Dec 11 15:23:19 2004 |
| MD5 Checksum: | e21b242390c22ec61d9e41b0c07e74d8 |
|
| /// File Name: |
nufw-0.8.5.tar.gz |
Description:
|
NuFW is a set of daemons that filters packets on a per-user basis. The gateway authorizes a packet depending on which remote user has sent it. On the client side, users have to run a client that sends authentication packets to the gateway. On the server side, the gateway associates user ids to packets, thus enabling the possibility to filter packets on a user basis. Furthermore, the server architecture is done to use external authentication source such as an LDAP server.
| | Author: | regit | | Homepage: | http://www.nufw.org/ | | Changes: | Fixes an SSL related bug. Minor updates. | | File Size: | 104036 | | Last Modified: | Sep 10 01:53:05 2004 |
| MD5 Checksum: | a777a1d9b82a0d7b6cc8805e992ddb20 |
|
| /// File Name: |
pfpro-0.1.0.tar.gz |
Description:
|
PfPro is a Java based GUI for creating OpenBSD PF firewall configurations.
| | Author: | acidos | | Homepage: | http://pfpro.sf.net/ | | Changes: | Updated the XML format, added NAT Support, code cleanup, and more. | | File Size: | 75175 | | Last Modified: | Aug 26 14:54:40 2004 |
| MD5 Checksum: | 213728377e938b0ed7abbdff56d7f6d0 |
|
| /// File Name: |
pfpro-0.0.1.tar.gz |
Description:
|
PfPro is a Java based GUI for creating OpenBSD PF firewall configurations.
| | Author: | acidos | | Homepage: | http://pfpro.sf.net/ | | File Size: | 23369 | | Last Modified: | Jul 5 05:42:00 2004 |
| MD5 Checksum: | 54cd95809f3c650c34c1a814bbfbb29a |
|
| /// File Name: |
nufw-0.7.1.tar.gz |
Description:
|
NuFW is a set of daemons that filters packets on a per-user basis. The gateway authorizes a packet depending on which remote user has sent it. On the client side, users have to run a client that sends authentication packets to the gateway. On the server side, the gateway associates user ids to packets, thus enabling the possibility to filter packets on a user basis. Furthermore, the server architecture is done to use external authentication source such as an LDAP server.
| | Author: | regit | | Homepage: | http://www.nufw.org/ | | Changes: | A new option has been introduced. It guarantees that the packet is logged before been accepted and sent on the network. This release also includes code cleaning and a rewrite of the multithreaded algorithm. | | File Size: | 478875 | | Last Modified: | Jun 17 23:54:58 2004 |
| MD5 Checksum: | a81577831dd5f9ba3f58fef06d17afdc |
|
| /// File Name: |
wflogs-0.9.8.tar.gz |
Description:
|
Wflogs is a firewall log analysis tool. It can be used to produce a log summary report in plain text, HTML, and XML, or to monitor firewalling logs in real-time. For now, netfilter, ipchains, ipfilter, cisco_pix, cisco_ios, and snort input formats are supported. It is particularly fast when asynchronous DNS resolution is enabled. The goal of the WallFire project is to build a very general and modular firewalling application based on Netfilter or any kind of low-level framework. Wflogs is part of the WallFire project, but can be used independently.
| | Author: | Herve Eychenne | | Homepage: | http://www.wallfire.org/wflogs/ | | File Size: | 749272 | | Last Modified: | May 25 19:09:32 2004 |
| MD5 Checksum: | cee2ac33ca3c284f9253b492f793624c |
|
| /// File Name: |
kopkop_0.1.0-1.tar.gz |
Description:
|
kopkop is a daemon that listens for encrypted, signed, and fully random-looking command packets. Only the fields essential for the packets' travel trough the Internet are filled with sane data. Upon reception and after a preset timeout, the daemon executes user-defined commands. This can be used to open firewalls, so you can reduce your system's attack surface by hiding certain services until you need to use them. The included kopkop client creates and sends the encrypted packets. The communication is strictly unidirectional and quite minimal between the client and the server. Replay attacks are forestalled by storing and comparing monotonically increasing packet IDs on both sides.
| | Author: | mcree | | Homepage: | http://kopkop.sourceforge.net/ | | File Size: | 101129 | | Last Modified: | Apr 28 01:55:06 2004 |
| MD5 Checksum: | 8b2ac0ae680bba4a7e01160c80adfd5e |
|
| /// File Name: |
hatchet-0.7.tar.gz |
Description:
|
Hatchet is a log parsing and viewing utility for OpenBSD's PF firewall software. It presents HTML output of logged events and utilization graphs using pfstat.
| | Author: | fuzzyping | | Homepage: | http://www.dixongroup.net/hatchet/ | | Changes: | Various improvements. New utility hatchvert added. | | File Size: | 20570 | | Last Modified: | Apr 11 03:33:00 2004 |
| MD5 Checksum: | cf4c77a3413f9cf6ce5c6601f7149162 |
|
| /// File Name: |
nufw-0.7.0.tar.gz |
Description:
|
NuFW is a set of daemons that filters packets on a per-user basis. The gateway authorizes a packet depending on which remote user has sent it. On the client side, users have to run a client that sends authentication packets to the gateway. On the server side, the gateway associates user ids to packets, thus enabling the possibility to filter packets on a user basis. Furthermore, the server architecture is done to use external authentication source such as an LDAP server.
| | Author: | regit | | Homepage: | http://www.nufw.org/ | | Changes: | Added SSL encryption between client and server, various bug fixes. | | File Size: | 475488 | | Last Modified: | Apr 3 07:18:00 2004 |
| MD5 Checksum: | 483fa20d52075a4865af1a20708ba23d |
|
| /// File Name: |
hatchet-0.6.2.tar.gz |
Description:
|
Hatchet is a log parsing and viewing utility for OpenBSD's PF firewall software. It presents HTML output of logged events and utilization graphs using pfstat.
| | Author: | fuzzyping | | Homepage: | http://www.dixongroup.net/hatchet/ | | Changes: | Added documentation for chroot install. | | File Size: | 17637 | | Last Modified: | Feb 21 12:44:00 2004 |
| MD5 Checksum: | 504a947d6448dfda08ddc40287790004 |
|
| /// File Name: |
ipfreeze-0.4.8.tar.gz |
Description:
|
Ipfreeze is a program that listens to the netlink device. It takes the source address from every incoming packet and adds it to a Netfilter "blacklist" chain. The address is removed from this chain after a user-definable period of time. This allows you to create rules that detect and halt certain odd behaviors, such as ports scans, syn floods, or connection attempts on forbidden ports. The attacker's IP address is blacklisted using the QUEUE target. There is also a whitelist where you can declare hosts that you never want to be blacklisted.
| | Author: | greg | | Homepage: | http://savannah.nongnu.org/projects/yaffl/ | | File Size: | 4791 | | Last Modified: | Feb 20 20:04:00 2004 |
| MD5 Checksum: | 79d9e1264dfa1e3cbc75f49a1bade248 |
|
| /// File Name: |
hatchet-0.6.1.tar.gz |
Description:
|
Hatchet is a log parsing and viewing utility for OpenBSD's PF firewall software. It presents HTML output of logged events and utilization graphs using pfstat.
| | Author: | fuzzyping | | Homepage: | http://www.dixongroup.net/hatchet/ | | File Size: | 16536 | | Last Modified: | Feb 2 21:12:00 2004 |
| MD5 Checksum: | ceccdc285bd62745cc330815dc2effb3 |
|
| /// File Name: |
nufw-0.6.2.tar.gz |
Description:
|
NuFW is a set of daemons that filters packets on a per-user basis. The gateway authorizes a packet depending on which remote user has sent it. On the client side, users have to run a client that sends authentication packets to the gateway. On the server side, the gateway associates user ids to packets, thus enabling the possibility to filter packets on a user basis. Furthermore, the server architecture is done to use external authentication source such as an LDAP server.
| | Author: | regit | | Homepage: | http://www.nufw.org/ | | File Size: | 466317 | | Last Modified: | Jan 5 15:20:49 2004 |
| MD5 Checksum: | 65c8264adf64305ec37e249c3536db02 |
|
| /// File Name: |
ftester-0.9.tar.gz |
Description:
|
The Firewall Tester consists of two perl scripts, the client part (ftest) and the listening sniffer (ftestd). The client injects custom marked packets, while the sniffer listens for them. The comparison of the script's log files permit the detection of filtered packets and consequently filtering rules if the two scripts are ran on different sides of a firewall. An IDS (Intrusion Detection System) testing feature is also available and snort rule definition file can parsed instead of the standard configuration syntax, ftest can also use common IDS evasion techniques. Stateful inspection firewall and IDS can be tested with the 'connection spoofing' option. Requires: Net::RawIP, Net::PcapUtils, NetPacket.
| | Author: | Andrea Barisani | | Changes: | Added support for CIDR notation, added pseudo fragments reassembly in ftestd, minor code rewrites and cleanup. | | File Size: | 30672 | | Last Modified: | Jun 21 19:46:41 2003 |
| MD5 Checksum: | b614622c17090316bbb251a133055670 |
|
| /// File Name: |
firepass-1.0.2a.tar.gz |
Description:
|
Firepass is a tunneling tool that bypasses firewall restrictions and encapsulates data flows inside of HTTP POST requests. TCP or UDP based protocols are supported. Both the client and server entities are written in Perl and the server script acts as a CGI program.
| | Author: | Alex Dyatlov | | Homepage: | http://gray-world.net | | File Size: | 21989 | | Last Modified: | Jun 16 18:48:05 2003 |
| MD5 Checksum: | 4f7cc4904cc77eff1d19775b34e937c1 |
|
| /// File Name: |
ftester-0.8.tar.gz |
Description:
|
The Firewall Tester consists of two perl scripts, the client part (ftest) and the listening sniffer (ftestd). The client injects custom marked packets, while the sniffer listens for them. The comparison of the script's log files permit the detection of filtered packets and consequently filtering rules if the two scripts are ran on different sides of a firewall. An IDS (Intrusion Detection System) testing feature is also available and snort rule definition file can parsed instead of the standard configuration syntax, ftest can also use common IDS evasion techniques. Stateful inspection firewall and IDS can be tested with the 'connection spoofing' option. Requires: Net::RawIP, Net::PcapUtils, NetPacket.
| | Author: | Andrea Barisani | | Changes: | Compatible with Perl 5.8.0, documentation updates, and bug fixes. | | File Size: | 29521 | | Last Modified: | Jan 17 03:19:57 2003 |
| MD5 Checksum: | fffe605984da88178e68fe079f02836b |
|
| /// File Name: |
ip-fil3.4.29.tar.gz |
Description:
|
IP Filter is a TCPIP packet filter which works well in a firewall environment. It can either be run as a loadable kernel module (recommended) or incorporated into your kernel. Scripts are provided to install and patch system files as required. IP Filter also includes several cool features, including transparent proxying via packet forwarding, allowing for round-robin forwarding to achieve load-balanced proxy.
| | Author: | Darren Reed | | Homepage: | http://coombs.anu.edu.au/~avalon | | Changes: | Substantial changes made to the FTP proxy to improve reliability, security, and functionality. It doesn't send ICMP errors/TCP RSTs in response to blocked proxy packets and fixes memory leaks that could occur when unloading ipfilter from the kernel. | | File Size: | 656709 | | Last Modified: | Sep 24 04:01:45 2002 |
| MD5 Checksum: | 639390f34487363537be89d69ff3e647 |
|
| /// File Name: |
rc.walloffire-v0.1BETA.txt |
Description:
|
Netric Firewall Package - iptables release. This tool enables administrators to easily implement a solid firewall for iptables.
| | Homepage: | http://www.netric.org | | File Size: | 29363 | | Last Modified: | Sep 24 00:31:21 2002 |
| MD5 Checksum: | 7542b425d0c3a323bc0d92f82dfde9b3 |
|
| /// File Name: |
zorp-1.4.6.tar.gz |
Description:
|
Zorp is a new-generation modular proxy firewall suite to fine tune proxy decisions with its built in script language, fully analyze complex protocols (like SSH with several forwarded TCP connections), and utilize out of band authentication techniques (unlike common practices where proxy authentication had to be hacked into the protocol).
| | Author: | Balazs Scheidler | | Homepage: | http://www.balabit.hu/products/zorp/ | | Changes: | Some bugfixes were made and a new feature was implemented. | | File Size: | 1646874 | | Last Modified: | Aug 30 01:44:24 2002 |
| MD5 Checksum: | fb824b4e2bfc4073d0fc2ce741eeb09d |
|
| /// File Name: |
ftester-0.7.tar.gz |
Description:
|
The Firewall Tester consists of two perl scripts, the client part (ftest) and the listening sniffer (ftestd). The client injects custom marked packets, while the sniffer listens for them. The comparison of the script's log files permit the detection of filtered packets and consequently filtering rules if the two scripts are ran on different sides of a firewall. An IDS (Intrusion Detection System) testing feature is also available and snort rule definition file can parsed instead of the standard configuration syntax, ftest can also use common IDS evasion techniques. Stateful inspection firewall and IDS can be handled by the 'connection spoofing' option. CHANGES: Added fragmentation option, added option for specifying IP fragments and TCP segments numbers and size, added fragmentation related evasion techniques, extended syntax now works also for connection spoofing modes, various bugfixes, see Changelog for details. Requires: Net::RawIP, Net::PcapUtils, NetPacket.
| | Author: | Andrea Barisani | | File Size: | 24395 | | Last Modified: | Jun 3 00:39:25 2002 |
| MD5 Checksum: | 6eb35a8340580ff4bf783e482b2cb5e8 |
|
| /// File Name: |
zorp_1.4.1-1.tar.gz |
Description:
|
Zorp is a proxy firewall suite which allows the administrator to fine tune proxy decisions (with its built-in script language), and fully analyze complex protocols (including SSH with several forwarded TCP connections, or SSL with an embedded POP3 protocol). FTP, HTTP, finger, whois, and SSL protocols are fully supported with an application-level gateway.
| | Author: | Balazs Scheidler | | Homepage: | http://www.balabit.hu/products/zorp/ | | Changes: | Bugfixes and very few new features. | | File Size: | 1532990 | | Last Modified: | May 19 03:25:58 2002 |
| MD5 Checksum: | 525a91cd9d2eb6fc8338001835ed3777 |
|
| /// File Name: |
ftester-0.6.tar.gz |
Description:
|
The Firewall Tester consists of two perl scripts, the client part (ftest) and the listening sniffer (ftestd). The client injects custom marked packets, while the sniffer listens for them. The comparison of the script's log files permit the detection of filtered packets and consequently filtering rules if the two scripts are ran on different sides of a firewall. An IDS (Intrusion Detection System) testing feature is also available and snort rule definition file can parsed instead of the standard configuration syntax, ftest can also use common IDS evasion techniques. Stateful inspection firewall and IDS can be handled by the 'connection spoofing' option. Requires: Net::RawIP, Net::PcapUtils, Net::Packet.
| | Author: | Andrea Barisani | | Changes: | Added the IDS testing option, added the ability to read snort rule definition files, added the ability of using common IDS evasion techniques, consult Changelog for details. | | File Size: | 21218 | | Last Modified: | Apr 11 07:04:22 2002 |
| MD5 Checksum: | 62afa343b996cbbd9e29e7b13ed05e7d |
|
| /// File Name: |
ftester-0.5.tar.gz |
Description:
|
The Firewall Tester consists of two simple perl scripts, the client part (ftest) and the listening "daemon" (ftestd). The client injects custom marked packets, while the daemon listens for them. The comparison of the script's log files permit the detection of filtered packets and consequently filtering rules if the two scripts are ran on different sides of a firewall.
| | Author: | Andrea Barisani | | Changes: | Code cleanup and bugfixes, now all script are under 'strict', added man page ftester.8. Requires: Net::RawIP, Net::PcapUtils, Net::Packet. | | File Size: | 15210 | | Last Modified: | Mar 6 00:39:49 2002 |
| MD5 Checksum: | 769779403a55a398a35d6d920408ab82 |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
