Sshguard monitors services through their logging activity. It reacts to messages about dangerous activity by blocking the source address with the local firewall. Sshguard employs a clever parser that can transparently recognize several logging formats at once (syslog, syslog-ng, metalog, multilog, raw messages), and detects attacks for many services out of the box, including SSH, several ftpds, and dovecot. It can operate all the major firewalling systems, and features support for IPv6, whitelisting, suspension, and log message authentication.
FreeBSDShield is a DShield.org reporting client for FreeBSD and the ipfw firewall. It allows you to report attempted security breaches to the DShield cooperative firewall logging effort, which in turn helps the Internet Storm Center (and netizens at large) track trends in network security and catch emerging vulnerabilities.
vpn-shaper is a dynamic traffic shaper for openvpn, poptop, and similar programs, using iproute2. It allows shaping of traffic between many users conected to one server, and it supports different prioritiy schemes for different users and different types of traffic. Trafic shaping uses the HTB qdisc. Prioritization uses l7-filter and ipp2p and some of the patch-o-matic extensions. Classification of trafic in HTB classes is done by using the IPMARC patch-o-matic extension. vpn-shaper requires the IPMARK patch-o-matic extension, connmark iptables match, and HTB qdisc.
Firekeeper is an intrusion detection and prevention system for Firefox. It is able to detect, block and warn the user about malicious sites. Firekeeper uses flexible rules similar to Snort ones to describe browser-based attack attempts. Rules can also be used to effectively filter different kinds of unwanted content.
The ipoque PRX traffic manager effectively detects and controls all major peer-to-peer (P2P) filesharing, instant messaging (IM), and Voice over IP (VoIP) protocols. Bandwidth and volume limits can be assigned to network links, subnets, individual users, and user groups. Detailed usage statistics are provided and can be exported for post-processing. This community edition is a fully functional version with a bandwidth limit of 2 Mbit/s.
Enhanced Reverse Pimpage is an enhanced version of the original rpimp by Matt Miller. Reverse Pimpage was designed to allow you to access a computer that is behind a firewall from outside that firewall itself. The way it accomplishes this is by having the client (the computer behind the firewall) send a SYN request to a certain port at certain intervals. The computer that will access the client must run the server program, and when the time interval is up it will connect. Once it's connected, the client telnets to itself and routes data back and forth between the two.
Firetable is an IPtables firewall script for Linux. It has no graphical interface, and all the configuration is done via configuration files. This makes Firetable ideal for servers. The syntax of the configuration file is easy to learn and logical. Multiple interfaces can be maintained independently.