Local Area Security Knoppix is a 'Live CD' distribution based on Knoppix but with a strong emphasis on security tools and small footprint. There are two different versions of L.A.S. Linux to fit two specific size requirements. There is a 185 MB version and a 210 MB version to fit on MiniCDs of the same size.
The Auditor security collection is a live-system based on KNOPPIX. It provides tools for analyzing the security of a system. It features a menu structure that reflects the stages of a security check: foot-printing, analysis, scanning, wireless, brute-forcing, cracking. In addition to about 300 security tools, the collection includes background information regarding standard configuration and passwords, truly extensive word lists, and more mundane productivity tools.
The Sentry Firewall CD is a Linux-based bootable CD-ROM, suitable for use as an inexpensive and easy to maintain firewall, router, server, or IDS (Intrusion Detection System) node. The system is designed to be immediately configurable for a variety of different operating environments via a configuration file located on a floppy disk or on a remote server.
Easy Firewall Generator is a PHP Web application that generates an iptables firewall script. The generated script is designed for a single system connected to the Internet or a system acting as a gateway/firewall for a small private network. The generator prompts recursively for a variety of options. When the selected options form a complete set, it generates and returns a commented firewall script based on those options. The generator includes documentation on iptables and each option.
PHREL is a per host rate limiter. It will track the rate of incoming traffic on a server and insert a chain into iptables when a configured threshold is crossed. The inserted chain may either rate limit or block the offending host for a period of time. The inserted chain is automatically removed when the offending host's traffic levels return to normal. PHREL is particularly well suited to protecting nameservers (DNS) from random hosts that flood requests, and to preventing SSH brute force login attempts.
The Network Security Policy Compiler (NetSPoC) is a tool for security management of large computer networks with different security domains. It generates configuration files for packet filters controlling the borders of security domains. It provides its own language for describing security policy and the topology of a network. The security policy is a set of rules that state which packets are allowed to pass the network and which are not. NetSPoC is topology aware; a rule for traffic from A to B is automatically applied to all managed packet filters on the path from A to B.
FIAIF is an Intelligent Firewall. It provides a highly customizable script for setting up an iptables-based firewall. Configuration is done through one configuration file for each network to which the firewall is connected. FIAIF supports masquerading, port forwarding, traffic shaping, and more.