pcapfix is a repair tool for corrupted pcap and pcapng files. It checks for an intact pcap global header and packet block and repairs it if there are any corrupted bytes. If a header is not present, one is created and added to the beginning of the file. It then tries to find pcap packet headers or packet blocks, and checks and repairs them.
MoSShE (MOnitoring in Simple SHell Environment) is a simple, lightweight (both in size and system requirements) server monitoring package designed for secure and in-depth monitoring of a handful of typical/critical Internet systems. It supports email alerts and SLA monitoring out of the box, and whatever you can script. The system is programmed in plain (Bourne) SH, and made to be compatible with BASH and Busybox so it can easily be deployed on embedded systems. Monitoring is designed to be distributed over multiple systems, usually running locally. As no parameters are accepted from the outside, checks cannot be tampered or misused from outside. The system is designed to allow decentralized checks and evaluation as well as classical agent-based checks with centralized data accumulation. Agent data is transferred via HTTP, so available Web servers can be co-used for agent data transfer. Each agent creates simple (static) HTML pages with full and condensed status reports on each system, allowing simple local checks.
Hatohol collects monitoring information from various monitoring systems and shows their integrated data on one screen. This enables the user to consolidate monitoring centers and operators even when monitored devices are being used in different places or with different monitoring software.
RCPlive is a router live CD based on Debian 7 and the RCP100 routing suite. It is a flexible firewalling and routing platform, configured using a command line interface syntax similar to the one found in commercial routers. The software runs directly from a read-only CD or USB stick, and provides persistence by saving the configuration into a file placed on an existing disk partition.
VyOS is a Linux distribution for routers and firewalls which features a unified commandline interface and a single configuration file, with an API for extending it. It includes BGP, OSPF, and RIP routing protocols, policy-based routing, a DHCP and caching DNS server, a Web proxy, and more. It runs on x86 physical machines and a variety of hypervisors, including KVM, Xen, VMWare, and Hyper-V. VyOS is forked from Vyatta and based on VC6.6 source code.
ipt_pkd is an iptables extension implementing port knock detection with SPA (single packet authorization). This project provides 3 parts: the kernel module ipt_pkd, the iptables user space module libipt_pkd.so, and a user space client knock program. For the knock packet, it uses a UDP packet sent to a random port that contains a SHA-256 of a timestamp, small header, random bytes, and a shared key. ipt_pkd checks the time window of the packet and does the SHA-256 to verify the packet. The shared key is never sent.
Zorp is a proxy firewall suite with its core architecture is built around today's security demands: it uses application level proxies, is modular and component based, uses a script language to describe policy decisions, makes it possible to monitor encrypted traffic, lets you override client actions, and lets you protect your servers with its built in IDS capabilities.
etherpoke is a scriptable network session monitor. It defines two events, SESSION_BEGIN and SESSION_END, to which a hook (system command) can be assigned. The event hook can be any program installed in the system. SESSION_BEGIN is triggered when the first packet with an Ethernet source address matching the filter is captured. SESSION_END is triggered when the time since the last captured packet with an Ethernet source address matching the filter exceeds the session timeout.