samhain is a daemon that can check file integrity, search the file tree for SUID files, and detect kernel module rootkits (Linux only). It can be used either standalone or as a client/server system for centralized monitoring, with strong (192-bit AES) encryption for client/server connections and the option to store databases and configuration files on the server. For tamper resistance, it supports signed database/configuration files and signed reports/audit logs. It has been tested on Linux, FreeBSD, Solaris, AIX, HP-UX, and Unixware.
CryptoHeaven offers secure email and online file sharing/storage. Its main features are secure and highly encrypted services such as group collaboration, file sharing, email, online storage, and instant messaging. It integrates multi-user based security into email, instant messaging, and file storage and sharing in one unique package. It provides real time communication for text and data transfers in a multi-user secure environment. The security and usability of CryptoHeaven is well-balanced; even the no-so-technically oriented computer users can enjoy this crypto product with very high level of encryption.
The Mandos system allows computers to have encrypted root file systems and at the same time be capable of remote or unattended reboots. The computers run a small client program in the initial RAM disk environment which will communicate with a server over a network. All network communication is encrypted using TLS. The clients are identified by the server using an OpenPGP key that is unique to each client. The server sends the clients an encrypted password. The encrypted password is decrypted by the clients using the same OpenPGP key, and the password is then used to unlock the root file system.
The OpenCA OCSP Responder is an RFC 2560 compliant OCSPD responder. It can be used to verify the status of a certificate using OCSP clients (such as Mozilla/Netscape7). The Responder is actually included in the main OpenCA distribution package. It is also possible to install the daemon as a stand-alone application, in which case you will need a CRL (or access to an LDAP server where the CRL can be obtained).
The LibPKI Project is aimed to provide an easy-to-use PKI library for PKI-enabled application development. The library provides the developer with all the needed functionality to manage certificates, from generation to validation. It helps developers integrate X509 digital certificates into their applications, and implement complex cryptographic operations with a few simple function calls using a high-level cryptographic API. The library constitutes the core of other OpenCA Labs Projects like the PRQP Server, the OCSP Responder, and the OpenCA-NG PKI.
Ubuntu Privacy Remix is a modified live CD based on Ubuntu Linux. UPR is not intended for permanent installation on a hard disk. The goal of Ubuntu Privacy Remix is to provide an isolated working environment where private data can be dealt with safely. The system installed on the computer running UPR remains untouched. It does this by removing support for network devices as well as local hard disks. Ubuntu Privacy Remix includes TrueCrypt and GnuPG for encryption and introduces "extended TrueCrypt volumes".
PacketFence is a fully supported, trusted network access control (NAC) system. It includes a captive portal for registration and remediation, centralized wired and wireless management, 802.1X support, layer-2 isolation of problematic devices, and integration with the Snort IDS and the Nessus vulnerability scanner. It can be used to effectively secure networks, from small to very large heterogeneous networks.