Software Map

OpenProtect is an anti-spam server that filters spam and blocks viruses, phishing, and other malware. Acts as an SMTP gateway and integrates with any email server like Postfix, Sendmail, qmail, Exim, Microsoft Exchange, Lotus Domino, Zimbra, etc.

Libmcrypt is a library which provides a uniform interface to several symmetric encryption algorithms. It is intended to have a simple interface to access encryption algorithms in ofb, cbc, cfb, and ecb modes. The algorithms it supports are DES, 3DES, RIJNDAEL, Twofish, IDEA, GOST, CAST-256, ARCFOUR, SERPENT, SAFER+, and more. The algorithms and modes are also modular so you can add and remove them on the fly without recompiling the library.

CloudVPN is a secure decentralized mesh networking tool. It allows applications to use it as a mesh transport layer for packet routing, easily creating mesh ethernet VPN, secured audio/video broadcasting or communication channels, etc. It can create secured networks with special or weird topologies, so it's very easy to create connection schemes with clustered/decentralized servers, topologies with better throughput, ring-like topologies for failover, long-line for passing through many routes, or tree topology for optimizing inter-server bandwidth needs.

afick is another file integrity checker, designed to be fast and fully portable between Unix and Windows platforms. It works by first creating a database that represents a snapshot of the most essential parts of your computer system. You can then run the script to discover all modifications made since the snapshot was taken (i.e. files added, changed, or removed). The configuration syntax is very close to that of aide or tripwire, and a graphical interface is provided.

Expresso Framework is an open standards-based J2EE architectural framework that allows the developer to concentrate on application logic. It is a library of extensible Java Server application framework components for creating database-driven Web applications based on open standards. Expresso integrates with Apache Jakarta Struts, which emphasizes presentation and application configuration, and bringing a powerful tag library to Expresso. Expresso adds capabilities for security, robust object-relational mapping, background job handling and scheduling, self-tests, logging integration, automated table manipulation, database connection pooling, email connectivity, event notification, error handling, caching, internationalization, XML automation, testing, registration objects, configuration management, workflow, automatic database maintenance, and a JSP tag library.

FSlint is a toolkit to find various forms of lint on a filesystem. At the moment it reports duplicate files, bad symbolic links, troublesome file names, empty directories, non stripped executables, temporary files, duplicate/conflicting (binary) names, and unused ext2 directory blocks.

grsecurity is a complete security system for Linux 2.4 and 2.6 that implements a detection/prevention/containment strategy. It prevents most forms of address space modification, confines programs via its Role-Based Access Control system, hardens syscalls, provides full-featured auditing, and implements many of the OpenBSD randomness features. It was written for performance, ease-of-use, and security. The RBAC system has an intelligent learning mode that can generate least privilege policies for the entire system with no configuration. All of grsecurity supports a feature that logs the IP of the attacker that causes an alert or audit.

FreeRADIUS is a high-performance, highly configurable, and feature-rich RADIUS server. Supported features include EAP (wireless authentication, PEAP, TTLS), MySQL, PostgreSQL, Oracle, LDAP, X9.9 token cards, VMPS, and many more. It comes with more than 50 vendor dictionaries, and interoperates with many others. It is the only open source RADIUS server that has implemented EAP, and it is currently deployed in multiple million-user systems.

Owl (Openwall GNU/*/Linux) is a small security-enhanced Linux distribution for servers. Owl also makes a good base system for customized virtual machine images and embedded systems, and Owl live CDs with remote SSH access are good for recovering or installing systems (whether with Owl or not). A single Owl CD includes the full live system, installable packages, the installer program, as well as full source code and the build environment capable of rebuilding the entire system from source. Owl supports multiple architectures (x86, x86-64, SPARC, and Alpha) and offers some compatibility for packages developed for other Linux distributions. The primary approaches to security are proactive source code review, privilege reduction, privilege separation, careful selection of third-party software, safe defaults, and "hardening" to reduce the likelihood of successful exploitation of security flaws.