Free Software Foundation!

AGT AGT is a console frontend for iptables. It lets you specify options in easy-to-read configuration files, so you can quickly make complex changes to your firewall/gateway.

AIM Sniff AIM Sniff is a utility for monitoring and archiving AIM and MSN messages across a network. It can be used to monitor for cases of harassment or warez trading. It has the ability to do a live dump (actively sniff the network) or read a PCAP file and parse the file for IM messages. You also have the option of dumping the information to a MySQL database or STDOUT. AIM Sniff will also monitor for an IM login and then perform an SMB lookup on the originating computer in order to match NT Domain names with IM login names (handles).

AMaViS-ng AMaViS-ng is a modular rewrite of amavisd and amavis-perl. It scans email for malicious code inside attachments and archive files, stopping delivery if malicious code is found. It supports integration of several third-party virus scanners and integrates nicely into several MTA setups. Unlike amavis-perl and amavisd, there is no need for build-time configuration

APSR APSR is a TCP/IP packet sender to test firewalls and other network applications. It also includes a syn flood option, the land DoS attack, a DoS attack against tcpdump running on a UNIX-based system, a UDP-flood attack, and a ping flood option. It currently supports the following protocols: IP, TCP, UDP, ICMP, Ethernet frames and you can also build any other type of protocol using the generic option. This package was formerly known as APSEND.

Aesutil 2 'aesutil' is a small library and command line program to encrypt or decrypt data using the Rijndael algorithm in CBC mode.

Afick 'afick' is a multi-platform file integrity checker. It works by first creating a database that represents a snapshot of the essential parts of your computer system. You then run the script to discover all modifications made since the snapshot was taken (i.e. files added, changed, or removed). It shows new, deleted and changed files (rights, owner, size, content).

Alfandega Firewall Alfandega Firewall is a collection of Perl modules that helps users to implement iptables-based firewalls for two interfaces. It provides local and remote blacklists, spoofing checks, packet forwarding, ICMP control, service configuration, and more.

Amavisd-new 'amavisd-new' is an interface between MTAs and content checkers, including virus scanners, and/or the Mail::SpamAssasin Perl module. It talks to the MTA via (E)SMTP or LMTP, or by using helper programs. No timing gaps exist in the design, which could cause a mail loss. It is normally positioned at or near a central mailer, not necessarily where the user's mailboxes and final delivery takes place.

And-httpd And-httpd is an HTTP server that maps URLs to files. In other words, in can take an incoming URL and map it to a file in a number of ways (for example, according to content type or language). It can also do authentication or IP based ACLs. It cannot do CGI or other kinds of code execution. It cannot even dynamically create directory listings (although it comes with external tools to do so automatically, and to create a "status page"). It currently has a $2000 "security guarantee" against remote attacks.

AntiExploit 'AntiExploit' scans for well known exploit files. It currently recognizes over 1700 suspicious files, and the database is updated weekly. It is not meant to be a IDS or high-profile security-application, but rather an extension to other security checks. 'aexpl' was developed for a freeshell-server to track script-kiddies.

Apf 'apf' (active port forwarder) uses SSL for secure packet tunneling. It is meant for users without an external IP who want to make some services available on the Internet. afserver is placed on the machine with a publicly accessible address. afclient is then placed on the machine behind a firewall or masquerade, which makes the second machine visible to the Internet. You do not need root privileges to run afserver, nor does it use other processes. It uses 'zlib' to compress the transferred data.

ArgusEye ArgusEye is a GUI for some of the features of Argus. Argus is a powerful suite of tools for transaction-based network auditing. ArgusEye aims at supporting daily work with Argus by providing a graphical user interface.

Arpalert 'arpalert' listens on a network interface, catches all conversations of MAC address to IP request, and compares the MAc addresses it detected with a pre-configured list of authorized addresses. If the address is not on this list, arpalert launches an alert script with the MAC address and IP address as parameters. 'arpalert' can run in daemon mode and is very fast (low CPU and memory consumption). It responds at signal SIGHUP (configuration reload) and at signals SIGTERM, SIGINT, SIGQUIT and SIGABRT (Kwhere it stops itself).

Authforce Authforce is an HTTP authentication brute forcer. Using various methods, it attempts brute force username and password pairs for a site. It has the ability to try common usernames and passwords, username derivations, and common username/password pairs. It is used both to test the security of your site and to highlight the insecurity of HTTP authentication due to the fact that users just don't pick good passwords.

AutoFW If you are a broadband or dial-up user who doesn't have a firewall script, you need to get one to protect yourself. AutoFW is intended to help you do that with no hassles. Many people when connecting to the internet need a firewall script made for them so they can surf the net without being susceptible to various attacks. Most, if not all (until now :-), of the existing scripts are written for a large range of requirements and require some tweaking to make them work for a specific user. However many users do not know which parameters to fill in the script config file. AutoFW intends to provide a simple firewall script that you just need to fire and forget. You make sure to run it on computer start-up or just before connecting to the net, and it will detect network condition and setup appropriate firewall rules for you. In order to be "smart" AutoFW has to be limited, the current scope of AutoFW are standard broadband connections, it will also cover dial-up users and stand-alone servers.

Averist 'Averist' adds an authentication layer to any CGI application written in Perl. It supports initial authentication through CGI (form), and it can use CGI (hidden form fields) or cookies for reauthentication after a configurable timeout. It can also use a DBM file, a flat file database, or an SQL database for storing session tickets for increased security. The username and password check at the initial authentication can be done via a DBM file, an LDAP directory, a NIS database, the passwd database, a passwd-style file, or an SQL database.

BeeCrypt BeeCrypt is a cryptography library that contains highly optimized C and assembler implementations of many well-known algorithms including Blowfish, MD5, SHA-1, Diffie-Hellman, and ElGamal. Unlike some other crypto libraries, BeeCrypt is not designed to solve one specific problem, like file encryption, but to be a general purpose toolkit which can be used in a variety of applications. There are also no patent or royalty issues associated with BeeCrypt.

BlockIt BlockIt monitors the Snort alert file and creates either IPTables, IPChains, IPFWADM, or Checkpoint Firewall rules. This version is only for GNU/Linux. BlockIt has built-in CIDR support for multiple target IPs and whitelist support. Additional features include MySQL logging and email logging.

BlueProximity Add security to your desktop by automatically locking and unlocking the screen when you and your phone leave/enter the desk. Think of a proximity detector for your mobile phone or other device via bluetooth.

Botan Botan (formerly OpenCL) is a library of cryptographic algorithms. It includes a wide selection of block and stream ciphers, public key algorithms, hash functions, and message authentication codes, plus a high level filter-based interface. The home page has a list of supported algorithms.