From Free Software Directory
Jump to: navigation, search

Broaden your selection: Category/Security

Category/Security Search icon.png

firewall (69)

AGT is a console frontend for iptables. It lets you specify options in easy-to-read configuration files, so you can quickly make complex changes to your firewall/gateway.
APSR is a TCP/IP packet sender to test firewalls and other network applications. It also includes a syn flood option, the land DoS attack, a DoS attack against tcpdump running on a UNIX-based system, a UDP-flood attack, and a ping flood option. It currently supports the following protocols: IP, TCP, UDP, ICMP, Ethernet frames and you can also build any other type of protocol using the generic option. This package was formerly known as APSEND.
Adblock Plus
Antifeature: Tracking comment

Adblock Plus is ineffective for surveillance protection by default as it comes with Acceptable Ads enabled: These ads are not meant to be "ads that don't track you".

Blocks banners, pop-ups, tracking, malware. By default, nonintrusive ads aren't blocked in order to support websites.

The add-on is supported by over forty filter subscriptions in dozens of languages which automatically configure it for purposes ranging from removing online advertising to blocking all known malware domains. Adblock Plus also allows you to customize your filters with the assistance of a variety of useful features, including a context option for images, a block tab for Flash and Java objects, and a list of blockable items to remove scripts and stylesheets.

Starting with Adblock Plus 2.0 there is an option in Filter Preferences to allow some non-intrusive advertising. The goal is to support websites using non-intrusive ways to advertise and to encourage more websites to do the same.
Alfandega Firewall
Alfandega Firewall is a collection of Perl modules that helps users to implement iptables-based firewalls for two interfaces. It provides local and remote blacklists, spoofing checks, packet forwarding, ICMP control, service configuration, and more.
Features Double end to end encryption Completely peer to peer using hidden services Cryptographic Identity Verification Excellent Network Security Voice Messages Live Voice Calls over tor (alpha feature) Text Messages Metadata stripped media messages Raw file sending of any size (100 GB+) coming soon... Both peers have to add each others onion addresses to be able to communicate Disappearing messages by default Encrypted file storage on Android Screen security
If you are a broadband or dial-up user who doesn't have a firewall script, you need to get one to protect yourself. AutoFW is intended to help you do that with no hassles. Many people when connecting to the internet need a firewall script made for them so they can surf the net without being susceptible to various attacks. Most, if not all (until now :-), of the existing scripts are written for a large range of requirements and require some tweaking to make them work for a specific user. However many users do not know which parameters to fill in the script config file. AutoFW intends to provide a simple firewall script that you just need to fire and forget. You make sure to run it on computer start-up or just before connecting to the net, and it will detect network condition and setup appropriate firewall rules for you. In order to be "smart" AutoFW has to be limited, the current scope of AutoFW are standard broadband connections, it will also cover dial-up users and stand-alone servers.
BlockIt monitors the Snort alert file and creates either IPTables, IPChains, IPFWADM, or Checkpoint Firewall rules. This version is only for GNU/Linux. BlockIt has built-in CIDR support for multiple target IPs and whitelist support. Additional features include MySQL logging and email logging.
Bulldog Firewall
This is a candidate for deletion: URLs on this page do not work. I could not find "Bulldog Firewall" anywhere online. Drw (talk) 09:00, 18 July 2018 (EDT) 'Bulldog' is a powerful but lightweight firewall for heavy use systems. It allows dynamic and static rules sets for maximum protection and has several advanced features. Be prepared to spend some time setting this up. If you are looking for a "quick fix", then you are on the wrong site. BullDog is NOT a quick fix, but rather one step in a complete security policy.
Coraza is an open source, enterprise-grade, high performance Web Application Firewall (WAF) ready to protect your beloved applications. It is written in Go, supports ModSecurity SecLang rulesets and is 100% compatible with the OWASP Core Rule Set v4. Key Features: ⇲ Drop-in - Coraza is a drop-in alternative to replace the soon to be abandoned Trustwave ModSecurity Engine and supports industry standard SecLang rule sets. 🔥 Security - Coraza runs the OWASP Core Rule Set (CRS) v4 to protect your web applications from a wide range of attacks, including the OWASP Top Ten, with a minimum of false alerts. CRS protects from many common attack categories including: SQL Injection (SQLi), Cross Site Scripting (XSS), PHP & Java Code Injection, HTTPoxy, Shellshock, Scripting/Scanner/Bot Detection & Metadata & Error Leakages. Note that older versions of the CRS are not compatible. 🔌 Extensible - Coraza is a library at its core, with many integrations to deploy on-premise Web Application Firewall instances. Audit Loggers, persistence engines, operators, actions, create your own functionalities to extend Coraza as much as you want. 🚀 Performance - From huge websites to small blogs, Coraza can handle the load with minimal performance impact. Check our Benchmarks ﹡ Simplicity - Anyone is able to understand and modify the Coraza source code. It is easy to extend Coraza with new functionality. 💬 Community - Coraza is a community project, contributions are accepted and all ideas will be considered. Find contributor guidance in the CONTRIBUTION document.
Crowdsec is a firewall and behaviour detection system that uses a shared IP address reputation database in order to identify potential threats. User can instruct Crowdsec to watch certain logs, including both operating system logs and logs for specific applications. These are analysed for potential security threats, and the source IP address of any suspicious activity may be uploaded to a shared reputation database. Likewise, the user can download this shared database to benefit from lists of known suspicious hosts. Crowdsec includes so-called 'bouncers' to block certain IP addresses from accessing services, thus forming a reputation-based firewall. As the bouncer and detection components are separate programs and can remotely communicate, Crowdsec may be appropriate for embedded applications where the host to be protected is not powerful enough to detect potential threats itself; the log analysis can be done on another, more powerful system.

... further results

Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.3 or any later version published by the Free Software Foundation; with no Invariant Sections, no Front-Cover Texts, and no Back-Cover Texts. A copy of the license is included in the page “GNU Free Documentation License”.

The copyright and license notices on this page only apply to the text on this page. Any software or copyright-licenses or other similar notices described in this text has its own copyright notice and license, which can usually be found in the distribution or license text itself.