The syswatch LKM protects against chroot breaks, a ptrace race condition, and more. It protects userland from general hacking attacks.
a299a4f1783c3fa843156538cb7787c207faaa28921407f21d73668e5cf69d0eSanewall is a firewall builder for Linux which uses an elegant language abstracted to just the right level. This makes it powerful and easy to use, audit, and understand. It allows you to create very readable configurations even for complex stateful firewalls. Sanewall can be used for almost any purpose, including control of any number of internal/external/virtual interfaces, control of any combination of routed traffic, setting up DMZ routers and servers, all kinds of NAT, providing strong protection (flooding, spoofing, etc.), transparent caches, source MAC verification, blacklists, and whitelists. Newer versions abstract the differences between IPv4 and IPv6, allowing you to define a common set of rules for both, while permitting specific rules for each as you need.
1d43aaccbe3da7de634097317cf9714ebe9b35ed10bc08f213f6214f84e9bdebSanewall is a firewall builder for Linux which uses an elegant language abstracted to just the right level. This makes it powerful and easy to use, audit, and understand. It allows you to create very readable configurations even for complex stateful firewalls. Sanewall can be used for almost any purpose, including control of any number of internal/external/virtual interfaces, control of any combination of routed traffic, setting up DMZ routers and servers, all kinds of NAT, providing strong protection (flooding, spoofing, etc.), transparent caches, source MAC verification, blacklists, and whitelists. Newer versions abstract the differences between IPv4 and IPv6, allowing you to define a common set of rules for both, while permitting specific rules for each as you need.
f4baeaaad503a6e733fc98155a24a5842b86f244638b2018545645810223b907Sanewall is a firewall builder for Linux which uses an elegant language abstracted to just the right level. This makes it powerful and easy to use, audit, and understand. It allows you to create very readable configurations even for complex stateful firewalls. Sanewall can be used for almost any purpose, including control of any number of internal/external/virtual interfaces, control of any combination of routed traffic, setting up DMZ routers and servers, all kinds of NAT, providing strong protection (flooding, spoofing, etc.), transparent caches, source MAC verification, blacklists, and whitelists. Newer versions abstract the differences between IPv4 and IPv6, allowing you to define a common set of rules for both, while permitting specific rules for each as you need.
de89a99279e9adb00d0b31773b2d9e9f51a184329ffb6353fe9e05a836447a0bSanewall is a firewall builder for Linux which uses an elegant language abstracted to just the right level. This makes it powerful and easy to use, audit, and understand. It allows you to create very readable configurations even for complex stateful firewalls. Sanewall can be used for almost any purpose, including control of any number of internal/external/virtual interfaces, control of any combination of routed traffic, setting up DMZ routers and servers, all kinds of NAT, providing strong protection (flooding, spoofing, etc.), transparent caches, source MAC verification, blacklists, and whitelists. Newer versions abstract the differences between IPv4 and IPv6, allowing you to define a common set of rules for both, while permitting specific rules for each as you need.
89747957be987508490f1ce9e2239c4570d3760c4c8ec6766920b98883569b8bSanewall is a firewall builder for Linux which uses an elegant language abstracted to just the right level. This makes it powerful and easy to use, audit, and understand. It allows you to create very readable configurations even for complex stateful firewalls. Sanewall can be used for almost any purpose, including control of any number of internal/external/virtual interfaces, control of any combination of routed traffic, setting up DMZ routers and servers, all kinds of NAT, providing strong protection (flooding, spoofing, etc.), transparent caches, source MAC verification, blacklists, and whitelists. Newer versions abstract the differences between IPv4 and IPv6, allowing you to define a common set of rules for both, while permitting specific rules for each as you need.
0b80c1594e3c3a4c142f31e8c0ffd0744358c1ec7c024440c8ea6f1642296e95Sanewall is a firewall builder for Linux which uses an elegant language abstracted to just the right level. This makes it powerful and easy to use, audit, and understand. It allows you to create very readable configurations even for complex stateful firewalls. Sanewall can be used for almost any purpose, including control of any number of internal/external/virtual interfaces, control of any combination of routed traffic, setting up DMZ routers and servers, all kinds of NAT, providing strong protection (flooding, spoofing, etc.), transparent caches, source MAC verification, blacklists, and whitelists. Newer versions abstract the differences between IPv4 and IPv6, allowing you to define a common set of rules for both, while permitting specific rules for each as you need.
206ac56ec2a9a30060b4039e1430dfd8af44b5fa5a158b69dc7ed68a64b66f2eiptables-bash_completion provides programmable completion for the iptables and ip6tables programs from netfilter.org. Following the logic of iptables, options are shown only if they are valid at the current context. Additionally to the completion on options, matches and targets, it supports dynamic retrieval of data from the system i.e: chain-, set-names, interfaces, hostnames, etc. Environment variables allow to fine grade completion options. IP and MAC addresses can be fed by file.
5eb19e8d6cf7acaf5393a22e953b5672f0def1483e43ed8b95e6693b98ba0995ipset-bash-completion is programmable completion code for the bash shell, to support the ipset program (netfilter.org). It allows you to interactively retrieve and complete options, commands, set names, types, and members.
fa75ff80e88714e0dba7cc8711f2d7e884bf7242c078f1702bf344b78ef179faipset_list is a wrapper script for listing sets of the netfilter ipset program. It allows you to match and display sets, headers, and elements in various ways. Optionally, the output can be colorized.
10eb834de2fa6982ccc269893a4471d82a6ce319bd2b9d1ec9ebaaa49e7348edconntrack-tools is a set of userspace tools for Linux that allow system administrators to interact with the Connection Tracking System, the module which provides stateful packet inspection for iptables. It includes the userspace daemon conntrackd and the commandline interface conntrack.
d4b0f42a9e814e9f2c95bb5dbaa7bd02a418114e019d6fa85d6b22ff20c95b6aipset-bash-completion is programmable completion code for the bash shell, to support the ipset program (netfilter.org). It allows you to interactively retrieve and complete options, commands, set names, types, and members.
7d12affbeb448d8cdc343a6ae9a8e3aad5f2c829a8a167c1843d16a143ec3840ipset_list is a wrapper script for listing sets of the netfilter ipset program. It allows you to match and display sets, headers, and elements in various ways. Optionally, the output can be colorized.
b14d55bcbf2ebebae3e1b719fc2ad988219a10b7aecce8ba4af114f09c41461darptables is an administrative utility for managing the ARP filter table in the Linux kernel.
277985e29ecd93bd759a58242cad0e02ba9d4a6e1b7795235e3b507661bc0049iptables is built on top of netfilter, the packet alteration framework for Linux 2.4.x and 2.6.x. It is a major rewrite of its predecessor ipchains, and is used to control packet filtering, Network Address Translation (masquerading, portforwarding, transparent proxying), and special effects such as packet mangling.
51e7a769469383b6ad308a6a19cdd2bd813cf4593e21a156a543a1cd70554925This program listens for sound. If it detects any, it starts recording automatically and also automatically stops when things become silent again.
890836e94e3df9f0cd83b2cb9ed98f9a072cb4aaa3d5ebfc78785a6ad2d47bbaconntrack-tools is a set of userspace tools for Linux that allow system administrators to interact with the Connection Tracking System, the module which provides stateful packet inspection for iptables. It includes the userspace daemon conntrackd and the commandline interface conntrack.
036b032a5c4d180aad686df21399d74506b9b3d3000794eb13ac313482e24896iptables is built on top of netfilter, the packet alteration framework for Linux 2.4.x and 2.6.x. It is a major rewrite of its predecessor ipchains, and is used to control packet filtering, Network Address Translation (masquerading, portforwarding, transparent proxying), and special effects such as packet mangling.
4468ce7e1d68349a8e30f26110eb7969dbfdbf497d6c53758883123b3f2d6f6eiptables is built on top of netfilter, the packet alteration framework for Linux 2.4.x and 2.6.x. It is a major rewrite of its predecessor ipchains, and is used to control packet filtering, Network Address Translation (masquerading, portforwarding, transparent proxying), and special effects such as packet mangling.
867c144e60075e7bebe6fcecf0b65169d5e2d1fa5ceec2ebd9780cd5026123eaconntrack-tools is a set of userspace tools for Linux that allow system administrators to interact with the Connection Tracking System, the module which provides stateful packet inspection for iptables. It includes the userspace daemon conntrackd and the commandline interface conntrack.
e1da5f4c46094c252df5a167b28ecf2085dd73d1258316021d80612e5c9e332bThe Mandos system allows computers to have encrypted root file systems and at the same time be capable of remote or unattended reboots. The computers run a small client program in the initial RAM disk environment which will communicate with a server over a network. All network communication is encrypted using TLS. The clients are identified by the server using an OpenPGP key that is unique to each client. The server sends the clients an encrypted password. The encrypted password is decrypted by the clients using the same OpenPGP key, and the password is then used to unlock the root file system.
36ea3627ca945f7c7e5d36e2cf2f4151341760f14dc63b2acc36e37c0b639bc0The Mandos system allows computers to have encrypted root file systems and at the same time be capable of remote or unattended reboots. The computers run a small client program in the initial RAM disk environment which will communicate with a server over a network. All network communication is encrypted using TLS. The clients are identified by the server using an OpenPGP key that is unique to each client. The server sends the clients an encrypted password. The encrypted password is decrypted by the clients using the same OpenPGP key, and the password is then used to unlock the root file system.
9c16c6cc30e22732c7b928b01088f86c4f085521f0bfb79c1767d04fbea1d1c6conntrack-tools is a set of userspace tools for Linux that allow system administrators to interact with the Connection Tracking System, the module which provides stateful packet inspection for iptables. It includes the userspace daemon conntrackd and the commandline interface conntrack.
7332b6fda82460bb4f07e93ce67e676b81a955d5738f3b67ca2f1063ddd4dc67iptables is built on top of netfilter, the packet alteration framework for Linux 2.4.x and 2.6.x. It is a major rewrite of its predecessor ipchains, and is used to control packet filtering, Network Address Translation (masquerading, portforwarding, transparent proxying), and special effects such as packet mangling.
9be675696f41cd4f35cc332b667d285fe9489ca93c8e1f77804bd04b3315a522The Mandos system allows computers to have encrypted root file systems and at the same time be capable of remote or unattended reboots. The computers run a small client program in the initial RAM disk environment which will communicate with a server over a network. All network communication is encrypted using TLS. The clients are identified by the server using an OpenPGP key that is unique to each client. The server sends the clients an encrypted password. The encrypted password is decrypted by the clients using the same OpenPGP key, and the password is then used to unlock the root file system.
16900475f719f8394ae99a19bad4cf17fa77baa7b0eaea068548cdbae183151c
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed