| Basic
information of the current redWall Firewall release |
|
| Current released redWall Version: | 0.5.4c |
| Current Kernel: |
|
| Software | Version | Description (taken from the Software Homepages) | Visit the Homepage |
Quagga  |
0.96.5 | Quagga is a routing software suite, providing implementations of OSPFv2, OSPFv3, RIP v1 and v2, RIPv3 and BGPv4 for Unix platforms, particularly FreeBSD and Linux and also NetBSD, to mention a few. Quagga is a fork of GNU Zebra which was developed by Kunihiro Ishiguro. The Quagga tree aims to build a more involved community around Quagga than the current centralised model of GNU Zebra. | |
VRRP |
1.0 | ImageStream's VRRP daemon (VRRPd) is an RFC 2338 compliant implementation of the Virtual Router Redundancy Protocol (VRRP). The Virtual Router Redundancy Protocol is designed to eliminate the single point of failure associated with statically routed networks by automatically providing failover using multiple LAN paths through alternate routers | |
UCARP |
1.0 | UCARP allows a couple of hosts to share common virtual IP addresses in order to provide automatic failover. It is a portable userland implementation of the secure and patent-free Common Address Redundancy Protocol ( CARP , OpenBSD's alternative to the VRRP ). Strong points of the CARP protocol are : very low overhead, cryptographically signed messages, interoperability between different operating systems and no need for any dedicated extra network link between redundant hosts. |
|
CBQ.init |
0.7.3 | CBQ.init script demonstrate power of CBQ mechanism in network traffic management under Linux platform. This bash script parses human-readable config files and does all needed manipulation with 'tc' linux kernel utilite (author - A.Kuznetsov). | |
HTB.init |
0.8.5 | HTB.init is a shell script derived from CBQ.init that allows for easy setup of HTB-based traffic control on Linux. HTB (Hierachical Token Bucket) is a new queueing discipline which attempts to address the weaknesses of current CBQ implementation. | |
pyshaper |
0.1.3 | A simple yet versatile program for managing your internet traffic in real time. | |
vconfig |
1.8 | 802.1Q VLAN implementation for Linux | |
Iptables |
1.2.11 | The netfilter/iptables project is the Linux 2.4.x
/ 2.5.x firewalling subsystem.It delivers you the functionality of packet
filtering (stateless or stateful), all different kinds of NAT (Network
Address Translation) and packet mangling. If you are running
a recent Linux system (Kernel 2.4.x or above) on a router, you can use
netfilter/iptables for all kinds of firewalling, NAT or other advanced
packet processing. |
|
Shorewall |
2.0.3a | The Shoreline Firewall, more commonly known as "Shorewall", is high-level tool for configuring Netfilter. You describe your firewall/gateway requirements using entries in a set of configuration files. Shorewall reads those configuration files and with the help of the iptables utility, Shorewall configures Netfilter to match your requirements. Shorewall can be used on a dedicated firewall system, a multi-function gateway/router/server or on a standalone GNU/Linux system. Shorewall does not use Netfilter's ipchains compatibility mode and can thus take advantage of Netfilter's connection state tracking capabilities. | |
ipkungfu |
0.5.2 | IPKungFu is an iptables-based Linux firewall. It aims to simplify the configuration of Internet connection sharing, port forwarding, and packet filtering. | |
ebtables |
2.0.6 | The ebtables program is a filtering tool for a bridging firewall. The filtering is focussed on the Link Layer Ethernet frame fields. Apart from filtering, it also gives the ability to alter the Ethernet MAC addresses and implement a brouter. This website is also a reference for the Linux bridge-nf code, which gives Linux bridging IP firewall functionality by letting iptables 'see' the bridged IP packets. Both ebtables and bridge-nf are a part of the standard 2.6 kernel. A patch for the 2.4 stable kernel is maintained here, for convenience. When the stable 2.6 kernel will be available, support for 2.4 will be dropped. |
|
mtr |
0.58 | mtr combines the functionality of the 'traceroute' and 'ping' programs in a single network diagnostic tool.
As mtr starts, it investigates the network connection between the host mtr runs on and a user-specified destination host. After it determines the address of each network hop between the machines, it sends a sequence ICMP ECHO requests to each one to determine the quality of the link to each machine. As it does this, it prints running statistics about each machine. |
|
iptstate |
1.3 | IP Tables State implements the "state top" feature from IP Filter for IP Tables. "State top" displays the states held by your stateful firewall in a "top"-like manner. Since IP Tables doesn't have a built-in way to easily display this information once, an option was added to iptstate to do this. | |
bridge-utils |
1.0.4 | A bridge is a way to connect two separate network segments together in a protocol independent way. Packets are forwarded based on Ethernet address, rather than IP address (like a router). Since forwarding is done at Layer 2, all protocols can go transparently through a bridge. | |
wlan-ng-utils |
0.2.1-pre21 | The goal of the linux-wlan(tm) Project is to develop a complete, standards based, wireless LAN system using the GNU/Linux operating system. What differentiates this project from the Linux wireless extensions and other Linux wireless projects is that everything is based on the IEEE 802.11 standard. |
VPN:
| Software | Version | Description (taken from the Software Homepages) | Visit the Homepage |
| FreeS/WAN |
2.05 | Linux FreeS/WAN is an implementation of IPSEC & IKE for Linux.
IPSEC is Internet Protocol SECurity. It uses strong cryptography to provide both authentication and encryption services. Authentication ensures that packets are from the right sender and have not been altered in transit. Encryption prevents unauthorised reading of packet contents. These services allow you to build secure tunnels through untrusted networks. Everything passing through the untrusted net is encrypted by the IPSEC gateway machine and decrypted by the gateway at the other end. The result is Virtual Private Network or VPN. This is a network which is effectively private even though it includes machines at several different sites connected by the insecure Internet. The IPSEC protocols were developed by the IETF (Internet Engineering
Task Force) and will be required as part of IP Version Six, the next
generation. They are also being widely implemented for IP V4. In particular,
nearly all vendors of any type of firewall or security software have
IPSEC support either shipping or in development. There are also several
open source IPSEC projects. Several companies are co-operating in
the Secure Wide Area Network (S/WAN) project to ensure that products
will interoperate. There is also a VPN Consortium fostering cooperation
among companies in this area. |
|
|
Openswan |
2.1.4 | Openswan is an Open Source implementation of IPsec for the Linux operating system. Is it a code fork of the FreeS/WAN project, started by a few of the developers who were growing frustrated with the politics surrounding the FreeS/WAN project. Includes: X.509 Version 1.4.8 and NAT-T 0.6c patches |
|
| openvpn |
1.6.0 | OpenVPN is a robust and highly configurable VPN (Virtual Private Network) daemon which can be used to securely link two or more private networks using an encrypted tunnel over the internet. | |
| stunnel |
4.05 | Stunnel is a program that allows you to encrypt arbitrary TCP connections inside SSL (Secure Sockets Layer) available on both Unix and Windows. Stunnel can allow you to secure non-SSL aware daemons and protocols (like POP, IMAP, LDAP, etc) by having Stunnel provide the encryption, requiring no changes to the daemon's code. | |
|
vtun |
2.6 | VTun is the easiest way to create Virtual Tunnels over TCP/IP networks with traffic shaping, compression, and encryption. It supports IP, Ethernet, PPP and other tunnel types. VTun is easily and highly configurable. VPN, Mobile IP, Shaping, etc | |
L2TPD |
0.69 | Layer 2 Tunnelling Protocol Daemon | |
PPP |
2.4.2 | A daemon which implements the PPP protocol for internetworking over dialup lines | |
PoPToP |
1.2.0-b3 | PoPToP is the PPTP server solution for Linux (ports exist for Solaris 2.6, OpenBSD and FreeBSD and others). Before PoPToP no solution existed if you wished to include Linux servers in PPTP established VPNs. PoPToP resolved that problem by allowing Linux servers to function seamlessly in the PPTP VPN environment. This enables administrators to leverage the considerable benefits of both Microsoft and Linux. The current release version supports Windows 95/98/NT/2000 PPTP clients and PPTP Linux clients. |
| Software | Version | Description (taken from the Software Homepages) | Visit the Homepage |
Snort with snortsam support |
2.1.3 | The Open Source Network Intrusion Detection System |
|
Snort_inline |
2.1.3 | The Open Source Network Intrusion Detection System |
|
Snort with snortsam support |
2.0.6 | The Open Source Network Intrusion Detection System |
|
Snort_inline |
2.0.6 | The Open Source Network Intrusion Detection System |
|
| Snortsam |
2.24 | SnortSam is a plugin for Snort, an open-source light-weight Intrusion Detection System (IDS). The plugin allows for automated blocking of IP addresses | |
SnortCenter |
1.0-RC1 | SnortCenter is a web-based client-server management system written
in PHP and Perl. It will help you to configure the Snort configuration
& signature files. The Management Console will build the configuration files for you and then send it to the remote sensor. |
Analysis / Reporting / Logging:
| Software | Version | Description (taken from the Software Homepages) | Visit the Homepage |
DeepSight Extractor |
4.3 | Uploads your IDS Logfiles to a central database on the web (securityfocus).
For further analysis and to be compared against all ids reports worldwide. |
|
Logwatch |
5.2.2 | Logwatch is a customizable log analysis system. Logwatch parses through your system's logs for a given period of time and creates a report analyzing areas that you specify, in as much detail as you require. Logwatch is easy to use and will work right out of the package on most systems. | |
Ntop |
3.0 | ntop is a tool for both Unix and Win32 that shows the network usage, similar to what the popular top Unix command does. It sports both a web and a command line interface. | |
Acid |
0.9.6b23 | The Analysis Console for Intrusion Databases (ACID) is a PHP-based analysis engine to search and process a database of security events generated by various IDSes, firewalls, and network monitoring tools. | |
Sarg |
1.4.1 | Sarg - Squid Analysis Report Generator is a tool that allow you to view "where" your users are going to on the Internet. Sarg generate reports in html, with fields like: users, IP Addresses, bytes, sites and times. |
|
SquidAnalyzer |
3.0 | SquidAnalyzer parse native access log format of the Squid proxy and generate general statistics about hits, bytes, users, networks, top url and top second level domain. Statistic reports are oriented to user and bandwidth control, this |
|
phpSysInfo |
2.2 | PHPSysInfo is a customizable PHP Script that parses /proc, and formats information nicely. It will display information about system facts like Uptime, CPU, Memory, PCI devices, SCSI devices, IDE devices, Network adapters, Disk usage, and more. | |
php-syslog-ng |
2.5.1 | php-syslog-ng is a frontend for viewing syslog-ng messages logged to MySQL in realtime. It features customized searches based on device, time, date, priority, and message. The changes in this release are as follows: This release fixed a minor bug using limit GET requests within a PHP header function (it corrects the division by zero error message). |
|
ulogd |
1.02 | ulogd is a replacement for traditional syslog-based logging (using the LOG target) in iptables-based firewalls. ULOG/ulogd has a different concept. Packets get copied to a special logging daemon, which can do very detailed logging to different targets (plaintext files, MySQL databases, ...). ulogd supports plugins for different output formats, as well as for new protocols/... | |
DarkStat |
2.6 | darkstat is a network traffic analyzer. It's basically a packet sniffer which runs as a background process on a cable/DSL router and gathers all sorts of useless but interesting statistics. | |
webfwlog |
0.87 | Webfwlog is a flexible web-based analysis and reporting tool for firewall logs. It support data saved in a database using the ULOGD target of the linux netfilter project, supporting both postgresql and mysql databases. | |
|
midas |
2.2f | MIDAS is a cross platform Monitoring and NIDS server. The goal of this project is to build a robust and complete network/system monitoring suite that is capable of scaling to very large networks.
|
|
| snortcon |
0.03 | SnortCon is a web-based utility that provides a high-level overview of the threats that a network is facing. SnortCon requires that SNORT is logging to a MySQL or Postgres database. The interface updates at user configurable intervals to show the following information: top/recent attacks, top/recent attackers, number of events over the past {5,15,30,60} minutes, and the current SnortCon. The SnortCon can be three values, HIGH, MEDIUM, OR LOW. It is calculated based on the number of SNORT events that have been generated during a pre-defined interval. Attack data is also displayed in a graphical form for the last 60 minutes and last 24 hours. Recent Attack Detail for the past 30 minutes is also available. The tool is primarily intended to be high-level and not meant to replace detailed analysis tools such as ACID. SnortCon can serve as the active desktop backgroud (Windows) on an IDS console. | |
|
iptraf |
2.7.0 | IPTraf is a console-based network statistics utility for Linux. It gathers a variety of figures such as TCP connection packet and byte counts, interface statistics and activity indicators, TCP/UDP traffic breakdowns, and LAN station packet and byte counts. | |
|
bandwidthd |
1.2.1b | BandwidthD tracks usage of TCP/IP network subnets and builds html files with graphs to display utilization. Charts are built by individual IPs, and display utilization over 2 day, 8 day, 40 day, and 400 day periods. Furthermore, each ip address's utilization can be logged out at intervals of 2.5 minutes, 10 minutes, 1 hour or 12 hours in cdf format. HTTP, TCP, UDP, ICMP, VPN, and P2P traffic are color coded. |
System:
| Software | Version | Description (taken from the Software Homepages) | Visit the Homepage |
heartbeat |
1.1.4 | Linux-HA heartbeat package. This package monitors hosts and informs the cluster when one of them dies. It includes Horms's code from "fake" below for IP address takeover. It currently works for 2-node clusters and supports multiple interfaces per node. It supports serial and UDP broadcast/multicast heartbeats. |
|
webmin |
1.150 | Webmin is a web-based interface for system administration for Unix. Using any browser that supports tables and forms (and Java for the File Manager module), you can setup user accounts, Apache, DNS, file sharing and so on. Additional Modules included: |
| Software | Version | Description (taken from the Software Homepages) | Visit the Homepage |
privoxy |
3.0.3 | Privoxy is a web proxy with advanced filtering capabilities for protecting privacy, filtering web page content, managing cookies, controlling access, and removing ads, banners, pop-ups and other obnoxious Internet junk. Privoxy has a very flexible configuration and can be customized to suit individual needs and tastes. Privoxy has application for both stand-alone systems and multi-user networks. |
|
DansGuardian |
2.7.7-9 | DansGuardian is an award winning web content filtering proxy(1)
for Linux, FreeBSD, OpenBSD, NetBSD, Mac OS X, HP-UX, and Solaris
that uses Squid(2) to do all the fetching. It filters using multiple
methods. These methods include URL and domain filtering, content phrase
filtering, PICS filtering, MIME filtering, file extension filtering,
POST limiting. |
|
squid |
2.5.STABLE3 | a full-featured Web proxy cache | |
chpasswd |
2.2.1 | This utility allow your users to change their Squid or Web password
using the browser. (english, german, french and italian) |
|
squidGuard |
1.2.0 | squidGuard is a combined filter, redirector and access controller plugin for Squid. | |
|
BL_Update |
0.9.3 | "refreshes" the SquidGuard and/or Dansguardian Blacklist database files on a daily basis. Thanks to Christopher Rath for doing this nice script ! | N/A |
| delegated |
8.9.5 | DeleGate is a multi-purpose application level gateway, or a proxy server which runs on multiple platforms (Unix, Windows, MacOS X and OS/2). DeleGate mediates communication of various protocols (HTTP, FTP, NNTP, SMTP, POP, Telnet, SOCKS, etc.), applying cache and conversion for mediated data, controlling access from clients and routing toward servers. It translates protocols between clients and servers, applying SSL(TLS) to arbitrary protocols, merging several servers into a single server view with aliasing and filtering. Born as a tiny proxy for Gopher in March 1994, it has steadily grown into a general purpose proxy server. Besides beeing a proxy, DeleGate can be used as a simple origin server for some protocols (HTTP, FTP and NNTP). |
|
| ss5 |
2.4 | SS5 is a socks server that implements the SOCKS v4 and v5 protocol.
As a proxy server, SS5 authenticates, profiles and processes network
requests for clients. It establishes connections to application hosts
for client applications. When the client attempts to access the network,
the client connects to the SS5 daemon instead of the application host. |
| Software | Version | Description (taken from the Software Homepages) | Visit the Homepage |
postfix |
2.0.18 | Postfix attempts to be fast, easy to administer, and secure, while at the same time being sendmail compatible enough to not upset existing users. Thus, the outside has a sendmail-ish flavor, but the inside is completely different. |
|
spamassassin |
2.63 | SpamAssassin(tm) is a mail filter to identify spam. | |
amavisd-new |
20030616 | amavisd-new is a high-performance interface between mailer (MTA) and content checkers: virus scanners, and/or SpamAssassin. It is written in Perl for maintainability, without paying a significant price for speed. It talks to MTA via (E)SMTP or LMTP, or by using helper programs. Best with Postfix, fine with dual-sendmail setup and Exim v4, works with sendmail/milter, or with any MTA as a SMTP relay. 'Howto' for qmail available as well. | |
razor Agent |
2.40 | Vipul's Razor is a distributed, collaborative, spam detection and filtering network. Through user contribution, Razor establishes a distributed and constantly updating catalogue of spam in propagation that is consulted by email clients to filter out known spam. Detection is done with statistical and randomized signatures that efficiently spot mutating spam content. User input is validated through reputation assignments based on consensus on report and revoke assertions which in turn is used for computing confidence values associated with individual signatures. | |
dcc |
1.2.50 | In early 2004, the DCC or Distributed Checksum Clearinghouse is a system of thousands of clients and about 200 servers collecting and counting checksums related to more than 100 million mail messages per day. The counts can be used by SMTP servers and mail user agents to detect and reject or filter spam or unsolicited bulk mail. DCC servers exchange or "flood" common checksums. The checksums include values that are constant across common variations in bulk messages, including "personalizations." | |
clamAV |
0.74 | Clam AntiVirus is a GPL anti-virus toolkit for UNIX. The main purpose
of this software is the integration with mail servers (attachment
scanning). The package provides a flexible and scalable multi-threaded daemon, a command line scanner, and a tool for automatic updating via Internet. The programs are based on a shared library distributed with the Clam AntiVirus package, which you can use with your own software. Most importantly, the virus database is kept up to date . |
|
anomy sanitizer |
1.68 | The Anomy sanitizer is what most people would call "an email
virus scanner". That description is not totally accurate, but
it does cover one of the more important jobs that the sanitizer can
do for you - it can scan email attachments for viruses. Other things
it can do:
* Disable potentially dangerous HTML code, such as javascript,
within incoming email. |
|
fetchmail |
6.2.5 | Fetchmail is a full-featured, robust, well-documented remote-mail retrieval and forwarding utility intended to be used over on-demand TCP/IP links (such as SLIP or PPP connections). It supports every remote-mail protocol now in use on the Internet: POP2, POP3, RPOP, APOP, KPOP, all flavors of IMAP, ETRN, and ODMR. It can even support IPv6 and IPSEC. |
|
srupdate |
N/A | Sender Restriction list for postfix automatic update |
Misc.:
| Software | Version | Description (taken from the Software Homepages) | Visit the Homepage |
dnsmasq |
2.9 | Dnsmasq is lightweight, easy to configure DNS forwarder and DHCP server. It is designed to provide DNS and, optionally, DHCP, to a small network. It can serve the names of local machines which are not in the global DNS. The DHCP server integrates with the DNS server and allows machines with DHCP-allocated addresses to appear in the DNS with names configured either in each host or in a central configuration file. Dnsmasq supports static and dynamic DHCP leases and BOOTP for network booting of diskless machines. |
|
bind (chrooted) |
9.2.3 | BIND (Berkeley Internet Name Domain) is an implementation of the Domain Name System (DNS) protocols and provides an openly redistributable reference implementation of the major components of the Domain Name System, including:
* a Domain Name System server (named) The BIND DNS Server is used on the vast majority of name serving machines on the Internet, providing a robust and stable architecture on top of which an organization's naming architecture can be built. The resolver library included in the BIND distribution provides the standard APIs for translation between domain names and Internet addresses and is intended to be linked with applications requiring name service. |
|
syslog-ng |
1.6.4 | syslog-ng, as the name shows, is a syslogd replacement, but with new functionality for the new generation. The original syslogd allows messages only to be sorted based on priority/facility pairs; syslog-ng adds the possibility to filter based on message contents using regular expressions. The new configuration scheme is intuitive and powerful. Forwarding logs over TCP and remembering all forwarding hops makes it ideal for firewalled environments. |
|
apache |
2.0.40 | The Apache HTTP Server Project is an effort to develop and maintain an open-source HTTP server for modern operating systems including UNIX and Windows NT. The goal of this project is to provide a secure, efficient and extensible server that provides HTTP services in sync with the current HTTP standards. | |
vsftpd |
1.2.2 | vsftpd is a GPL licensed FTP server for UNIX systems, including Linux. It is secure and extremely fast. It is stable. | |
frox |
0.7.14 | Frox is a transparent ftp proxy which is released under the GPL. It optionally supports caching (either through an external http cache (eg. squid ), or by maintaining a cache locally), and/or running a virus scanner, on downloaded files. It is written with security in mind, and in the default setup it runs as a non root user in a chroot jail. | |
mysql-server |
4.0.18 | The MySQL database server is the world's most popular open source database. Its architecture makes it extremely fast and easy to customize. Extensive reuse of code within the software and a minimalistic approach to producing functionally-rich features has resulted in a database management system unmatched in speed, compactness, stability and ease of deployment. The unique separation of the core server from the storage engine makes it possible to run with strict transaction control or with ultra-fast transactionless disk access, whichever is most appropriate for the situation. | |
openssh |
3.8p1 | OpenSSH is a FREE version of the SSH protocol suite of network connectivity tools that increasing numbers of people on the Internet are coming to rely on. Many users of telnet, rlogin, ftp, and other such programs might not realize that their password is transmitted across the Internet unencrypted, but it is. OpenSSH encrypts all traffic (including passwords) to effectively eliminate eavesdropping, connection hijacking, and other network-level attacks. Additionally, OpenSSH provides a myriad of secure tunneling capabilities, as well as a variety of authentication methods. | |
screen |
4.0.2 | Screen is a full-screen window manager that multiplexes a physical terminal between several processes, typically interactive shells. Each virtual terminal provides the functions of the DEC VT100 terminal and, in addition, several control functions from the ANSI X3.64 (ISO 6429) and ISO 2022 standards (e.g., insert/delete line and support for multiple character sets). There is a scrollback history buffer for each virtual terminal and a copy-and-paste mechanism that allows the user to move text regions between windows. When screen is called, it creates a single window with a shell in it (or the specified command) and then gets out of your way so that you can use the program as you normally would. Then, at any time, you can create new (full-screen) windows with other programs in them (including more shells), kill the current window, view a list of the active windows, turn output logging on and off, copy text between windows, view the scrollback history, switch between windows, etc. All windows run their programs completely independent of each other. Programs continue to run when their window is currently not visible and even when the whole screen session is detached from the users terminal. | |
openssl |
0.9.7d | The OpenSSL Project is a collaborative effort to develop a robust, commercial-grade, full-featured, and Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols as well as a full-strength general purpose cryptography library. The project is managed by a worldwide community of volunteers that use the Internet to communicate, plan, and develop the OpenSSL toolkit and its related documentation. | |
pcmcia-cs |
3.2.7 | Card Services for Linux is a complete PCMCIA support package. It includes a set of loadable kernel modules that implement a version of the PCMCIA 2.1 Card Services applications program interface, a set of client drivers for specific cards, and a card manager daemon that can respond to card insertion and removal events, loading and unloading drivers on demand. It supports ``hot swapping'' of PCMCIA cards, so cards can be inserted and ejected at any time. | |
email |
2.2.2 | Email is a program for the Unix environment that sends messages. You may think that this has already been done, and it has, but not with the quality and enhancements that email has! Have you ever wanted to send email from the command line using your SMTP server instead of sendmail? Have you ever wanted to send email without entering a confusing menu application and you only wanted to push a few command line options to route your email to the SMTP server of your choice? Did you want to encrypt that email with gpg before it was sent but wanted the email client to do it for you? If you answered yes to all of these questions, then email is for you. You can now send email via the command line to remote SMTP servers. You can have it encrypted to the recipient of your choice. This and many other possibilities are easily implemented with email. | |
php |
4.2.2 | PHP is a widely-used general-purpose scripting language that is especially suited for Web development and can be embedded into HTML. |