BBStatus is an IP accounting package and an SNMP and IP monitoring tool for Linux. It collects, summarizes, and displays the values from its database. It can be used for IP accounting (allows you to design various kinds of accounting filters), SNMP monitoring (collects data making SNMP requests), ICMP monitoring (stores and summarizes values like min, avg, max reply time, and packet loss), and client traffic filtering (using various types of filters). It also provides user based access so that every user can log in and visualize various data (depending on access rights). It requires PostgreSQL, Apache with mod_auth_pgsql, Perl(Net::SNMP), and RRDTool.

p3pmail will remove dangerous HTML tags from email messages to make them safer for viewing. It does this by skipping the header of the email message before parsing it for dangerous HTML tags. It will only parse HTML email.

File system investigator is a forensic tool for viewing filesystems. It is written entirely in Java, so it is platform independent. It allows viewing of ReiserFS and EXT2/3. While primarily intended as a forensics tool, it is also useful for Linux users who dual boot with another OS; it allows them to view and extract files from their partitions.

Webfwlog allows users to design reports to use on logged data in whatever configuration they desire. Included are sample reports as a starting point. Reports can be sorted with a single click, or "drilled-down" all the way to the packet level, and saved for later use.

Hatchet is a log parsing and viewing utility for OpenBSD's PF firewall software. It presents HTML output of logged events and utilization graphs using pfstat.

Astaro Security Linux is a firewall solution. It does stateful packet inspection filtering, content filtering, user authentication, virus scanning, VPN with IPSec and PPTP, and much more. With its Web-based management tool, WebAdmin, and the ability to pull updates via the Internet, it is pretty easy to manage. It is based on a special hardened Linux 2.4 distribution where most daemons are running in change-roots and are protected by kernel capabilities.

NSA Security-enhanced Linux is a set of patches to the Linux kernel and some utilities to incorporate a strong, flexible mandatory access control architecture into the major subsystems of the kernel. It provides a mechanism to enforce the separation of information based on confidentiality and integrity requirements, which allows threats of tampering and bypassing of application security mechanisms to be addressed and enables the confinement of damage that can be caused by malicious or flawed applications. It includes a set of sample security policy configuration files designed to meet common, general-purpose security goals.

moftpd is a powerful FTP server supporting IPv6, virtual hosts, fine grained permissions, and much more.

Telconi Terminal is an unique network management application with interactive full-screen configuration editing, browsing, help facility support, debugging, and more. It focuses on common Cisco IOS functionality present with any hardware or software configuration, and complements the command line interface with a rich set of features. It is intended for users with knowledge of Cisco IOS, and is designed to work with any IOS-based device, such as routers and switches.

The milter module for Python provides a python interface to Sendmail's libmilter that exploits all its features. Milters can run on the same machine as sendmail, or another machine. The milter can even run with a different operating system or processor than sendmail. Sendmail talks to the milter via a local or internet socket, and keeps the milter informed of events as it processes a mail connection. At any point, the milter can cut the conversation short by telling sendmail to ACCEPT, REJECT, or DISCARD the message. After receiving a complete message from sendmail, the milter can again REJECT or DISCARD it, but it can also ACCEPT it with changes to the headers or body.

DSPAM is a server-side anti-spam agent for UNIX email servers. It masquerades as the email server's local delivery agent and filters/learns SPAM using a Bayesian statistical approach which provides an administratively maintenance-free, self-learning Anti-Spam service. Each email is broken down into its most interesting tokens, each assigned a spam probability. All probabilities are then combined to produce a statistical probability of spam. This approach, applied to a mature corpus of email, has the potential to yield a 99.5% success rate with only 0.03% chance of false positives.

CG_spam_filter.pl provides a content filter program for the Stalker CommuniGate Pro mail server that seeks to limit the number of outgoing spam your local users can send and incoming spam your system can receive. In essence, it is a throttling script that starts rejecting mail once a certain threshold is reached, such as X messages or recipients per minute. It is difficult to catch spammers until after the fact (when they have already done lots of damage and spammed many users); this is simply an effort to stop them in their tracks in real-time so you can deal with them later.

fwsnort translates snort rules into an equivalent iptables ruleset. By making use of the iptables string match module, fwsnort can detect application layer signatures which exist in many snort rules. fwsnort adds a --hex-string option to iptables, which allows snort rules that contain hex characters to be input directly into iptables rulesets without modification. In addition, fwsnort makes use of the IPTables::Parse Perl module in order to (optionally) restrict the snort rule translation to only those rules that specify traffic that could potentially be allowed through an existing iptables policy.