Links:
OpenVPN OpenVPN is a robust and highly configurable VPN (Virtual Private Network) daemon which can be used to securely link two or more private networks using an encrypted tunnel over the internet. Read more hot inetdxtra inetdxtra is a collection of inetd servers aimed at low-powered hardware like the Linksys NSLU2. It comprises a lightweight DNS, DHCP, MVPrelay, SMTP, WWW, and XMPP/Jabber server. new USB Network Daemon The USB Network Daemon is an application that makes a USB interface available over the network as transparently as possible. Because the data structures that are accepted by the daemon are similar to the direct USB calls of a well-known USB driver vendor, the (additional) implementation of the network interface can be done easily. new ACL Policy Daemon for Postfix ACL Policy Daemon is a program that communicates with the Postfix MTA using the Policy Delegation Protocol implementing an ACL (Access Control List) system, making very easy to improve and create nice controls on your e-mail traffic. You can use it to verify SPF records too. Active port forwarder Active port forwarder is a software tool for secure port forwarding. It uses SSL to increase security of communication between a server and a client. Originally, it was developed to forward data point to point. However, the need for bypassing firewalls in order to connect to internally located computers influenced the further development of the project. aeswepd a UNIX daemon for changing WEP keys of WLAN devices in constant intervals. The WEP keys are calculated by encrypting the current UNIX time using the AES cypher with a given constant key. aeswepd strengthens the security of the weak hardware based, standards compliant WEP technology alived a simple daemon and client for sending keepalive messages. The server keeps a list of hostname to IP address, useful for when a remote DHCP client changes IP addresses authfail authfail is a program that goes with real time updating on FIFO file and adds IP into netfilter with DROP/REJECT policy in real time. The FIFO file is /dev/authfail. The rejected hosts database is located in /var/log/authfail. Each time a given host will do an "authentication failure" via syslog, authfail will count it. If this occure more than the parameters given to authfail, the given host will be REJECTED/DROPPED via Netfilter. Whois notification is possible. Binkd a TCP/IP daemon to transfer files between two Fidonet systems bridged an user-land alternative to in-kernel ethernet bridge for Linux. Like its kernel counterpart it uses AVL trees to speed up lookups. Currently it only offers basic functionality ClusterNFS a set of patches for the "Universal NFS Daemon" (UNFSD) to allow multiple diskless clients to nfs mount the same root filesystem by providing "interpreted" file names crackblock crackblock is a daemon that monitors your /var/log/secure for ssh login failures and blocks brute-force password crack attempts. Crossroads Load Balancer Crossroads is a load balance and fail over utility for TCP based services. It is a daemon program running in user space, and features extensive configurability, polling of back ends using 'wakeup calls', detailed status reporting, 'hooks' for special actions when backend calls fail, and much more. Crossroads is service-independent: it is usable for HTTP(S), SSH, SMTP, DNS, etc. CryptNET Peer Cache Daemon CryptNET Peer Cache Daemon provides a bootstrapping solution to allow p2p servlets to connect to existing p2p networks. The GWebCache and UHC protocols are implemented. It was designed for the GNU/Linux platform, is written in C, and uses the pthreads library.. Daemon Shield Daemon Shield is a daemon that creates realtime dynamic, expirable iptables rules to block/drop IP addresses attempting brute-force breakin attacks on a linux host via ssh or other mechanism. Highly customizable and extensible. dhcpcd dhcpcd is an implementation of the DHCP client specified in RFC2131. FakeIKEd Fiked is a fake IKE daemon supporting just enough of the standards and Cisco extensions to attack commonly found insecure Cisco PSK+XAUTH VPN setups in what could be described as a semi MitM attack. fusemb fusemb is a small daemon which maps Microsoft network hierarchy into Unix filesystem subtree, using libsmbclient to obtain information about entries in the SMB network and FUSE (Filesystem In UserSpace) to allow seamless network browsing using standard Unix ways. fwdaemon fwdaemon is a Linux firewall runtime backend. Any client application can communicate with the fwdaemon and decide what network network flow can be accepted or which should be dropped. giFT giFT is a bridge between P2P protocols and front-ends. It is implemented as a modular daemon able to load multiple back-end protocols exposed to the user via an XML-like interface protocol. Honeyd a small daemon that creates virtual hosts on a network. The hosts can be configured to run arbitrary services, and their TCP personality can be adapted so that they appear to be running certain versions of operating systems HttpAuth HTTPAuth is a daemon and framework for authenticating HTTP requests. It supports Basic and Digest authentication against various databases such as LDAP, PostgreSQL or MYSQL. It also supports NTLM authentication against a Windows Server. ICMP Shell a telnet-like protocol. It allows users to connect to a remote host and to open a shell using only ICMP to send and receive data icmpmonitor using the InterNet Control Message Protocol (ICMP) "ECHO" facility, monitors several hosts, and notify admin if some of them are down IDSA IDSA can be used as a system logger and tcpd (tcp wrapper) replacement, where the tcp wrappers request permission from the core idsa system to accept an incoming connection. ifplugd ifplugd automaticallys configure your ethernet device when a cable is plugged in and automatically unconfigure it if the cable is pulled. This is useful on laptops with onboard network adapters, since it will only configure the interface when a cable is really connected. IM-Filter IM-Filter is a daemon that runs on a firewall and filters ICQ traffic. The daemon can identify file transfers, handle UIN and word blacklists, manage a list with currently logged in users, and log messages sent via the ICQ protocol. The modular design allows implementation of other protocols like MSN or IRC. IMAPEngine IMAPEngine is an IMAP email server that stores all email and mailbox data within a tdbengine database structure. Thus it provides high performance even with a huge number of email accounts, messages and folders. IPCAD listens for traffic on the specified interfaces. It has the built-in RSH and NetFlow engines to allow exporting the accounting data the same way as Cisco routers do ipsvd a set of internet protocol service daemons for Unix. It currently includes a TCP/IP service daemon, and a UDP/IP service daemon IRRd The Internet Registry Routing Daemon: a streamlined, stand-alone Internet Routing Registry database server that supports RIPE-181, RPSL, and RPSLng routing registry syntaxes. The IRRd package includes additional utilities, tools, and services to securely manage and maintain the database JubJub JubJub is a daemon for server side logging of XMPP packets. JubJub is based upon a module architecture, so it is possible to flexibly reassign handlers for different types of XMPP packets. Originally, JubJub was designed for ejabberd server. JubJub is named after a collateral character of the famous poem by Lewis Carroll. kimono kimono is a network service monitor similar to sysmon. it aims to monitor services to such an extend that the administrator can be certain of its function, and in case of failure alert in a number of ways. it stores all data (by default) in an SQL database. The data is collected through a daemon. knfsd a much-improved Linux NFS server with support for NFSv3 as well as NFSv2 knockd knockd is a port-knock server. It listens to all traffic on an ethernet (or PPP) interface, looking for special "knock" sequences of port-hits. A client makes these port-hits by sending a TCP (or UDP) packet to a port on the server. Kojoney Kojoney is a low level interaction honeypot that emulates an SSH server. The daemon is written in Python using the Twisted Conch libraries. Ktell Ktell is a user level daemon that monitors expiration time of Kerberos ticket granting tickets. It will send a warning to the user's least idle tty when a certain time is reached before the ticket will expire. L4ip a daemon that extends IPFilter's simple round-robin L4 load balancing with health checks. It takes care of monitoring and dynamically adding and removing ipnat rules in the kernel linetd linetd is a small inetd or xinetd replacement. It does not use a configuration file and can be run from the commandline by a nonroot user. lingerd a daemon (service) designed to take over the job of properly closing network connections from an http server like Apache logfilterd a log filtering "daemon" written in Perl Looper Event / Alert System a free open-sourced *NIX application designed to greatly simplify the event / alert model LSM-PKCS11 LSM-PKCS11 is a package intended to support the implementation of Lite Security Modules, i.e. a kind of not certified Software or Hardware Security Modules (HSM, SSM). The targets of such implementations are PKIs (Public Keys Infrastructures) for intra-company and network applications, requiring a non-trivial security level but not so 'budgeted' to allow the acquisition of true (certified) HSMs, whose cost starts from as little as some thousands dollars. LVSmon a cluster monitoring daemon written originally with the intention of replacing tools like ldirectord and mon with regards to maintaining LVS tables mbsyslog mbsyslog is a soup-to-nuts implementation of syslogd. Runs as separate modules which enhance security and allow sys admins to introduce stdin-stdout filters between modules. Distributed under the GPL. Mini SNMP Daemon Mini SNMP Daemon is a minimal implementation of an SNMP daemon. It is targeted for usage in embedded systems with limited disk and memory resources. All configuration is done using commandline arguments. It supports basic CPU, memory, disk, and network interface statistics. MiniUPnP Client and Daemon The MiniUPnP project is a library and a daemon. The library is aimed to enable applications to use the capabilities of a UPnP Internet Gateway Device present on the network to forward ports. The daemon adds the UPnP Internet Gateway Device functionality to a NAT gateway running OpenBSD through PF. Miredo Miredo is a Unix daemon program which implements the Teredo: Tunneling IPv6 over UDP through NATs Internet draft specification. mxallowd mxallowd is a daemon for Linux Netfilter (using libipq) which implements a slightly improved nolisting mechanism. It requires your name server to be configured to return two MX IP addresses, and the one with higher priority must not run a mail server on port 25. mxallowd blocks attempts to connect to the mail server unless the sender tries to connect to the first mail server before the second. Since most spammers will attempt direct connections to each mail server, they will be blocked. nagserv Nagserv is a daemon with 2 functionalities. It can act as an RSS feeder that provides the Nagios status as an RSS feed (e.g. which services are down, etc.). It can also be a bridge between the new Nagios 2.0 status.log format and tools that expect the older Nagios 1.2 format. NAmpel a daemon for visualizing the state of a network, using Nagios NatACL a authentication daemon for NAT and Transparent Proxy. The authentication input is done by the browser, it will redirect any URL to a internal page, asking for login and password netacct-mysql netacct-mysql is a modified version of traffic accounting daemon net-acct which stores collected data in MySQL. NetAlert The netalert daemon checks the availability of network services by initiating cyclic tcp and/or udp connection attemps. It?s also capable of validating received sequences (using extended regular expressions) and even triggering those sequences by sending sequences itself. Netplug manages network interfaces in response to network cables being plugged in and out NetTraf NetTraf consists of a daemon running on Linux, and a client application that monitors one interface on the Linux machine. It is mainly used to show the status of a dial-up connection of a Linux masquerade server, so everyone on the network knows if the connection is active and how well the connection is performing. nionet nionet is a complete VPN server/client solution that bridges an Ethernet segment over whatever transport network you chose. Thus it is possible to have no difference wether the road warrior is in the office or outside - everything works the same way: DHCP, TCP/IP, ARP, Routing, etc. nisldapd a software daemon written in C for *nix systems that, given a properly configured ypserv, slapd and syslog environment, can provide user and group information via NIS/YP which is published in an LDAP datastore octod Octod is a "download manager daemon", i.e. a daemon that listens at the network interface for incoming download jobs and performs them (simultaneously) in the background. It is intended to run on desktop systems as a reliable and fast download manager without the overhead of a graphical user interface, but it can also be used as a centralized download station running in network environments with multiple users. Oculus Server Monitor Oculus Server Monitor uses a plaintext protocol to export server information to any client that connects to it. It supports a plugin system for commands, an XML-style configuration file, and IP-based access control. old Open Lock Daemon: simple lock server which provides central point where to lock resources in a distributed environment by using TCP/IP to communicate with its clients OpenNTPd a free implementation of the Network Time Protocol. It provides the ability to sync the local clock to remote NTP servers and can act as NTP server itself, redistributing the local clock OpenSLP an effort to develop an open-source implementation of Service Location Protocol suitable for commercial and non-commercial application P4Spam P4Spam is a Perforce change review daemon which spits out sexy HTML-styled notification emails. pftabled a small helper to make your pf tables reachable from other hosts. You can add/delete/flush IP addresses to/from a fixed table with a single UDP datagram. A simple client program is included to do this from the command line Policy Daemon Policyd is an anti-spam plugin for Postfix (written in C) that does greylisting, sender (envelope or SASL) based throttling (on messages and/or volume per defined time unit) and Spamtrap monitoring / blacklisting. Portkey Portkey is an implementation of a port-knocking daemon. It's simple, reliable and requires no special clients - telnet is fine. It supports knocks on any valid TCP port in the range 1-65535 and supports key sequences of arbitrary lengths. ptcap ptcap is a Unix daemon that captures traffic packet size, source, destination, and times and saves this data into a native Postgres or ODBC database in near real time, from which traffic reports may be made. It does not save the actual data or headers. It works on ethX or cooked devices like ppp0. It uses Postgres embedded SQL to insert the data, pcap to capture traffic, and pthreads to capure and write at the same time. Pcap filters can be specified on the command line. Logs go to syslog. pTRTd Portable Transport Relay Translator Daemon: a method of allowing IPv6 hosts to communicate with IPv4 hosts. It is a TRT as specified by RFC 3142, similar to the Faith package implemented by the KAME project PyGopherD PyGopherD is a modern Gopher server. It can serve documents with Gopher+, standard Gopher (RFC1436), and HTTP -- all on the same port. Pygopherd features a modular extension system as well as loadable scripts and much more. radvd Linux IPv6 Router Advertisement Daemon: sends Router Advertisement messages, specified by RFC 2461, to a local Ethernet LAN periodically and when requested by a node sending a Router Solicitation message Rsyncmanager Rsyncmanager is a daemon designed to simplify the task of coordinating multiple file transfers to or from a machine. It was originally written to serve as the managing hub of a backup system that used rsync to feed in files from many other machines, so that all backups could be run from a single place. scanlogd a TCP port scan detection tool, originally designed to illustrate various attacks an IDS developer has to deal with sesoma sesoma allows you to build a virtual user infrastructure using sendmail and PostgreSQL/MySQL without patching. shaperd a user-space traffic shaper SharpIGD a C# deamon that implements the UPnP Internet Gateway Device specification (IGD) and allows UPnP aware clients, such as MSN Messenger or DirectPlay based applications to work properly from private networks SIPFwd The SIP forwarding daemon (implemented as a stateless SIP proxy) allows you to seamlessly forward SIP requests to other SIP servers Snort2Pf Snort2Pf greps Snort's alertfile and blocks the "naughty" hosts for a given amount of time using pfctl. SNTS Simple Network Time Sync: allows multiple groupings of servers and clients on a network for independent time management for labs Socks4 Server This is a C++ implementation of a socks4 server. It supports both CONNECT and BIND operations. Spyrius Spyrius is an extensible multithreaded superdaemon. It is essentially a TCP server that manages loadable modules ("plug-ins"). Each module represents a network service that can be loaded into or unloaded from the daemon on-the-fly. Worker threads are spawned to handle incoming client connections. A client can communicate with several modules in the course of one session with the daemon. The daemon itself can be administered over a TCP connection. Swhoisd provides the standard Internet whois directory service System Local Audit Daemon SLAD is a tool for performing local security checks against GNU/Linux systems. The Version 2.0 provides a XML Interface for Parameters and easy integration of additional audit-parameters and tools. To help the administrator to integrate a new feature-set, a development-documentation is provided with the cvs. tcap captures traffic packet size, source, destination and times and saves this data into a postgres database in real time, from which traffic reports may be made. Works on cooked devices like ppp0 Uses - embedded sql to insert the data - pcap to capture traffic - pthreads to capure and write at the same time tgw tgw is a tcp gateway which allows you to connect two machine which cannot normally communicate via an intermediate node. tinc a Virtual Private Network (VPN) daemon that uses tunneling and encryption to create a secure private network between hosts on the Internet tipxd an IPX protocol tunneling daemon, running IPX over TCP/IP between many hosts and unpacking them on the other side. This is especially useful for people with masqueraded hosts who want to communicate IPX traffic to others with masqueraded hosts. ulog-acctd a userspace network accounting daemon which collects headers of IP packets that travel through the Linux 2.4+ Netfilter. It logs aggregated accounting records that consist of source/dest, ports, byte/packet counter, interfaces, protocol UniK OLSR daemon an implementation of the Optimized Link State Routing protocol for GNU/Linux systems vpnd connects two networks on network level either via TCP/IP or a (virtual) leased line attached to a serial interface wapircgw wapircgw allows a WAP-capable mobile phone to easily connect to IRC networks. The only thing needed is a Linux box with an Internet connection to act as a gateway between the phone and IRC networks. waproamd a roaming daemon for wireless IEEE 802.11 NICs supporting the Linux wireless extensions. It is intended to configure the WEP keys according to the networks found wccpd a WCCP (Web Cache Coordination Protocol) server daemon. It allows a router to redirect web traffic to a group of Squid servers using WCCP as the monitoring/controling protocol WiFi Statistics Daemon WiFi Statistics Daemon is a script which generates a PNG graphing signal/noise/link levels on a selected wireless interface. xl2tpd xl2tpd a Layer 2 Tunneling Protocol (L2TP) daemon. It supports IPsec SA reference tracking, which enables the IPsec stacks to support multiple l2tp clients behind the same NAT router and multiple l2tp clients on the same internal IP address. It is a fork of "l2tpd". XORP XORP is the eXtensible Open Router Platform, an open- source router software stack. The goal is to develop a software router platform that is stable and fully featured enough for production use, and flexible and extensible enough to enable network research. It implements routing protocols for IPv4 and IPv6 and a unified means to configure them. Xvpnd XVPND is a tunneling daemon designed to make non-IP-based communication possible through IPSEC VPNs. Currently supported protocols are IP broadcast, ARP, DHCP/BOOTP, and IPX. Other protocols could be supported via additional plugins. Xyria:CDPNNTPd Xyria:CDPNNTPd is a minimalistic, easy to configure NNTP server for Unix. The server is part of the Xyria-Networkservices project and is IPv6 ready. ypbind-mt ypbind-mt is a multi-threaded implementation of a NIS binding daemon. ypbind-mt compiles and works on Linux with glibx 2.x (libc6). It should work on every System with POSIX threads and glibc 2.x. yptransitd an attempt to create a daemon that bridges NIS clients to an LDAP server Zebra a GPL'ed program that manages TCP/IP based routing protocols. It supports BGP-4 protocol as described in RFC1771 (A Border Gateway Protocol 4) and RIPv1, RIPv2 and OSPFv2 Zoltan a music playing daemon. It accepts remote commands via its own mini HTTP server and can use seamlessly Audio or Data CDs
