GNUnet is a framework for secure and anonymous peer-to-peer networking that does not use any centralized or otherwise trusted services. Currently, the framework offers censorship-resistant file-sharing, messaging, VPN, GNS (a decentralized version of DNS), and much more. GNUnet is currently developed by a worldwide group of independent free software developers. GNUnet is a GNU package (http://www.gnu.org/).
Splinter redirects IPv4 TCP connections to other destinations based on the source address, an alternative approach to kernel controlled firewalling.
Nmap ("Network Mapper") is a network utility for service discovery, monitoring and security auditing. Nmap utilizes raw IP packets for host discovery, port scanning, OS fingerprinting, firewall probing, and generating various statistics. It permits inspecting large network ranges but also works for single server checks. It's cross-platform compatible and also provides a X11 reporting GUI with Zenmap, and Ncat for data transfer and debugging, Ndiff for result comparison, and Nping for response an
Vortex Library is an implementation of the RFC 3080 and RFC 3081 standard definitions, known as the BEEP Core protocol, implemented on top of the TCP/IP stack. It comes with complete XML-RPC over BEEP RFC 3529 support, complete support for the TUNNEL profile (which allows you to perform proxy operations for every BEEP profile developed), support for HTTP proxies, and more. The API is consistent, easy to use, and allows you to write application protocols very quickly. The API is designed to allow
Zabbix is an enterprise-class distributed monitoring solution designed to monitor and track performance and availability of network servers, devices, and other IT resources. It supports distributed and Web-based monitoring, auto-discovery, real-time monitoring, SLA assurance, trending, and more.
r-tftpd is a tftp server with RFC 7440 "windowsize" support.
BIRD is a dynamic IP routing daemon supporting both, IPv4 and IPv6, Border Gateway Protocol (BGPv4), Routing Information Protocol (RIPv2, RIPng), Open Shortest Path First protocol (OSPFv2, OSPFv3), Babel Routing Protocol (Babel), Bidirectional Forwarding Detection (BFD), IPv6 router advertisements, static routes, inter-table protocol, command-line interface allowing on-line control and inspection of the status of the daemon, soft reconfiguration as well as a powerful language for route filtering
mrouted is an implementation of the IPv4 multicast routing protocol DVMRP, RFC 1075. It is capable of turning a UNIX workstation, or Linux device, into a multicast router with tunneling support. Support for IGMPv1, IGMPv2, and IGMPv3. Comes with mroutectl for interacting with the daemon.
pimdd is a stand-alone PIM-DM multicast routing daemon available under the BSD license. This is the restored original from University of Oregon, by Kurt Windisch. pimdd is a PIM Dense Mode (PIM-DM) implementation based on pimd, which is the PIM Sparse Mode (PIM-SM) reference implementation, by Ahmed Helmy, Rusty Eddy and Pavlin Ivanov Radoslavov. PIM-DM is a significantly less complex protocol than PIM-SM. PIM-DM works on the principle that it is probable that any given multicast stream will
Dante is a free implementation of the proxy protocols SOCKS version 4 and SOCKS version 5 (RFC 1928). It can be used as a firewall between networks, controlling outgoing traffic. The package consists of two parts: a socks server and a proxy client that supports socks, HTTP proxies, and UPnP. RFC 1961 (GSSAPI) is supported in both the client and the server. Commercial support is available.
Quoting their home page: MicroPython is a lean and efficient implementation of the Python 3 programming language that includes a small subset of the Python standard library and is optimised to run on microcontrollers and in constrained environments.
Knocker is a simple and easy to use TCP security port scanner written in C to analyze hosts and all of the different services started on them. It is available for Linux, FreeBSD, HP-UX, and Windows9x/2000/NT and it is licensed under the GNU General Public License GPL
OpenMPTCProuter is a solution to aggregate and encrypt (and can obfuscate) multiple internet connections and terminates it over any VPS which make clients benefit security, reliability, net neutrality, as well as dedicated public IP. The aggregation is based on Multipath TCP (MPTCP), which is ISP, WAN type, and latency independent "whether it was Fiber, VDSL, SHDSL, ADSL or even 4G", different scenarios can be configured to have either aggregation or failover based on MPTCP. Aggregation via Mu
A simple tc command wrapper tool. Easy to setup traffic control of network bandwidth/latency/packet-loss/packet-corruption to network interfaces.
WMND is a dockapp for monitoring network interfaces under WindowMaker and other compatible window managers. WMND can monitor multiple interfaces at the same time, sports several display modes and can also monitor remote interfaces through SNMP.
NetHogs is a small 'net top' tool. Instead of breaking the traffic down per protocol or per subnet, like most tools do, it groups bandwidth by process. NetHogs does not rely on a special kernel module to be loaded. If there's suddenly a lot of network traffic, you can fire up NetHogs and immediately see which PID is causing this. This makes it easy to identify programs that have gone wild and are suddenly taking up your bandwidth. Since NetHogs heavily relies on /proc, most features are only a
IPFire is a Linux firewall distribution that is built from source and comes with lots of additional features. It is easy to set up and administer. It features a firewall with stateful inspection, a content filtering engine, traffic control (QoS), VPN technology, and a lot of logging.
OpenWRT is a Linux distribution for wireless routers and low-resource embedded devices. It provides a coherent base system for different plattforms, various hardware and firmware drivers, and a Debian-style packaging system for application and add-on packages. The JSON-RPC based admin web interface LuCI makes configuration very user-friendly, but keeps the similar SSH and command line UCI interface and /etc files accessible. With its own PROCD system event daemon it can immediately respond to up
curl and libcurl is a tool for transferring files using URL syntax. It supports HTTP, HTTPS, FTP, FTPS, SCP, SFTP, TFTP, DICT, TELNET, LDAP, POP3, IMAP, SMTP, RTSP, RTMP, and FILE, as well as HTTP-post, HTTP-put, cookies, FTP upload, resumed transfers, passwords, port numbers, SSL certificates, Kerberos, and proxies. It is powered by libcurl, the client-side URL transfer library. There are bindings to libcurl for about 40 languages and environments.
ivykis is a library for asynchronous I/O readiness notification. It is a thin, portable wrapper around OS-provided mechanisms such as /dev/poll, epoll_create(2), kqueue(2), poll(2), and port_create(3C). ivykis was mainly designed for building high-performance network servers, but can be used as building block for any kind of event-driven application that uses poll(2)able file descriptors as its inputs.
fping is a program to send ICMP echo probes to network hosts, similar to ping, but much better performing when pinging multiple hosts.
Trottinett was written to allow a laptop computer to quickly switch between a wired and a wifi connection, optionally using the same MAC address for both interfaces.
tinc is a Virtual Private Network (VPN) daemon that uses tunneling and encryption to create a secure private network between multiple hosts on the Internet. This tunneling allows VPN sites to share information with each other over the Internet without exposing any information.
Net::Transmitter provides a stream wrapper that ensures data integrity over network connections, such as HTTP transfers and raw TCP sockets. It abstracts blocking read/writes and esnures to fetch the complete packet stream, avoiding manual state keeping and loop probing.
"Why Can't I Connect?" diagnoses network settings and protocols to resolve TCP/IP connection issues. It supports various SQL servers, FTP and SFTP file transfers, SMTP and IMAP/POP3 for email applications, as well as IRC, LDAP, Usenet. It can also probe raw and generic TCP/IP connections.
OpenVPN is a full-featured open source SSL VPN solution that accommodates a wide range of configurations, including remote access, site-to-site VPNs, Wi-Fi security, and enterprise-scale remote access solutions with load balancing, failover, and fine-grained access-controls. Starting with the fundamental premise that complexity is the enemy of security, OpenVPN offers a cost-effective, lightweight alternative to other VPN technologies that is well-targeted for the SME and enterprise markets.
* Compiler for the eC Language * Cross-Platform API * 2D Graphics Engine (Bitmaps, Fonts...) * Networking Library (Sockets, Remote objects, HTTP) * Development Environment (Code Editor, Projects, Debugging, Form designer) * Graphical User Interface * 3D Graphics Engine * Database Access (SQLite support) * Build System (Generate cross-platform Makefiles)
Dowse is a transparent proxy facilitating the awareness of ingoing and outgoing connections, from, to, and within a local area network. Dowse provides a central point of soft control for all local traffic: from ARP traffic (layer 2) to TCP/IP (layers 3 and 4) as well as application space, by chaining a firewall setup to a trasparent proxy setup. A core feature for Dowse is that of hiding all the complexity of such a setup.
pimd is a lightweight, stand-alone implementation of the Protocol Independent Multicast-Sparse Mode (PIM-SM/SSM) specification.
etherpoke is a scriptable network session monitor. etherpoke defines three events: SESSION_BEGIN, SESSION_END, SESSION_ERROR to which a hook (system command) can be assigned. The event hook can be any program installed in the system. SESSION_BEGIN is triggered when the first packet matching the filter rule is captured. SESSION_END is triggered when the time since the last matching packet was captured exceeds the session timeout. SESSION_ERROR is triggered when it is no longer possible to pro
FreeBSD is an operating system and a major BSD distribution, which focuses on stability, performance, cutting-edge features and security. It's both UNIX® and Linux-compatible, ports a wide range of applications (24000), is suitable for server, embedded and desktop use. Has robust networking capabilities, cross-platform support, hardware and KMS/drm2 video drivers, hardware and network virtualization support, jails, dtrace, capsicum, understands ZFS and other filesystems, and simple installation
The WendzelNNTPd is a IPv6-ready NNTP usenet-server with the main goal to be as easy to use as possible. It is portable (Linux/*BSD/*nix), supports AUTHINFO authentication, contains ACL as well as role based ACL and supports invisible newsgroups. It currently supports MySQL and SQLite backends.
ArpON is a daemon that handles and inspects ARP (address resolution protcol) requests and thusly can prevent MITM attacks, ARP sppofing, cache or route poisoning. It also blocks related network attacks like ARP sniffing, hijacking, or injection, or higher-level DNS and HTTP request/session spoofing, or SSL/TLS circumvention. It also protects networks with proactive (network interface or system shutdown) and dynamic ARP traffic inspections in complexer setups.
HAproxy is a high-performance and highly-robust TCP and HTTP load balancer which provides cookie-based persistence, content-based switching, SSL off-loading, advanced traffic regulation with surge protection, automatic failover, run-time regex-based header control, Web-based reporting and management interface, advanced logging to help trouble-shooting buggy applications and/or networks, and a few other features. Its own event-driven state machine achieves 100,000 connections per second and surpa
For users on Linux and Unix, KDE offers a full suite of user workspace applications which allow interaction with these operating systems in a modern, graphical user interface. This includes Plasma Desktop, KDE's innovative and powerful desktop interface. Other workspace applications are included to aid with system configuration, running programs, or interacting with hardware devices. While the fully integrated KDE Workspaces are only available on Linux and Unix, some of these features are availa
rsync is a replacement for rcp (and scp) that has many more features. It uses the "rsync algorithm" which provides a very fast method for remote files into sync. It does this by sending just the differences in the files across the link, without requiring that both sets of files are present at one of the ends of the link beforehand.
Hotspotd is a daemon to create a WiFi hotspot on Linux. It uses the standard hostapd program for access-point provisioning and establishes a NAT (Network address translation) with the target device using the iptables firewall. Hotspotd uses dnsmasq to allocate ip-addresses in a pre-defined range for target devices.