Free open security architecture software for linux

An open Quality of Service Architecture is an open architecture for the provisioning of Quality of Service related functionality into the Linux kernel.
The project features a flexible, portable and lightweight software architecture for supporting QoS related services on the top of a general-purpose operating system as Linux. The architecture is well founded on formal scheduling analysis and control theoretical results.
At the core of the software there is an adaptive Resource Reservation layer that is capable of dynamically adapting the CPU allocation for QoS aware applications based on its run-time requirements.
As it is highlighted by the AQuoSA architecture, the project is mainly composed of two components:
- the QoS Res module, for which you can browse online the kernel, application and internal APIs
- the QoS Mgr module, for which you can browse online the kernel, application and internal APIs
Enhancements:
- Some bug fixed

Luke Macken Security LiveCD provides a fully functional livecd based on Fedora for use in security auditing, forensics research, and penetration testing.
Main features:
- All of the security features and tools Fedora has to offer
- Features from the FedoraLiveCD
- Ability to install directly to hard drive
Spinning your own
# yum install mercurial livecd-tools
$ hg clone http://hg.lewk.org/security-livecd
# livecd-creator --config security-livecd/fedora-security-livecd.ks --fslabel=Fedora-7-Security-LiveCD
Making changes to the LiveCD is as simple as modifying the fedora-security-livecd.ks configuration file.

Adaptive Quality of Service Architecture (AQuoSA) is an open architecture for the provisioning of adaptive Quality of Service functionality into the Linux kernel. The project features a flexible, portable, lightweight and open architecture for supporting soft real-time applications with facilities related to timing guarantees and QoS, on the top of a general-purpose operating system as Linux.
At the core of the architecture there is an adaptive resource reservation layer that is capable of dynamically adapting the CPU allocation for QoS aware applications based on their run-time requirements.
Timing guarantees are provided through an in-kernel reservation based process scheduler, whose services are exposed to applications through a well-designed API.
A supervisor performs admission control, so that admitting into the system new applications with timing guarantees does not affect the timing guarantees of already admitted applications. Also, it takes care of guaranteeing appropriate security policies in the assignment of timing guarantees to users and user groups, as configured by the system administrator.
A feedback-based QoS control layer may be optionally used by applications who want to keep their timing guarantees by using a CPU allocation that is continuously adapted according to their actual needs. This leaverages the programmer, within certain limits, to hard-code any particular reservation amount within the application, because the best allocation is found out automatically at run-time. Also, this enhances the possibilities for the system to host additional QoS controlled applications. The available control algorithms are well founded on formal scheduling models and control theoretical results.
Enhancements:
- This release introduces a couple of flags useful when creating servers. If QOS_F_PERSISTENT is enabled, a server is allowed to exist beyond detach of the last task. If QOS_F_SOFT is enabled, a server tasks are scheduled by the Linux default scheduler/policy, when outside of the server reservation.
- Also, various stability issues in destroying servers have been fixed, also thanks to a new release of the generic scheduler patch for the Linux kernel (gs-2.2).

Af-Arch is being developed to give GNU/Linux a new middle-ware for building enterprise managing applications, typically database oriented.
Af-Arch is a complete set of libraries and tools which allows to develop distribuited system especially designed to face problems about bussiness applications.
Actually, Af-Arch is really robust and stable, having systems installed on many environments. Af-Arch, at this moment, runs on GNU/Linux and Microsoft Windows.
AF Architectures license schema is based on GPL and LGPL, allowing you to develop not only open source applications but also comercial applications without any royalty or fee.
Af-Arch is a strongly documented project, which is proved to work. Af-Arch keeps on evolving and growing its feature list allways keeping in mind productivity.
Enhancements:
- A new major stable release have come with many interesting features, library dependencies news, new API to make life easy and a bunch of work to make the library to be memory efficient.
- Af-Arch no longer depends on GDA library (http://www.gnome-db.org). Now AfGs, server side support for Af-Arch, includes built-in database abstraction support, implemented to fit better with the Af-Arch framework. For more details check the "libafgs" log below.
- Af-Arch platform now support three new return types: AfDalNodeData, AfDalStringData and AfDalDecimalData, which allows services to return a module node, a plain string and a decimal value as a result for the invocation.
- Af-Arch now support a new formal parameter service AfDalSetOf which implements set of items to be sent while the service is invoked.
- af-gen tool now support defining string literals that are separated by "+" sign, making it easy to write long SQL sentences.
- af-gen tool now allow to generate type definitions that could extend, making it possible to create a class hierarchy for types to be returned by services.
- libafdal core library now implements a better error reporting mechanism which allows to receive all errors generated while performing invocation at the reply process code.
- New reserved services have been added: element_peek_reference which allows to get the node associated to a module which is relationed through the 0..1 link.

Ubuntu Security Notice Monitor is a karamba theme that displays the ten most recent USN report titles in a desktop widget.

Ubuntu Security Notice Monitor works by parsing the link text out of the USN page at http://www.ubuntulinux.org/usn using a Python backend.

Thanks goes to Richard "Ricardo" Szlachta for the graphics work.

The Auditor security collection is a Live-System based on KNOPPIX. With no installation whatsoever, the analysis platform is started directly from the CD-Rom and is fully accessible within minutes.
Independent of the hardware in use, the Auditor security collection offers a standardised working environment, so that the build-up of know-how and remote support is made easier. Even during the planning and development stages, our target was to achieve an excellent user-friendliness combined with an optimal toolset.
Professional open-source programs offer you a complete toolset to analyse your safety, byte for byte. In order to become quickly proficient within the Auditor security collection, the menu structure is supported by recognised phases of a security check. (Foot-printing, analysis, scanning, wireless, brute-forcing, cracking).
By this means, you instinctively find the right tool for the appropriate task. In addition to the approx. 300 tools, the Auditor security collection contains further background information regarding the standard configuration and passwords, as well as word lists from many different areas and languages with approx. 64 million entries.
Current productivity tools such as web browser, editors and graphic tools allow you to create or edit texts and pictures for reports, directly within the Auditor security platform. Many tools were adapted, newly developed or converted from other system platforms, in order to make as many current auditing tools available as possible on one CD-ROM.
Tools like Wellenreiter and Kismet were equipped with an automatic hardware identification, thus avoiding irritating and annoying configuration of the wireless cards.
Enhancements:
New & Updated tools:
- proxychains 1-8-1 (for example scanning over proxy more easy)
- yersinia-0.5.4
- kismet-logfile-viewer klv.pl and klc.pl
- ntp fingerprinting tool
- tftp bruteforce tool
- snmp fuzzer
- cisco torch 0.4b
- unicornscan 0.4.2
- packit
- sendip
- nasl 2.2.4
- tcpick
- cryptcat
- amap version 4.8
- tcpsplit
- Ethereal version 10.11
- ettercap-ng-0.72 and modified the etter.conf
- replaced tinysnmp with snmp tools
- vnc2swf /usr/X11R6/bin/recordwin and vnc2swf
- edit_vnc2swf.py
- edit_mp3.py
- wpa-supplicatiant 0.3.8
- hostapd-utils 0.3.7
- ssldump
- fragrouter
- Metasploit 2.4 including all known updates
- airsnarf, but no menu at moment
- fakeap to /opt/auditor but no menu entry at moment, need to write a shell script
- dsniff 2.4b1-10
- nessus plugins updated
- exploit tree updated
- Snort 2.3.2-5
- Bleeding-edge rules for snort
- New aircrack
- New airsnort
- Bet i forgot some to mention.
New & updated drivers:
- rt2400 linux drivers and utils (untested)
- rtl8180 driver (8180_26_private.ko and open8180.ko and /usr/local/bin/wlanup and /usr/local/bin/wlandown) (Untested)
- hostap drivers 0.3.7
- ipw2100 & ipw2200 incl firmware, incl monitor mode
- Prism54 with injection patch
- Linux-wlan-ng with injection patch
- Madwifi with injection patch
- ACX drivers are back on cd
Addons:
- Default password list has been updated
- Added some changes to the network stack using /etc/sysctl.conf, which will be called from knoppix-autoconfig script
- New background image
Some fixes i remember:
- Kernel completely rebuilded to provide full functionality
- Isolinux now accepts bootparameters again
- USB drivers are back to /dev/sda and booting from stick works fine
- grub files have been fixed
- fixed hostname /etc/hosts
- /cdrom/index.html pointed to the old forum fixed that
- Added cardctl eject, cardctl insert into switch-to-XY scripts
- Fixed the homebutton of the konquerror when clicked first time
- Fixed the menuentry for nessus

Network Security Toolkit is a bootable ISO live CD and its based on Fedora Core 2.
The toolkit was designed to provide easy access to best-of-breed Open Source Network Security Applications and should run on most x86 platforms.
The main intent of developing this toolkit was to provide the network security administrator with a comprehensive set of Open Source Network Security Tools. The majority of tools published in the article: Top 75 Security Tools by insecure.org are available in the toolkit.
What we find rather fascinating with NST is that we can transform most x86 systems (Pentium II and above) into a system designed for network traffic analysis, intrusion detection, network packet generation, wireless network monitoring, a virtual system service server, or a sophisticated network/host scanner.
This can all be done without disturbing or modifying any underlying sub-system disk. NST can be up and running on a typical x86 notebook in less than a minute by just rebooting with the NST ISO CD. The notebooks hard disk will not be altered in any way.
NST also makes an excellent tool to help one with all sorts of crash recovery troubleshooting scenarios and situations.
Enhancements:
- We are pleased to announce the latest NST release: v1.5.0. This release is based on Fedora Core 5 using the Linux kernel 2.6.18. Here are some of the highlights for this release: the NST Web User Interface (WUI), has been greatly enhanced and cleaned up; extensive additions to managing and analyzing network packet captures; the ability to setup and manage printers; the ability to easily mount many different supported file system types; the ability to manage the NST as a file server (both NFS and CIFS); the addition of the Inprotect package (a Nessus manager); the addition of the Zabbix package (another network resource monitoring tool - similar to Nagios)....

Open Source in Tab is an extension which opens the pages source file in a new tab.

Opens the pages source file in a new tab. Has a preference to either open source in a new tab or existing tab.