Free security architecture software for linux

Af-Arch is being developed to give GNU/Linux a new middle-ware for building enterprise managing applications, typically database oriented.
Af-Arch is a complete set of libraries and tools which allows to develop distribuited system especially designed to face problems about bussiness applications.
Actually, Af-Arch is really robust and stable, having systems installed on many environments. Af-Arch, at this moment, runs on GNU/Linux and Microsoft Windows.
AF Architectures license schema is based on GPL and LGPL, allowing you to develop not only open source applications but also comercial applications without any royalty or fee.
Af-Arch is a strongly documented project, which is proved to work. Af-Arch keeps on evolving and growing its feature list allways keeping in mind productivity.
Enhancements:
- A new major stable release have come with many interesting features, library dependencies news, new API to make life easy and a bunch of work to make the library to be memory efficient.
- Af-Arch no longer depends on GDA library (http://www.gnome-db.org). Now AfGs, server side support for Af-Arch, includes built-in database abstraction support, implemented to fit better with the Af-Arch framework. For more details check the "libafgs" log below.
- Af-Arch platform now support three new return types: AfDalNodeData, AfDalStringData and AfDalDecimalData, which allows services to return a module node, a plain string and a decimal value as a result for the invocation.
- Af-Arch now support a new formal parameter service AfDalSetOf which implements set of items to be sent while the service is invoked.
- af-gen tool now support defining string literals that are separated by "+" sign, making it easy to write long SQL sentences.
- af-gen tool now allow to generate type definitions that could extend, making it possible to create a class hierarchy for types to be returned by services.
- libafdal core library now implements a better error reporting mechanism which allows to receive all errors generated while performing invocation at the reply process code.
- New reserved services have been added: element_peek_reference which allows to get the node associated to a module which is relationed through the 0..1 link.

An open Quality of Service Architecture is an open architecture for the provisioning of Quality of Service related functionality into the Linux kernel.
The project features a flexible, portable and lightweight software architecture for supporting QoS related services on the top of a general-purpose operating system as Linux. The architecture is well founded on formal scheduling analysis and control theoretical results.
At the core of the software there is an adaptive Resource Reservation layer that is capable of dynamically adapting the CPU allocation for QoS aware applications based on its run-time requirements.
As it is highlighted by the AQuoSA architecture, the project is mainly composed of two components:
- the QoS Res module, for which you can browse online the kernel, application and internal APIs
- the QoS Mgr module, for which you can browse online the kernel, application and internal APIs
Enhancements:
- Some bug fixed

Growler is a C++-based distributed object and event architecture. The software is written in C++, and supports serialization of C++ objects as part of its Remote Method Invocation, Event Channels, and in its Interface Definition Language.

Its primary application has been in support of interactive, distributed and collaborative visualization, computational steering, and concurrent visualization.

Luke Macken Security LiveCD provides a fully functional livecd based on Fedora for use in security auditing, forensics research, and penetration testing.
Main features:
- All of the security features and tools Fedora has to offer
- Features from the FedoraLiveCD
- Ability to install directly to hard drive
Spinning your own
# yum install mercurial livecd-tools
$ hg clone http://hg.lewk.org/security-livecd
# livecd-creator --config security-livecd/fedora-security-livecd.ks --fslabel=Fedora-7-Security-LiveCD
Making changes to the LiveCD is as simple as modifying the fedora-security-livecd.ks configuration file.

The Linux Security Auditing Tool (LSAT) is a post install security auditor for Linux/Unix.
Linux Security Auditing Tool checks many system configurations and local network settings on the system for common security/config errors and for packages that are not needed.
It (for now) works under Linux (x86: Gentoo, RedHat, Debian, Mandrake; Sparc: SunOS (2.x), Redhat sparc, Mandrake Sparc; Apple OS X).
Enhancements:
- The dependency on the popt library has been removed.
- This release adds extra passwd and group checks under Linux, a check for failed logins under Linux/Solaris, a check for kernel modules under Solaris, network interface stats, and routing checks. It fixes a problem in checknetforward giving false positives, and an issue where verbose output was not very consistent.
- The kernel module check under Linux has been modified.

The Network Security Monitor Daemon is a lightweight network security monitor for TCP/IP LANs. It will capture certain network events and record them in a relational database. The recorded data is available for analysis through a CGI-based interface.
You can run test version with ./Monitord, just to see how it works. Production version should be run in background, v.g. with nohup ./monitord &. Both versions will accept a device name as a parameter (default: eth0). You can send them SIGHUP at any time to print some stats. If you send SIGTERM, SIGQUIT or SIGINT, all threads will end gracefully.
Enhancements:
- Linux Kernel with "packet sockets" and "socket filtering" support.
- GNU C Library 2 (glibc2) with LinuxThreads support. (integrated in most recent versions).
- Full MySQL, including headers and libmysqlclient_r.
- GNU C Compiler (gcc).
- GNU Make (make).
- Perl (perl).
- Wget (wget).
Enhancements:
- Added chmod 4755 ... in Makefile
- Root should run make now, but not the daemon ;-)
- The daemon will drop root privileges as soon as possible
- (after creating the raw socket with an attached linux socket
- filter and putting the interface in promiscuous mode)
- No threads run with root privileges so its much safer
- (specially the new server thread which reads remote user input)
- Added stats thread
- To calculate/mantain exponential averages
- Added server thread
- It accepts HTTP requests and serves stats in XML

XML Security Library is a C library based on LibXML2.
The library supports major XML security standards:
- XML Signature
- XML Encryption
- Canonical XML (was included in LibXML2)
- Exclusive Canonical XML (was included in LibXML2)
XML Security Library is released under the MIT Licence see the Copyright file in the distribution for details.

The Auditor security collection is a Live-System based on KNOPPIX. With no installation whatsoever, the analysis platform is started directly from the CD-Rom and is fully accessible within minutes.
Independent of the hardware in use, the Auditor security collection offers a standardised working environment, so that the build-up of know-how and remote support is made easier. Even during the planning and development stages, our target was to achieve an excellent user-friendliness combined with an optimal toolset.
Professional open-source programs offer you a complete toolset to analyse your safety, byte for byte. In order to become quickly proficient within the Auditor security collection, the menu structure is supported by recognised phases of a security check. (Foot-printing, analysis, scanning, wireless, brute-forcing, cracking).
By this means, you instinctively find the right tool for the appropriate task. In addition to the approx. 300 tools, the Auditor security collection contains further background information regarding the standard configuration and passwords, as well as word lists from many different areas and languages with approx. 64 million entries.
Current productivity tools such as web browser, editors and graphic tools allow you to create or edit texts and pictures for reports, directly within the Auditor security platform. Many tools were adapted, newly developed or converted from other system platforms, in order to make as many current auditing tools available as possible on one CD-ROM.
Tools like Wellenreiter and Kismet were equipped with an automatic hardware identification, thus avoiding irritating and annoying configuration of the wireless cards.
Enhancements:
New & Updated tools:
- proxychains 1-8-1 (for example scanning over proxy more easy)
- yersinia-0.5.4
- kismet-logfile-viewer klv.pl and klc.pl
- ntp fingerprinting tool
- tftp bruteforce tool
- snmp fuzzer
- cisco torch 0.4b
- unicornscan 0.4.2
- packit
- sendip
- nasl 2.2.4
- tcpick
- cryptcat
- amap version 4.8
- tcpsplit
- Ethereal version 10.11
- ettercap-ng-0.72 and modified the etter.conf
- replaced tinysnmp with snmp tools
- vnc2swf /usr/X11R6/bin/recordwin and vnc2swf
- edit_vnc2swf.py
- edit_mp3.py
- wpa-supplicatiant 0.3.8
- hostapd-utils 0.3.7
- ssldump
- fragrouter
- Metasploit 2.4 including all known updates
- airsnarf, but no menu at moment
- fakeap to /opt/auditor but no menu entry at moment, need to write a shell script
- dsniff 2.4b1-10
- nessus plugins updated
- exploit tree updated
- Snort 2.3.2-5
- Bleeding-edge rules for snort
- New aircrack
- New airsnort
- Bet i forgot some to mention.
New & updated drivers:
- rt2400 linux drivers and utils (untested)
- rtl8180 driver (8180_26_private.ko and open8180.ko and /usr/local/bin/wlanup and /usr/local/bin/wlandown) (Untested)
- hostap drivers 0.3.7
- ipw2100 & ipw2200 incl firmware, incl monitor mode
- Prism54 with injection patch
- Linux-wlan-ng with injection patch
- Madwifi with injection patch
- ACX drivers are back on cd
Addons:
- Default password list has been updated
- Added some changes to the network stack using /etc/sysctl.conf, which will be called from knoppix-autoconfig script
- New background image
Some fixes i remember:
- Kernel completely rebuilded to provide full functionality
- Isolinux now accepts bootparameters again
- USB drivers are back to /dev/sda and booting from stick works fine
- grub files have been fixed
- fixed hostname /etc/hosts
- /cdrom/index.html pointed to the old forum fixed that
- Added cardctl eject, cardctl insert into switch-to-XY scripts
- Fixed the homebutton of the konquerror when clicked first time
- Fixed the menuentry for nessus