Vulture - Open Source Reverse Proxy / Web Application Firewall

Vulture is a reverse proxy that features Web-SSO and application firewall. Vulture is based on Apache2, mod_perl and mod_security. Vuture interfaces between Web applications and Internet to provide unified security and authentication.

The main features of Vulture are: 

• SSO users with many methods supported 
• LDAP, SQL, text file, RADIUS server, digital certificates ... 
• Modular design allows you to add new authentication methods
• The spread of authentication protected applications 
• Encryption flow 
• Filtering and rewriting content 
• An application firewall based on ModSecurity 
• Load balancing

Download from here

Source-
http://www.vultureproject.org/

Installation
Basic Installation
System
Oracle Configuration
Configuration Vulture
Tutorials
Configuring load balancing / Failover
Proxy configuration swing
Force an application to https

IPFire 2.13 - Core 66 released - An Open Source Firewall Distribution

IPFire 2.13 is a new major version of IPFire, the Open Source Firewall distribution. The list of changes, enhancements, and fixes is endless.Following features which we’re the most excited about:

Base System

The most important components of the base system have been updated to include a brand new kernel based on the Linux 3.2 release. With that, IPFire now supports more hardware than ever before and many of the hardware problems from the past should be gone.

The most basic system libraries have been replaced as well, giving us great performance and fixing some general security issues. If you’d like to know more about this specifically, please read this post on our planet.

Quality of Service with CoDeL

In case you are struggling with a slow internet connection, CoDeL is your solution. This new algorithm shares the bandwidth fairly between all connections. It doesn’t need any configuration at all, but when tied together with our Quality of Service features, CoDeL gives you the most out of your connection.

Learn more about CoDeL in our planet post.

ARM

We have finally declared the ARM versions of IPFire as stable. Since the very first testing release back in October 2011, a multitude of things have improved. As of today, IPFire runs on many different platforms, such as Marvell Kirkwood and Texas Instruments OMAP4-based systems, and of course, the Raspberry Pi computer.

The vast amount of people who have already been using IPFire ARM since we began to port it to the ARM architecture know that there was never really any big trouble to begin with. You can find more about this over here.

IPsec VPNs with strongswan 5

The IPsec implementation strongswan recently released a new version which cleaned up a significant amount of old code, some of which has been in use for over a decade. If you want to know the details, check out the IPFire planet post.

Wireless LAN

From our wishlist, we’ve implemented proper support for 5 GHz WLANs. Read this planet post to learn about the benefits.

Latest release: IPFire 2.13 - Core 66

Please click the button to download the IPFire ISO image for i586-compatible computers. This is the default image, you will most likely need to install IPFire. You may also pick your desired architecture from the tabs above and see a list of all image formats.

Download IPFire 2.13 - Core 66 (ISO-Image - i586 - 93.4M)

Download other latest images from here

IPFire is a server distribution with intended to use as a firewall. It focuses on flexibility, and scales from small to middle sized business networks and home networks.

Along with this hardened, minimalist come lots of addons that can be installed with a simple click. That's what makes IPFire different from other firewall distributions: it is easy to configure for any task, and easy to administer once it's set up.

Features

• stateful inspection firewall based on linux netfilter architecture
• intrusion detection system with Guardian addon as extension (IPS system)
• filter for invalid/non-standard packages
• separate network segments for server (DMZ) and wireless with custom policies
• DoS attack protection
• application proxies for HTTP and FTP (with access control and content filtering) and DNS
• incoming and outgoing packet filtering
• Quality of Service and traffic shaping

Source-

http://www.ipfire.org/news/ipfire-2-13-core-66-released

Devil-Linux 1.6.3 released

Devil-Linux is a distribution which boots and runs completely from CDROM or USB flash drive. The configuration can be saved to a floppy diskette or a USB pen drive. Devil Linux was originally intended to be a dedicated firewall/router but now Devil-Linux can also be used as a dedicated server for many applications. Attaching an optional hard drive is easy, and many network services are included in the distribution.

Because boot/OS and (optionally) configuration [in a tarball] are stored on read-only media, Devil-Linux offers high security with easy and safe upgrades, the system being fully configurable with no writeable system device. If hard drive(s) are added for data storage, LVM is standard (easing expansion and backup) and software Raid is straightforward. Virtual machine use is also well supported, with VMware modules built-in.

Mon 31st Dec,2012 - Devil-Linux 1.6.3 released

Author - Heiko

Devil-Linux 1.6.3 has been released! This release brings lots of software updates, in addition to support for being a file and backup server for Apple computers. Please see the change log for details.

Devil-Linux Downloads

Hungary

Luxembourg

• Centre de Technologie de l'Education FTP
• Centre de Technologie de l'Education HTTP

Greece

• University of Crete / Computer Center FTP
• University of Crete / Computer Center HTTP

Worldwide

• Sourceforge HTTP

USA

Austria

• TU Wien FTP
• TU Wien HTTP
• TU Graz FTP

Germany

• Linjection HTTP

France

• Institut Pierre-Simon Laplace - CNRS RSYNC
• Institut de Recherche et Coordination Acoustique/Musique FTP
• Université des Sciences et Technologies de Lille
• Institut Pierre-Simon Laplace - CNRS HTTP
• Institut de Recherche et Coordination Acoustique/Musique HTTP
• Institut Pierre-Simon Laplace - CNRS FTP
• Laboratoire de Meteorologie Dynamique - CNRS

Source-

http://www.devil-linux.org/news/index.php?item=1999

m0n0wall 1.34 released

m0n0wall is a project aimed at creating a complete, embedded firewall software package that, when used together with an embedded PC, provides all the important features of commercial firewall boxes (including ease of use) at a fraction of the price (free software).
m0n0wall is based on a bare-bones version of FreeBSD, along with a web server, PHP and a few other utilities. The entire system configuration is stored in one single XML text file to keep things transparent.
m0n0wall is probably the first UNIX system that has its boot-time configuration done with PHP, rather than the usual shell scripts, and that has the entire system configuration stored in XML format.

m0n0wall provides many of the features of expensive commercial firewalls, including:

• web interface (supports SSL)
• serial console interface for recovery
  • set LAN IP address
  • reset password
  • restore factory defaults
  • reboot system
• wireless support (including access point mode)
• captive portal
• 802.1Q VLAN support
• IPv6 support
• stateful packet filtering
  • block/pass rules
  • logging
• NAT/PAT (including 1:1)
• DHCP client, PPPoE and PPTP support on the WAN interface
• IPsec VPN tunnels (IKE; with support for hardware crypto cards, mobile clients and certificates)
• PPTP VPN (with RADIUS server support)
• static routes
• DHCP server and relay
• caching DNS forwarder
• DynDNS client and RFC 2136 DNS updater
• SNMP agent
• traffic shaper
• SVG-based traffic grapher
• firmware upgrade through the web browser
• Wake on LAN client
• configuration backup/restore
• host/network aliases

m0n0wall 1.34 released on 11/12/2012

There are ready-made binary images for embedded computers from Soekris Engineering and PC Engines, a CF/IDE HD image for most standard PCs (other embedded ones may work, too) with either keyboard/monitor or serial console, a CD-ROM (ISO) image for standard PCs, a VMware image, as well as a tarball of the root filesystem. Refer to the installation instructions for information on how to install these files on the various platforms.

Known issues:

• WARNING: this version (any platform) no longer fits on 8 MB CF cards! (>= 16 MB required)
• When upgrading from generic-pc 1.2x, you must install 1.3b7 first before you install this image. Other platforms are not affected.

Changes in this release:

• Backported from beta branch:
  • Eliminate modifying GETs from webGUI pages.
    Note: the API pages exec_raw.php and uploadconfig.php now require different parameters than before. exec_raw.php now requires the cmd to be given in a POST, and both pages need a valid CSRF magic token, which can be obtained by issuing a GET first without any parameters (see example in exec_raw.php comment).
  • Make rule moving and deletion on shaper rules page work like for firewall rules.
  • Add csrf-magic for CSRF protection in webGUI.
  • Fix potential XSS in diag_ping.php and diag_traceroute.php.
• Increase key size of auto-generated webGUI certificates to 2048 bits.
• Update default webGUI certificate/key.
• Remove domain name handling from dhclient-script and change ARP command not to use sed (not used/available in m0n0wall).
• Change virtualHW version to 7 for VMWare image to avoid errors in ESX 4

Version: 1.34
Release date: 11/12/2012

Download it from here 

Source -

http://m0n0.ch/wall/downloads.php

http://m0n0.ch/wall/

MODSECURITY V-2.7.0 - Open Source Web Application Firewall

ModSecurity is a web application firewall that can work either embedded or as a reverse proxy. It provides protection from a range of attacks against web applications and allows for HTTP traffic monitoring, logging and real-time analysis.

changes version 2.7.0 :

  * Fixed Pause action should work as a disruptive action (MODSEC-297).
  * Fixed Problem loading mod_env variables in phase 2 (MODSEC-226).
  * Fixed Detect cookie v0 separator and use it for parsing (MODSEC-261).
  * Fixed Variable REMOTE_ADDR with wrong IP address in NGINX version (MODSEC-337).
  * Fixed Errors compiling NGINX version.
  * Added Include directive into standalone module. IIS and NGINX module should
    support Include directive like Apache2.
  * Added MULTIPART_INVALID_PART flag. Also used in rule id 200002 for multipart strict
    validation.
  * Updated Reference Manual.

Download latest Version :
Microsoft IIS : ModSecurityIIS_2.7.0.msi (3.1 MB)
Apache : modsecurity-apache_2.7.0.tar.gz (1.0 MB)
Download other version |
For more information & source -
http://www.modsecurity.org/

Previous posts regarding ModSecurity -
http://santoshdudhade.blogspot.in/2012/04/what-ismodsecurity-or-modsecurity.html
http://santoshdudhade.blogspot.in/2012/09/modsecurity-270-rc3-candidate-released.html
http://santoshdudhade.blogspot.in/2012/04/secure-apache-2x-web-server-with.html
http://santoshdudhade.blogspot.in/2012/07/mod-security-v267.html
http://santoshdudhade.blogspot.in/2012/06/modsecurity-v270-rc1.html

WebCastellum v1.8.3 - Java-based Open Source Web Application Firewall

Java-based Open Source WAF (Web Application Firewall) to include inside a web application in order to protect it against attacks like SQL Injection, Cross-Site Scripting (XSS), Cross-Site Request Forgery (CSRF), Parameter Manipulation and many more.

Features

• URL Encryption
• CSRF Protection
• Form Protection
• Stateful Attack Detection
• Rule-based

Download WebCastellum-1.8.3.zip (1.9 MB)

Documentation

Demo

Download other versions-

http://sourceforge.net/projects/webcastellum/files/WAF/

Visit Website -

http://sourceforge.net/projects/webcastellum/