Linux security tools, OSS Contracting, Software Development


Please note (April 2013) -- The content of is being migrated to

IpTables ROPE Now on
ROPE Is stronger STRING for Linux IpTables. It is a scripting language that runs inside the Linux kernel, and allows complex IP packet matching logic to be used in IpTables without compiling C code. The ROPE pages include download, documentation and working examples.
LinWiz On-line wizards for creating linux security configuration files, including 'iptables'.

The aim of these tools is to provide novices and experts alike with practical assistance in setting up secure networks, servers and workstations using the Linux operating system.

TCP/IP Cutter Now on
How the administrator of a Linux firewall or router can 'cut' or 'abort' a TCP/IP connection that it is routing. This is a HOWTO document and utility for TCP/IP connection cutting on Linux firewalls based on IPTables and ConnTrack
Firewallable Linux NFS Notes on setting up the Linux NFS service in such a way that it can be secured and/or exported using simple firewalls.
P2PWall - Firewalling Kazaa, WinMX, Gnutella etc Now on
Notes and software for controlling traffic from P2P clients such as Kazaa, KazaaLite, iMesh, Grokster, WinMX, Gnutella (including LimeWire) etc using a Linux 'iptables' based firewall
SquidGuard for Smoothwall and IPCop Now on
Notes on installing the 'SquidGuard' web filter software into a GPL SmoothWall or IPCop firewall systems.
Installing the hidden treasures of IPTables Notes on adding some of the hidden treasures of IPTables that are burried in the 'patch-o-matic' bundle. This note walks you through the adding of the 'string match' patch (as used by the Kazaa-blocking 'ftwall' software) but is applicable to the other available add-ins.

The notes relate to an article I wrote about the hidden treasures of Iptables, which was published in the April 2004 issue of the Linux Journal.

TapeIO Now on
Command-line tape device I/O and control utility for NT and related platforms. Allows command line tools like 'tar' and 'cpio' to access the NT tape drive in the same kind of way as they do in unix systems.