Software Map

Sphirewall is a user-centric analytical network firewall/router. Out-of-the box, it provides user authentication coupled with powerful analytics which provide you with complete control over your network and users. With Sphirewall, you can manage and understand what is happening on your network with features such as qos, bandwidth quotas, user authentication, and much more. Not built on iptables, it is able to do things which other Open Source firewalls can't. Its very flexible, and with its open JSON API, can easily be plugged into any existing environment.

Admin4 is a tool for server maintenance via several plugin modules, running on Windows, Mac OS X, Linux, and many more platforms. Currently, plugins for BIND DNS, LDAP, and PostgreSQL are included. It is designed as a framework, using Python for fast development of plugins and custom modifications. The DNS plugin should be able to query (axfr) any type of server, and performs updates via DDNS, which ensures that it won't interfere with other DDNS clients (DHCP, SAMBA4). For BIND 9.7 and up, statistics are supported as well and used to retrieve the server's zones automatically. The LDAP plugin features browsing and generic editing of all types of LDAP entries with schema support. In addition, high-level editing of objects like users, groups and samba domains is supported. Custom objectClasses and attributes can easily be added. The PostgreSQL module features a query tool with centrally stored snippets, a data tool with filter presets and a database object browser.

privacyIDEA is a multi-factor authentication solution. It can manage any type of authentication device. All common OTP (one time password) devices are supported, including Google Authenticator, eToken Pass, OTP cards, Yubikey, SMSOTP, and mTAN/mobileTAN. New devices can be added easily. Users can be retrieved from flat files, LDAP, Active Directory, SQL databases, and SCIM services. It can also handle authorization and writes all events to a digitally signed audit log, giving you basic AAA functionality.

LemonLDAP::NG is a modular Web SSO based on Apache::Session modules. It simplifies the building of a protected area with a few changes in the application. It manages both authentication and authorization and provides headers for accounting, so you can have full AAA protection for your Web space. LemonLDAP::NG is a complete rewrite of LemonLDAP. All components needed to use it and to administer it are included in the tarball. However, all modules developed for LemonLDAP may not work with LemonLDAP::NG.

Clement is an email server application. Its main function is to block unwanted mail (spam) as soon as possible in the email exchange process. It accepts or rejects email while the SMTP session, initiated by the email sender, is still pending, accepting legitimate email messages without the need to return an error status to non-existent or "borrowed" return address later. Clement can operate in two modes, either as a standard MTA (as sendmail, Postfix, Exim, Exchange, etc.) to store email in the recipient's own area, or to transmit the mail to an another SMTP server acting as smart spam filtering device. Each email domain name Clement knows about can be treated in one of these two modes depending on the group to which the domain name has been set. Each message is verified by a virus scanner (ClamAV) while the SMTP connection is still open, but the refusal of mail and the reason for refusal is notified to the actual sender. Mail management is done via a Web interface and can be delegated to three administrative levels (Root-Admin, Group-Admin, Domain-Admin). Standard users can access their own logs (sent email status, email rejected, quarantined email, etc.). With this interface, the user can handle the rejection and acceptance of mail. Users who are level "Admin" can access the session logs (via the Web interface). Clement uses a SQL database (PostgreSQL, MySQL) to store and manage logs, user profiles, and dynamic management of directives concerning the sender-receiver relationship.

SMRadius is a high performance pre-forked RADIUS AAA server. It features a highly configurable backend engine supporting flexible data specifications. Its primary goal is to provide an extremely flexible authentication platform which may serve a large number of industries, including ISPs and WiSPs.

ldapuseradd is a set of utilities that aid in the management and deployment of user accounts with support for plugins to manage requirements. The LDAP user management toolset uses a highly configurable user group profile system to distinguish targeted services. It is like an LDAP-based useradd/mod/del drop-in replacement with modular features. It scales well from small businesses to ISPs, hosting providers, and universities.

Silktree updates the /etc/passwd and /etc/group files on a list of child nodes via SSH. At the lowest level, six Debian system utilities are employed: {add,del}{user,group}, {user,group}mod. The information is transferred from the head-node to the child-nodes. Several sudo-capable mini-scripts on the child nodes ensure limitations while committing the changes. End-to-end checking ensures a reliable update.

LDAPAuthManager is a Web-based application designed to make LDAP user and group management easy and quick.

The deepOfix Mail Server makes it possible for
organizations with minimal technical expertise to
have robust server infrastructure. deepOfix offers
unprecented ease of use, doesn't require prior
GNU/Linux experience and is backed by a full-time
development and support team. deepOfix features
LDAP-based directory services for user account
management, email delivery, distribution lists,
and addressbooks. It also includes built in tools
for spam and virus control, webmail, and fetching
email.

ldap2dns is a program to read DNS (Domain Name Service) records from an LDAP directory and format them into flat files suitable for TinyDNS (or Bind). ldap2dns reduces all kinds of administration overhead: no more flat file editing, no more zone file editing. After having installed ldap2dns, the administrator only has to modify the data stored in the LDAP directory. Access control can be configured for each zone, GUIs can be more easily implemented, and all other kinds of zone and resource record information can be managed without interfering with the DNS server directly.

Self Service Password is a Web application that allows users to change their password in an LDAP directory. It can be used with standard LDAPv3 directories (OpenLDAP, OpenDS, ApacheDS, Sun Oracle DSEE, Novell, etc.) as well as with Active Directory.