Hiawatha 9.13

Function: Smaller, more secure web server

Source: https://www.hiawatha-webserver.org

License: GPLv2

Alternatives: Lighttpd

There is truly no shortage of web servers in Linux. Hiawatha is a lean alternative that owes its name to a legendary Iroquois chief. According to developer Hugo Leisink, the monolithic server's focus is on security, low resource consumption, and easy configuration. Hiawatha supports CGI and FastCGI, PHP, and SSL.

Installing from source is quickly done. Hiawatha has a single setup file in which administrators can, among other things, determine the interfaces and ports on which the server accepts connections. You can also limit the number of connections altogether or by IP address. To anonymize the users' access data, you should set the AnonymizeIP option for the logs. Hiawatha provides WebDAV support and a reverse proxy and allows you to set up multiple virtual hosts.

A number of optional security functions detect denial-of-service (DoS) attacks, SQL injections, cross-site scripting (XSS) attacks, and cross-site request forgery (CSRF) attacks and blocks conspicuous computers. The man page indicates that there is no guarantee that the web server will reliably detect all attack attempts. Anyone wanting to test their own configuration should use the wigwam tool – this is also included in the source archive.

4 Stars   Hiawatha can be installed and set up quickly, but if you want to become familiar with the multitude of advanced features, you should plan a bit of time to study the man page and the instructions on the project page in detail.

Pam_honeycreds.so 1.1

Function: Login accesses at a glance.

Source: http://www.cjpaget.co.uk/Code/pam_honeycreds

License: GPLv3

Alternatives: Kippo

Those who think of projects such as Honeypot or Honeynet when they hear the name of this library are not entirely wrong. Pam_honeycreds.so is a PAM module that system administrators can use to go hunting for password thieves or to analyze brute force attacks. After unpacking and compiling the sources, administrators can integrate it into the existing Pam configuration (/etc/pam.d), as described in the documentation.

You can influence the module's behavior with various parameters. For example, user determines a username or a name pattern, and file provides a file with passwords to which Pam_honeycreds.so, in combination with the usernames, should respond. The deny option refuses access to the system if there is a match; alternatively, you can define an external script or program to execute. denyall, on the other hand, prohibits all login attempts. Pam_honeycreds.so logs each login processes with the use of Syslog. The recorded user data ends up in /var/log/auth.log.

The manual on the project page supplies a list of all parameters and examples from practice. Because integrating the module in the PAM configuration of modern distributions can be tricky, the system administrator should perform the first tests on a virtual computer – setting the wrong option can too easily lock all login attempts.

3 Stars   Administrators can expand their security concept using Pam_honeycreds.so. The setup is not completely trivial; the documentation on the website helps with the first steps.

XDM 4

Function: Graphical download manager

Source: http://xdman.sourceforge.net

License: GPLv3

Alternatives: Down Them All, Aria 2

Most web browsers have integrated download managers that are quite sufficient for everyday use. However, anyone looking for a more powerful solution should take a look at the Xtreme Download Manager (XDM). The tool requires Java 6 or later, and the installation script stores the binary in the home directory of the user.

A tidy interface appears once started. Depending on your desktop environment, XDM is integrated into the system section of the respective control bar. Users can add new download links via Add URL which XDM will edit immediately or, if desired, at a later date. XDM automatically inserts links from the clipboard into the field.

Users can specify access data, a name, and a directory for the target file for each download. Alternatively, the program uses the default values from its configuration file. Besides buttons for pausing and resuming, the menubar offers an entry for YouTube, which puts films from the portal onto the disk.

XDM manages data transfers in categories. The program distinguishes between completed and current transfers and classifies them into compressed files, documents, music, programs, and videos. The tool works with the major web browsers. There are add-ons for Firefox and Chrome, and XDM can act as a proxy for other browsers.

5 Stars   The powerful download manager leaves nothing to be desired. It is well integrated into desktops, and tapping data from the clipboard saves time.