The blackhole project is a solution to simplify routing|
and firewalls. It simplifies yet increases security and flexibility.
It is meant for datacenters. It allows communication between independent
networks using a central configuration (who can talk to who).
It does so while making all routing and firewalling simple,
restrictive and uniform across all servers and firewalls.
Host based intrusion detection|
using enhanced bsd accounting files.
It spots unusual process trees
(ex: httpd calling something it never called before).
It works in combination with the vserver project.