The Analysis Console for Intrusion Databases (ACID) is a PHP-based analysis engine to search and process a database of incidents generated by security-related software such as IDSes and firewalls (e.g., Snort or ipchains). It provides a search interface for finding alerts matching practically any criteria. This includes arrival time, signature time, source/dest address/port, flags, payload, etc. ACID also provides the ability to annotate and logically group related events, delete false positives, or archive alerts among databases. Finally, a variety of statistics and graphs can be generated based on time, IP address, ports, alert classification, and sensor.
ACL2 is a mathematical logic, programming language, and mechanical theorem prover based on the applicative subset of Common Lisp. It is an "industrial-strength" version of the NQTHM or Boyer/Moore theorem prover, and has been used for the formal verification of commercial microprocessors, the Java Virtual Machine, interesting algorithms, and so forth.
ADMLogger is a log analyzing engine. Using this core, users could easily build upon it with plugins. With very little Perl programming knowledge, it may become a powerful tool in a System Administrator's toolbox. ADMLogger creates email reports that can be formatted plain text or full HTML, which is up to the plugin designers to support. The main system has an HTML preference, so if your plugin ignores it, so be it. ADMLogger will also remove all filtered entries from the main syslog file into a second file so your other entries are more noticable.
AIM Sniff is a utility for monitoring and archiving AIM and MSN messages across a network. It can be used to monitor for cases of harassment or warez trading. It has the ability to do a live dump (actively sniff the network) or read a PCAP file and parse the file for IM messages. You also have the option of dumping the information to a MySQL database or STDOUT. AIM Sniff will also monitor for an IM login and then perform an SMB lookup on the originating computer in order to match NT Domain names with IM login names (handles).
AMaViS (A Mail Virus Scanner) scans e-mail attachments for viruses using third-party virus scanners available for UNIX environments. It resides on a UNIX (Linux) machine and looks through the attached files arriving via e-mail, generates reports when a virus is found and sets the delivery on hold.