PostgreSQL is a robust relational database system with over 25 years of active development that runs on all major operating systems. It is fully ACID compliant, and has full support for foreign keys, joins, views, triggers, and stored procedures (in multiple languages). It includes most SQL92 and SQL99 data types, including INTEGER, NUMERIC, BOOLEAN, CHAR, VARCHAR, DATE, INTERVAL, and TIMESTAMP. It also supports storage of binary large objects, including pictures, sounds, or video. It has native programming interfaces for C/C++, Java, .Net, Perl, Python, Ruby, Tcl, and ODBC, among others, and exceptional documentation.
Snort is a network intrusion detection and prevention system. It is the most widely deployed technology of its kind in the world. It performs detection using a variety of methods including rules-based detection, anomaly detection, and heuristic analysis of network traffic. Its rules language is open source and available to the public as well.
The Advanced Bash Scripting Guide is both a reference and a tutorial on shell scripting. This comprehensive book, the equivalent of 1,032 print pages, covers almost every aspect of shell scripting. It contains 382 profusely commented illustrative examples, a number of tables, and a cross-linked index/glossary. Not just a shell scripting tutorial, this book also provides an introduction to basic programming techniques, such as sorting and recursion. Included scripts are the Game of Life, a Perquackey variant, a Morse code trainer, and an implementation of the Gronsfeld Cipher. This book is suited for both individual study and classroom use. It covers Bash, up to and including version 4.2. Note that users of miniaturized single-board computers running Linux, such as the Raspberry Pi and the Beagle Bone, would find this Guide useful for learning and running Bash scripts to explore and expand the capabilities of these small, but powerful machines.
GKrellM is a GTK-based stacked monitor program that charts SMP CPUs, disks, load, active net interfaces, and internet connections. There are also builtin monitors for memory and swap, file systems with mount/umount feature, mailbox checking including POP3 and IMAP, clock/calendar, laptop battery, sensors (temperatures, voltages, and fans), and uptime. It has LEDs for the net monitors and an on/off button and online timer for PPP. There is a GUI popup for configuration, plugin extensions can be installed, and many themes are available. It also features a client/server monitoring capability.
DansGuardian is a Web content filtering proxy that uses Squid to do all the fetching. It filters using multiple methods including, but not limited to, phrase matching, file extension matching, MIME type matching, PICS filtering, and URL/domain blocking. It has the ability to switch off filtering by certain criteria including username, domain name, source IP, etc. The configurable logging produces a log in an easy to read format. It has the option to only log text-based pages, thus significantly reducing redundant information (such as every image on a page).
HAproxy is a high-performance and highly-robust TCP and HTTP load balancer which provides cookie-based persistence, content-based switching, SSL off-loading, advanced traffic regulation with surge protection, automatic failover, run-time regex-based header control, Web-based reporting and management interface, advanced logging to help trouble-shooting buggy applications and/or networks, and a few other features. Its own event-driven state machine achieves 100,000 connections per second and surpasses GigaEthernet on modern hardware, even with tens of thousands of simultaneous connections.
chkrootkit is a tool to locally check for signs of a rootkit. It contains a chkrootkit: shell script that checks system binaries for rootkit modification. The following tests are made: aliens, asp, bindshell, lkm, rexedcs, sniffer, wted, z2, amd, basename, biff, chfn, chsh, cron, date, du, dirname, echo, egrep, env, find, fingerd, gpm, grep, hdparm, su, ifconfig, inetd, inetdconf, identd, killall, login, ls, mail, mingetty, netstat, named, passwd, pidof, pop2, pop3, ps, pstree, rpcinfo, rlogind, rshd, slogin, sendmail, sshd, syslogd, tar, tcpd, top, telnetd, timed, traceroute, and write. ifpromisc.c checks whether the interface is in promiscuous mode, chklastlog.c checks for lastlog deletions, chkwtmp.c checks for wtmp deletions, check_wtmpx.c checks for wtmpx deletions (Solaris only), and chkproc.c checks for signs of LKM trojans.
syslog-ng is a syslogd replacement for a wide variety of UNIX systems that supports IPv6 and is capable of transferring log messages reliably using TCP and SSL and filtering the content of messages using regular expressions. Both RFC3164 and RFC5424 style messages are handled, but more esoteric formats like BSD process accounting logs are supported too. Apart from regular text files, it supports storing messages into SQL and MongoDB databases, and forward messages to local processes via pipes or UNIX domain sockets. This makes syslog-ng ideal as an integration platform. syslog-ng supports extracting structured information from the traditionally text based syslog via csv-parser(), db-parser(), and patterndb. Tag based classification, rewriting messages, and outputting messages in JSON is also possible. This makes syslog-ng ideal for preprocessing events for further analysis, be that home-grown scripts or SIEM systems. syslog-ng scales well on today's multi processor and multi-core systems: reaching 1,000,000 messages per second is a reality for the simplest use cases.