Network Traffic Analyser (formerly known as sniffer) is designed to be an extremely powerful, configurable, and versatile tool for monitoring network traffic. It can be used as a plain sniffer, as a tool for accounting, dynamic firewall updates, and many more things. It features scripting support and an event-driven architecture.
SOFFIC is a Linux kernel patch that provides file integrity control integrated into the normal system operation (on-the-fly). It checks a file's integrity each time a monitored file is opened for reading or execution, and issues a warning if it is found to be invalid. It protects against rootkits, backdoors, worms, viruses, Web defacement, unauthorized installation and use of new software (e.g. malicious tools), etc.