Trafficmeter is a traffic collecting and logging system. It collects and groups packets by time, source IP, destination IP, protocol, source port, and destination port. You can get a detailed log of traffic for every IP without any daemon configuration work. It also gives statistics of IP incoming and outgoing traffic for a time period.
DenyThem is a program designed to protect your Linux system from malicious attacks. It is an active response system to disrupt and block dictionary attacks and DOS attacks. DenyThem by default uses /var/log/syslog and /var/log/auth.log and searches for hack attempts. When DenyThem finds enough hack attempts from a single host, it will add a DROP statement to your system's firewall, thus preventing future attacks. DenyThem uses iptables, so it will only work on Linux or any other system that uses iptables. It can also block traffic from specific countries.
Tweeter is another command line script that can update your Twitter status from the command line. It also uses the SSL link to protect your username and password. Tweeter can only post a new status; it cannot follow anyhone, send direct messages, or anything else. The username and password are not stored on the file system, so you can post to different accounts with ease. It should also work on older machines.
The Subukan Sensor is a complete Network Intrusion Detection System (NIDS) platform. It is not simply an application one can install on an existing operating system. Rather, Subukan is a total software solution including both an operating system and a unique compilation of security tools. It is based on a single file image or firmware that transforms almost any hardware equipment into a fully functional NIDS appliance. Appliance- based technology simplifies administration and provides the capability for remote upgrades.
user_info is a class to retrieve information about the browser the user is using to access the current site script. It can analyze the user agent string sent by the browser in the current HTTP request and extracts the type of browser, user machine operating system, user machine IP address, accepted character set encoding, language name, and whether the user is a spider/bot.
SiLK (System for Internet-Level Knowledge) consists of two sets of tools: a packing system and an analysis suite. The packing system receives Netflow V5 PDUs or IPFIX and converts them into a more space efficient format, recording the packed records into service-specific binary flat files. The analysis suite consists of tools that can read these flat files and then perform various query operations, ranging from per-record filtering to statistical analysis of groups of records. The analysis tools interoperate using pipes, allowing a user to develop a relatively sophisticated query from a simple beginning.
mod_log_dbd is a module for Apache 2.2+ that writes access logs to a database using the APR DBD framework. It's designed for simplicity and speed, and therefore lacks some of the features of other logging modules. It does, however, automatically create any needed tables and columns.