Muse Proxy is a highly customizable multi-platform proxy server. It is easy to use and configure, acting successfully as a gateway to authenticated restricted content, rewriting Web server, Web Access Management, proxy server, and reverse proxy. It has been used for more than 10 years within the Muse Federated Search Platform to manage the authentication to resources and the navigation to full text, by restoring the server session on the end-user browser.
LoginIDS provides functions to analyze log files from different services in order to detect unusual login behavior. The normal user behavior is learned by analyzing log files and saved in a database. Logins are analyzed by time, service, source, and destination address. If a user's login is new or considered unlikely by LoginIDS, an alert is generated. Alerts can be handled by external scripts and viewed using the log file management system Splunk and the LoginIDS App.
Zbxlog provides better integration of syslog messages (as defined in RFC 3124 and 5424) with Zabbix. Currently, Zabbix cannot process messages in syslog format; it can only process messages stored in flat files by standard syslog programs on Unix/Linux systems. This means that it can't process syslog messages from devices on which Zabbix cannot be installed. It also means that several fields of a syslog message are lost (timestamp, facility, and severity). This project adds support in Zabbix for a new kind of item: "syslog[<facility>,<regexp>,<severity>,<maxlines>]". It has been tested with Zabbix 1.8.2 and 1.8.3.
DenyThem is a program designed to protect your Linux system from malicious attacks. It is an active response system to disrupt and block dictionary attacks and DOS attacks. DenyThem by default uses /var/log/syslog and /var/log/auth.log and searches for hack attempts. When DenyThem finds enough hack attempts from a single host, it will add a DROP statement to your system's firewall, thus preventing future attacks. DenyThem uses iptables, so it will only work on Linux or any other system that uses iptables. It can also block traffic from specific countries.
Tweeter is another command line script that can update your Twitter status from the command line. It also uses the SSL link to protect your username and password. Tweeter can only post a new status; it cannot follow anyhone, send direct messages, or anything else. The username and password are not stored on the file system, so you can post to different accounts with ease. It should also work on older machines.
Seetxt is a lightweight text file and man page viewer for X windows. It maintains "document meta-data" for each user, allowing them to automatically keep bookmarks and highlights for read-only system files. It also has a "server mode" so that command line requests can be sent to a single running server rather than starting multiple instances. Other features include hypertext-style apropos (man page) searches, file monitoring, multi-level regular expression searching, a command history, and nice little toggle lights on the interface for the server and file monitor. There's also cross-application drag-n-drop support, and handy little features that allow you to view the output of shell commands and process the text buffer with an external command (sed, awk, grep, perl, etc.) Seetxt is POSIX compliant.
Lilith is a logging and access event viewer for the Logback logging framework. It has features comparable to Chainsaw, a logging event viewer for log4j. This means that it can receive logging events from remote applications using Logback as their logging backend. It uses files to buffer the received events locally, so it is possible to keep vast amounts of logging events at your fingertip while still being able to check only the ones you are really interested in by using filtering conditions.
Nagios is a host, service, and network monitoring system that will watch your network and alert you to problems before your clients or end-users do. The system runs checks on hosts and services that you specify using plugins that return status information to Nagios. When problems are encountered, the system will send notifications to system administrators so that they can take action on the problem. The JumpBox for Nagios gives you a head start to using the system. It eliminates the complexity involved in getting the application installed, and allows you to focus on the configuration for your specific environment. Since Nagios is based on plugins, depending on what you want to do this will vary in complexity.
AirSAM is a desktop GUI that compliments the Web based Snort Alert Monitor. AirSAM gives up to date insight into who might be attacking your network. The ultimate goal is to give audio/visual cues right at the time of the attack. AirSAM is an Adobe Air application and should run on Mac OS, Linux, and Windows.