AIM Sniff is a utility for monitoring and archiving AIM and MSN messages across a network. It can be used to monitor for cases of harassment or warez trading. It has the ability to do a live dump (actively sniff the network) or read a PCAP file and parse the file for IM messages. You also have the option of dumping the information to a MySQL database or STDOUT. AIM Sniff will also monitor for an IM login and then perform an SMB lookup on the originating computer in order to match NT Domain names with IM login names (handles).
Anteater is a log analyser for MTA logfiles (such as those produced by sendmail and postfix). The tool is written in 100% C++ and is very easy to customize. Input, output, and the analysis are modular class objects with a clear interface. Currently, there are modules for reading the syslog format of sendmail and postfix that do up to eight useful analyses and write the result in plain ASCII or HTML, to stdout or to files.
AntiVir Update Announcer is a Perl script can be used in middle-sized networks to inform users about updates to the H+BEDV AntiVir software via email. It uses the same information file as the original Internet update program. It alleviates the need to run the update program periodically just to discover whether any updates are available. Optionally, this script can download the new update file and store it to an SMB share or send it as an attachment to the announcement mail. If used correctly, this will easily increase your network's virus protection.
The Argus Open Project is focused on developing network activity audit strategies that can do real work for the network architect, administrator and network user. Argus is a fixed-model Real Time Flow Monitor designed to track and report on the status and performance of all network transactions seen in a data network traffic stream. It provides a common data format for reporting flow metrics such as connectivity, capacity, demand, loss, delay, and jitter on a per transaction basis.
BitDefender AntiVirus for Samba protects Samba servers running under Linux from viruses and other malware. It's configured for "On-Access" scanning of the files that are copied to or are accessed from the Samba file server's shared partitions. BitDefender claims 100% detection rate for all viruses in the wild (ITW) through its powerful scanning engines certified by Virus Bulettin in April 2005.
BulkWatch is a utility that monitors sendmail's logs and takes a specified action when an IP has exceeded your configured maximum settings. You can specify that users may send X messages in X number of seconds. Email in excess of that would trigger an action, which can be any of the following: display an alert to the screen in foreground mode; log an alert to syslog; email an alert to a predefined email address; or run an external command with the IP and number of messages as arguments.
CRM114 is a Controllable Regex Mutilator and Smart Filter, designed for easy creation of filters for things like incoming email redirection, spam filtering, system logs, or monitoring processes. Filtering rules can be either hard-coded (such as regexes), soft-coded (calculated at runtime or read from an external file or process), or learned dynamically by phrase matching (as in Bayesian filtering, Markovian matching, Winnowing, or Hyperspatial classification). This makes it possible to create very accurate filters with very little actual work. Accuracies over 99.9% are achievable.