Xplico is an IP traffic decoder that extracts data from an Internet traffic capture. From a pcap file, it can extracts each email (POP, IMAP, and SMTP protocols), all HTTP content, VoIP calls (SIP, RTP, H323, MEGACO, MGCP), IRC, MSN, and so on. It isn't a packet sniffer or a network protocol analyzer, but rather an IP/Internet traffic decoder or network forensic analysis tool (NFAT).
L7-filter is a packet classifier for Netfilter that identifies packets based on application layer (OSI layer 7) data. This means that it is able to classify packets as HTTP, FTP, Gnucleus, Kazaa, etc., regardless of ports. It complements existing matches that classify based on port numbers, packet length, TOS bits, and so on. Combined with Linux QoS, it allows for full layer 7 packet shaping.
x11vnc allows one to remotely view and interact with real X displays (i.e. a display corresponding to a physical monitor, keyboard, and mouse) with any VNC viewer. It is designed to be compatible with all Unix variants and Mac OS X, and depends on a small set of standard libraries. It supports SSL/TLS and VeNCrypt encryption, Unix password logins, single port access, Zeroconf, file transfer, and UltraVNC extensions. It is part of the LibVNCServer project.
Anteater is a log analyser for MTA logfiles (such as those produced by sendmail and postfix). The tool is written in 100% C++ and is very easy to customize. Input, output, and the analysis are modular class objects with a clear interface. Currently, there are modules for reading the syslog format of sendmail and postfix that do up to eight useful analyses and write the result in plain ASCII or HTML, to stdout or to files.
Elastix is a software appliance that integrates the best tools available for Asterisk-based PBXs into a single, easy-to-use interface. It also adds its own set of utilities and allows for the creation of third party modules. The goals of Elastix are reliability, modularity, and ease-of-use. It also features strong reporting capabilities.
redWall is a bootable CD-ROM firewall which focuses on Web-based reporting of the firewall's status. It includes Snort, snortsam, dansguardian, and support for fwbuilder, squidguard, reporting (using BASE/sarg/ntop/webfwlog), VPN (Openswan/PoPToP/Openvpn), Spam Filtering (spamassassin, dcc, razor2, clamav, amavis-new, dspam and maia mailguard), and mail-based, alerting. Configuration data are stored on a floppy or USB disk.
mod_cband is an Apache 2 module that solves the problem of limiting the bandwidth usage of users, virtual hosts, and destinations. When the configured transfer limit is exceeded, mod_cband will redirect all further requests to a location specified in the configuration file. The module can also limit download speeds and maximal requests per second for virtualhosts, users, and remote clients.
Lire is a pluggable log analyzer. It has analyzers for over 25 log file formats, ranging from Apache WWW log files to iptables firewall logs and CUPS printing logs. Reports are generated in 9 different output formats, ranging from Excel 95 to PDF to HTML, optionally with included graphs.
PasTmon (Passive Application Response Time Monitor) passively monitors your application servers, measuring and reporting user response times, throughput and congestion. It currently works with HTTP, telnet, rlogin, rsh, FTP (control channel), SMTP, POP3, and IRC. Measurements are recorded in a PostgreSQL database and are presented graphically via a PHP Web front-end using R statistical analysis scripts to create the plots.
scponly is an alternative "shell" of sorts for system administrators who would like to provide access to remote users to both read and write local files without providing any remote execution priviledges. Functionally, it is a wrapper around the ssh suite of applications. It is typically used by creating a user whose shell is set to scponly. This user can neither login interactively nor execute commands remotely, but it can use scp and sftp to download and upload files to the computer, governed by the usual Unix file permissions.