DansGuardian is a Web content filtering proxy that uses Squid to do all the fetching. It filters using multiple methods including, but not limited to, phrase matching, file extension matching, MIME type matching, PICS filtering, and URL/domain blocking. It has the ability to switch off filtering by certain criteria including username, domain name, source IP, etc. The configurable logging produces a log in an easy to read format. It has the option to only log text-based pages, thus significantly reducing redundant information (such as every image on a page).
System Configuration Collector collects and classifies most of your Unix/Linux/BSD configuration data in flat files called snapshots. This allows changes in snapshots of consecutive runs to be detected. These changes are added to a logbook, which is helpful for administrators during troubleshooting and for auditors during audits. Snapshots and logbooks are also available in HTML format. All data can be send to an SCC server, where a Web interface provides access to summaries and supports comparing snapshots of different servers and searching of all data. A WMI-based Windows client is also available.
iplog is a TCP/IP traffic logger. Currently, it is capable of logging TCP, UDP, and ICMP traffic. iplog is able to detect TCP port scans, TCP null scans, FIN scans, UDP and ICMP "smurf" attacks, bogus TCP flags, TCP SYN scans, TCP "Xmas" scans, ICMP ping floods, UDP scans, and IP fragment attacks. iplog is able to run in promiscuous mode and monitor traffic to all hosts on a network. iplog uses libpcap to read data from the network and can be ported to any system that supports pthreads and on which libpcap will function.
fs-check checks filesystem sizes to see if they are getting too full. It uses a configuration file that specifies the filesystems to check, email contacts, trigger thresholds (percentage or amount used/unused), and a report program to run. It includes fs-report, which shows things like the largest files, the newest files, the intersection of these and core files. It can be run from cron or as a daemon.
Simple network top (sntop) is a curses-based console utility in the spirit of top that polls network hosts at a regular interval to determine their connectivity and displays the results in a pretty format. Advanced features are supported, such as automatic HTML generation of results, secure terminal mode, execution of an external file on connectivity changes, a daemon mode, and user/system configure files.