The sniffy project can trace/log the data of any pseudo terminal in the system. Due to the way the terminal works, such a terminal trace provides complete information of what happened on the terminal screen, and sniffy is able to display/replay this information. It consists of a kernel module able to connect/hook on the pseudo terminal, a program to display the contents of any pseudo terminal on the fly, a daemon process tracing the pseudo terminal content into the file, and a replay program to replay any stored pseudo terminal session.
The goal of Escape-K is to provide an all-in-one platform for IT service management. This means that using a single application (the Escape-K client console), users are able to manage any sized computer organization, from workstation and printers to servers, databases, or network devices. Escape-K follows the main guidelines recommended by ITIL. Therefore, the core of the application is the composed of the CMDB. Depending of the chosen perspective, Escape-K users can deal with incidents and problem resolution as well as server or database administration.
Dconf is a tool to collect a system's hardware and software configuration. It allows you to take your system configuration with you and compare systems (like nodes in a cluster) to troubleshoot hardware or software problems. It can also be configured to send out configuration changes at given intervals to a group of people, or store a new snapshot when system changes happen.
sudosh can be used as a default login shell or a filter that takes advantage of PTY devices in order to sit between the user's keyboard and a program, in this case a shell. It was designed specifically to be used in conjunction with sudo, and allows the execution of a root or application shell with logging. It is basically a VCR and will record root shell sessions and also has the ability to play back the sessions as they were originally recorded. It records all input/output, keyboard input, and timing information so that the session can be played back in the original format.
ReVirt is part of the CoVirt project, which investigated on the use of virtual machines to provide security in an operating-system-independent manner to enable the security system to function independently from the guest operating system. ReVirt logs enough information to replay the entire intrusive sequence instruction-by-instruction so that a detailed observation on the attack can be documented. It includes a system called BackTracker that helps system administrators understand (and thereby recover from) an intrusion, by automatically identifying potential sequences of steps that occurred in an intrusion. Starting with a single detection point (e.g., a suspicious file), BackTracker identifies files and processes that could have affected that detection point and displays chains of events in a dependency graph.
Wiresoft ANA (Automated Network Agent), an Artificial Intelligence-based systems management service, automatically performs over 90% of Linux systems management tasks. It is a self-managing, self-learning system support service that provides constant maintenance and protection for Firegate Servers. ANA services include Software Updating and Integration, Intrusion Detection, Data Back-up and Disaster Recovery, Monitoring, and Alerting.
LooperNG is an intelligent event routing daemon. Primarily used for Network Management, this application can be used to accomplish a variety of tasks related to logging and alerting such as trap forwarding/exploding, event enrichment, converting event formats (syslog->SNMP, SNMP->flatfile, syslog->Netcool), etc. It uses a system of input and output modules to interface with the event sources/sinks and a "rules file" to control the flow of the events.