Network Time Tools (NTT) is a set of network tools designed to provide monitoring of a network and the services on that network, and provide various reports on the hosts/services and optional alerts via email, pager, and cellphones. It comes with a protocol scanner, a bandwidth measurement tool, and a CGI front end that can handle a regular browser or WAP-enabled cellphones via WML.
The Spoofaudit network auditing tool will help you to determine what basic spoofing filters (rfc2827 & rfc3013) are present between two test points on two networks, and what anti-spoofing filters are missing. The tools are designed to work between endpoints that would not normally have filtering between them except anti-spoofing filters.
SecurityFocus ARIS Extractor is a sophisticated Intrusion Detection System (IDS) log analyzer and reporting system, integrated with the SecurityFocus ARIS web site. It allows administrators to upload Intrusion Detection System (IDS) logs to the SecurityFocus ARIS Web site, producing sophisticated reporting, and research attacks and events. By filtering out insignificant or benign data and converting it to a common (XML) format, ARIS extractor streamlines incident reporting for both security professionals and home users, allowing IDS operators to focus only on relevant attacks and incidents. It allows you to analyze and archive logged incidents, cross reference incidents/attacks with the SecurityFocus Vulnerability Database, look up contact information for offending IP addresses, generate personal incident statistics and reports, automatically identify and report important incidents, reduce the amount of time spent parsing IDS logs, and generate daily summary reports, delivered by email (optional). All of this is done without revealing any information that could be used to discern your identity. It can be configured to obfuscate IP addresses, names, and other pertinent details before submitting them to the ARIS Analyzer web site. It supports Snort, Cisco Secure IDS, Dragon, NetProwler, RealSecure, BlackICE Defender, and ICEPac.
Perl Advanced TCP Hijacking is a collection of tools for inspecting and hijacking network connections written in Perl. It consists of a packet generator, an RST daemon, a sniffer, an ICMP redirection tool, an ARP redirection tool, an IDS testing tool, and an automatic hijacking daemon for plain protocols, and features both GUI and terminal interfaces.
Systraq sends you a daily email listing the state of your system. If critical system files or user access files (e.g. ~/.ssh/authorized_keys) have changed, you'll get an email within a shorter notice. It consists of few very small shell scripts. It can help you implement a (not too strict) security policy.