Systraq sends you a daily email listing the state of your system. If critical system files or user access files (e.g. ~/.ssh/authorized_keys) have changed, you'll get an email within a shorter notice. It consists of few very small shell scripts. It can help you implement a (not too strict) security policy.
tarmill compresses and encrypts tar archives, and is designed for use in backup scripts. Unlike most other solutions, each archive member is handled separately, so damage in the middle of the archive does not render the rest of the archive unusable; it is possible to resume at the next readable member header. Compressed and encrypted archives remain valid tar files, so any well-behaved tar implementation will be able to list (but not extract) them.
tcpick is a textmode sniffer that can track TCP streams and saves the data captured in files or displays them in the terminal. It is useful for picking files in a passive way. It can store all connections in different files, or it can display all the stream on the terminal (using colors too).
The te-edu Password Meter class can be used to check whether a password is strong enough to not be guessed easily. It can perform several tests on a given password string to compute a score that represents the strength of a password. Password checking is based on brute force attack class A and considers 10 million password checks in one minute. It checks characters, character pairs, repeated characters, time needed to be discovered, character standard entropy, etc.