ICI is a general purpose interpretive programming language that has dynamic typing and flexible data types with the flow control constructs and operators of C. It is designed for use in many environments, including embedded systems, as an adjunct to other programs, as a text-based interface to compiled libraries, and as a cross-platform scripting language with good string-handling capabilities.
XamimeLT is an email scanner which encapsulates your existing sendmail or Postfix server setup. It scans both incoming and outgoing email. It can scan for email viruses, unwanted file types (eg. EXE, BMP, MPEG) and file names (eg. prettypark.exe), spam, and almost anything you care to search for in an email. It can also be used to scan for text snippets within emails and to insert disclaimers into outbound emails. XamimeLT was formerly known as "Inflex".
integrit is an alternative to file integrity verification programs like tripwire and aide. It helps you determine whether an intruder has modified a computer system. integrit's major advantages are a small memory footprint and simplicity. It works by creating a database that is a snapshot of the most essential parts of your computer system. You put the database somewhere safe, and you can then use it to make sure that no one has made any illicit modifications to the computer system. In the case of a break in, you know exactly which files have been modified, added, or removed.
The Internet Document And Report Server (IDRS) is a full Web development platform. All pages are built using an XML like dialect called the Reporting Markup Language (RML), can be generated using data from any JDBC complient database, and mostly require no programming logic. For reports that do require programming logic, RML pages can also use external Java classes and embedded JPython and BeanShell scripts for a higher level of control. Features of the IDRS include user-based security, data connection pooling for use by both the central IDRS system and by individual reports, and multiple databases to be used for each report and JSP.
The ipaudit package records and displays network activity. It is useful for identifying heavy bandwidth users, intrusive telnet sessions, denial of service attacks, and scans. It includes ipaudit, which stores counts of bytes and packets for every combination of host/port pairs and protocol. The utilities total and ipstrings can be used to investigate network traffic records from the command line. ipaudit-web can collect network traffic statistics and generate Web reports.
iplog is a TCP/IP traffic logger. Currently, it is capable of logging TCP, UDP, and ICMP traffic. iplog is able to detect TCP port scans, TCP null scans, FIN scans, UDP and ICMP "smurf" attacks, bogus TCP flags, TCP SYN scans, TCP "Xmas" scans, ICMP ping floods, UDP scans, and IP fragment attacks. iplog is able to run in promiscuous mode and monitor traffic to all hosts on a network. iplog uses libpcap to read data from the network and can be ported to any system that supports pthreads and on which libpcap will function.