Kernel Security Checker is a useful tool to locate attackers residing within a system by employing a direct analysis of the kernel through /dev/kmem and bypassing the hiding techniques of the intruder (kernel static recompilation or use of LKMs). It can find the modified syscalls from userspace, detect the promiscuous interfaces, and find the modifications applied to a protocol.
cryptmount is a utility for creating and managing secure filing systems on GNU/Linux systems. After initial setup, it allows any user to mount or unmount filesystems on demand, solely by providing the decryption password, with any system devices needed to access the filing system being configured automatically. A wide variety of encryption schemes (provided by the kernel dm-crypt system and the libgcrypt library) can be used to protect both the filesystem and the access key. The protected filing systems can reside in either ordinary files or disk partitions. The package also supports encrypted swap partitions, and automatic configuration on system boot-up.
big:eye is a system management server that was developed for enterprise IT infrastructures. It manages faults, performance, inventories, and configurations through an impressive user interface. It produces maps through auto-discovery, and monitors faults, Cisco, Motorola, and SNMP devices.