The Bait and Switch Honeypot System combines the snort Intrusion Detection System (IDS) with honeypot technology to create a system that reacts to hostile intrusion attempts by marking and then redirecting all "bad" traffic to a honeypot that partially mirrors your production system. Once switched, the would-be hacker is unknowingly attacking your honeypot instead of the real data, while your clients and/or users are still safely accessing the real system. Life goes on, your data is safe, and you get to learn about the bad guy as an added benefit. It works with Snort 1.9.0, 1.9.1, and 2.0.2.
DIY Zoning is a set of tools and instructions for controlling a state-of-the-art HVAC (Heating, Ventilation, and Air Conditioning) system. It covers airflow balancing, temperature control and zoning, energy conservation measures, remote access, 1-wire devices, and home automation.
IPFS (IPSquad Package From Source) is a system which allows you to trace an program's installation from sources and register it in your favorite packaging system (only the Slackware package system and RPM are currently supported). IPFS watches a command (generally make install), collects the list of added files, and then registers them in the chosen packaging system as if the install was made from a normal package. Unlike other similar products, IPFS is able to track both shared and statically linked programs.
Lire is a pluggable log analyzer. It has analyzers for over 25 log file formats, ranging from Apache WWW log files to iptables firewall logs and CUPS printing logs. Reports are generated in 9 different output formats, ranging from Excel 95 to PDF to HTML, optionally with included graphs.
Logrep is a secure multi-platform tool for the collection, extraction, and presentation of information from various log files. It features HTML reports, multi-dimensional analysis, overview pages, SSH communication, and graphs, and supports 25 popular systems including Snort, Squid, Postfix, Apache, Sendmail, syslog, iptables/ipchains, xferlog, NT event logs, Firewall-1, wtmp, Oracle listener, and Pix.
The mysqlard daemon collects MySQL performance data in a round robin database using rrdtool. rrdtool stores the data in a very compact way that will not expand over time, and it presents useful graphs by processing the data to enforce a certain data density. The main goal of the package is to help the database system administrator in tuning the system for maximum performance. The package also contains example graphing, cron, and PHP scripts.
Unix Mobile Agents is a generic, flexible, easy to use mobile agent architecture implemented in a set of bash scripts. This design is made to be trivial to deploy and setup. Agents can be configured to traverse the network in sorted order, in user defined order, or as a random walk. They can also run in a repeated loop, or in a single pass through the network. Connections are made via public-key SSH authentication, and the screen utility is used to allow agents to run without requiring terminals.
Vee is a command-line blog tool that is very portable across Unix systems. It provides an interactive as well as a batch interface to maintain a log of entries. Formatting is done using a module architecture that allows a high degree of customization. There are minimal flags and no set up is required.