Email Security through Procmail (the Procmail Sanitizer) provides methods to sanitize email, removing obvious exploit attempts and disabling the channels through which exploits are delivered. Facilities for detecting and blocking Trojan Horse exploits and worms are also provided.
HickUP is a small multi-platform system for managing applications for a user or project environment. The user can, through a GUI or command line tool, choose which applications and versions they want to use. The project manager can specify allowed applications and versions of these the project members can select. The user can then select one of multiple environments to use at login or within a specific shell.
John the Ripper is a fast password cracker, currently available for many flavors of Unix, Windows, DOS, BeOS, and OpenVMS. Its primary purpose is to detect weak Unix passwords. It supports several crypt(3) password hash types commonly found on Unix systems, as well as Windows LM hashes. On top of this, lots of other hashes and ciphers are added in the community-enhanced version (-jumbo), and some are added in John the Ripper Pro.
log_analysis is a log file analysis engine that extracts relevant data for any of the recognised log messages and produces a summary that is much easier to read. It can be configured to recognize entirely new log types. log_analysis natively understands about 100 different kinds of syslog messages, as well as sulog and wtmp messages for Linux, Solaris, and OpenBSD. It also has optional continuous monitoring capabilities, with both text and GUI modes.
memtester is a user-space utility for testing the memory subsystem in a computer to determine if it is faulty. It does a good job of finding intermittent faults and non-deterministic faults. It has many tests to help catch borderline memory. memtester should compile and run on any 32- or 64-bit Unix or Unix-like system.
Monit is a utility for managing and monitoring processes, programs, files, directories, and devices on a Unix system. It conducts automatic maintenance and repair and can execute meaningful causal actions in error situations. It can be used to monitor files, directories, and devices for changes, such as timestamps changes, checksum changes, or size changes. It is controlled via an easy to configure control file based on a free-format, token-oriented syntax. It logs to syslog or to its own log file and notifies users about error conditions via customizable alert messages. It can perform various TCP/IP network checks, protocol checks, and can utilize SSL for such checks. It provides an HTTP(S) interface for access.
dteq is a query tool that passes results through a template. It is well-suited for auto-generating all kinds of things from a database like authentication tables, DNS zone files, or whatever you can come up with. It also does updating commands like INSERT and UPDATE and reports back the number of rows affected. This used to be named mysqlquery but it is now DB-independent, with cdb, MySQL, and PostgreSQL drivers available.
Secure Syslog is a cryptographically secure system logging tool for UNIX systems. Designed to replace the syslog daemon, ssyslog implements a cryptographic protocol called PEO-1 that allows the remote auditing of system logs. Auditing remains possible even if an intruder gains superuser privileges in the system, the protocol guarantees that the information logged before and during the intrusion process cannot be modified without the auditor (on a remote, trusted host) noticing.