The NET-SNMP (formerly UCD-SNMP) package contains various tools relating to the Simple Network Management Protocol including an extensible agent, an SNMP library, tools to request or set information from SNMP agents, tools to generate and handle SNMP traps, a version of the unix 'netstat' command using SNMP and a Tk/perl mib browser. It was originally based on the Carnegie Mellon University SNMP implementation (version 18.104.22.168), but has been greatly enhanced, ported and fixed and barely resembles the original package anymore.
Xplico is an IP traffic decoder that extracts data from an Internet traffic capture. From a pcap file, it can extracts each email (POP, IMAP, and SMTP protocols), all HTTP content, VoIP calls (SIP, RTP, H323, MEGACO, MGCP), IRC, MSN, and so on. It isn't a packet sniffer or a network protocol analyzer, but rather an IP/Internet traffic decoder or network forensic analysis tool (NFAT).
The Port Scan Attack Detector (psad) is a collection of three system daemons that are designed to work with the Linux iptables firewalling code to detect port scans and other suspect traffic. It features a set of highly configurable danger thresholds (with sensible defaults), verbose alert messages, email alerting, DShield reporting, and automatic blocking of offending IP addresses. Psad incorporates many of the packet signatures included in Snort to detect various kinds of suspicious scans, and implements the same passive OS fingerprinting algorithm used by p0f.
LCDproc is a utility to drive one or more LCD (and LCD-like) devices attached to a host. It is comprised of a server, which uses a modular device driver system to control attached displays, and one or more clients to gather data as appropriate and send screen data to the server. The included client displays a multitude of system statistics (CPU/memory/disk usage, uptime, date and time, temperature, etc.). Multiple clients can connect to the server simultaneously, and clients can set priorities on the screens they provide to influence in what order items are displayed. This facility can also be used to "pop" critical screens (such as an entry from syslog from a log-watching client). All functionality is implemented in userland. Support for many display devices and several platforms (Linux, *BSD, and Solaris at least) is included.
AIDE (Advanced Intrusion Detection Environment) is a file and directory integrity checker. It creates a database from the regular expression rules that it finds from the config file. Once this database is initialized it can be used to verify the integrity of the files. Several message digest algorithms are used. All of the usual file attributes can also be checked for inconsistencies.