Tanal is a Unix daemon that captures traffic packet size, source, destination, and times and saves this data into a native PostgreSQL or ODBC database in near real time, from which traffic reports may be made. It does not save the actual data or headers. It works on ethX or cooked devices like ppp0. It uses PostgreSQL embedded SQL or libodbc++ to insert the data, the pcap library to capture traffic, and pthreads to capure and write at the same time. Pcap filters can be specified on the command line. Logs go to syslog. Under development are tools that analyze this traffic to determine the type based on flows, not packet inspection.
Process Change Detection System is a script to monitor changes in processes--not to monitor if your Web server is still running, but to see if there are new programs running. When debugging a honeypot logging, you often see that there's an extra inetd running, to open up a backdoor port. Or, less dramatically, people login to a system and "forget" to logout.
CB-MOC is used to monitor ChessBrain.net peer nodes. Short for "Chess Brain Peer Node Monitoring Operations Center," this program aims to offer full monitoring and statistics generation for each peer node that an operator runs. It offers tabular information and graphs to allow an operator to quickly assess the performance and status of each node.
GKrellF@H is a GKrellM 1.2.x plugin to monitor the Folding@Home client. It can be configured to display the name of the molecule being folded, the download time of the work unit, and the progress through the work unit. It supports starting and stopping the Folding@Home client and will optionally run a command when a work unit completes.
The Viper IDS is an IDS sensor that can be used stand-alone or as an add-on to the Wolverine Firewall and VPN server. It can log all alert information to a remote MySQL database that can be analyzed by applications such as ACID, or can be used with Wolverine to provide real-time responses to potential threats by dynamically adjusting perimeter firewall rule sets. It uses Snort for attack signature detection.