The Port Scan Attack Detector (psad) is a collection of three system daemons that are designed to work with the Linux iptables firewalling code to detect port scans and other suspect traffic. It features a set of highly configurable danger thresholds (with sensible defaults), verbose alert messages, email alerting, DShield reporting, and automatic blocking of offending IP addresses. Psad incorporates many of the packet signatures included in Snort to detect various kinds of suspicious scans, and implements the same passive OS fingerprinting algorithm used by p0f.
The net-tools package contains a collection of programs that form the base set of the NET-3 networking distribution for the Linux operating system. It contains the important tools for controlling the network subsystem of the Linux kernel including arp, hostname, ifconfig, netstat, rarp and route.
sslh accepts connections in HTTP, HTTPS, SSH, OpenVPN, tinc, XMPP, or any other protocol that can be tested using a regular expression, on the same port. This makes it possible to connect to any of these servers on port 443 (e.g. from inside corporate firewalls, which almost never block port 443) while still serving HTTPS on that port. sslh supports IPv6, privilege dropping, transparent proxying, and much more.
LCDproc is a utility to drive one or more LCD (and LCD-like) devices attached to a host. It is comprised of a server, which uses a modular device driver system to control attached displays, and one or more clients to gather data as appropriate and send screen data to the server. The included client displays a multitude of system statistics (CPU/memory/disk usage, uptime, date and time, temperature, etc.). Multiple clients can connect to the server simultaneously, and clients can set priorities on the screens they provide to influence in what order items are displayed. This facility can also be used to "pop" critical screens (such as an entry from syslog from a log-watching client). All functionality is implemented in userland. Support for many display devices and several platforms (Linux, *BSD, and Solaris at least) is included.
FireHOL a simple yet powerful way to configure stateful iptables firewalls. It can be used for almost any purpose, including control of any number of internal/external/virtual interfaces, control of any combination of routed traffic, setting up DMZ routers and servers, and all kinds of NAT. It provides strong protection (flooding, spoofing, etc.), transparent caches, source MAC verification, blacklists, whitelists, and more. Its goal is to be completely abstracted and powerful but also easy to use, audit, and understand.
getmail is intended as a simple, secure, and reliable replacement for fetchmail. It retrieves email (either all messages, or only unread messages) from one or more POP3, SPDS, or IMAP4 servers (with or without SSL) for one or more email accounts, and reliably delivers into qmail-style Maildirs, mboxrd files, or through external MDAs (command deliveries) specified on a per-account basis. getmail also has excellent support for domain (multidrop) mailboxes, including delivering messages to different users or destinations based on the envelope recipient address.
Performance Co-Pilot (PCP) is a framework and set of services for supporting system-level performance monitoring and performance management. It provides a unifying abstraction for all of the interesting performance data in a system, and allows client applications to easily retrieve and process any subset of that data using a single API. A client-server architecture allows multiple clients to monitor the same host, and a single client to monitor multiple hosts. Archive logging and replay are integrated so that a client application can use the same API to process real-time data from a host or historical data from an archive.
nss-pam-ldapd is a Name Service Switch module and Pluggable Authentication Module using an LDAP server. It allows your LDAP server to provide user account, group, host name, alias, netgroup, and almost any other information that you would normally get from /etc flat files or NIS, and allows you to do authentication to an LDAP server.
C++ Sockets is a cross-platform C++ wrapper for BSD-style sockets. It implements the TCP, UDP, ICMP, and SCTP transport layer protocols. Implemented application layer protocols are HTTP/HTTPS (using OpenSSL), SMTP (server), and Ajp/1.3 (server). Features include transparent SOCKS4 client support and asynchronous DNS. Included in the library are a number of HTTP client functions such as GET/PUT/POST, and also Web server framework components.