LogSurfer - Allows improved monitoring and alerting based on the contents of system logs. - http://www.dfn-cert.de/eng/logsurf/
S4Software - Use Secure4Privilege for complete access control to commands and scripts without giving out the root password. - http://www.s4software.com/sg.htm
Symark Software - Execute root-level commands and shell scripts without having to actually login as root. Control which users can log in and under which circumstances. - http://www.symark.com/products.htm
The SUS Home Page - SUS is a utility to allow a user (typically a system administrator) to run a single command as the super user. - http://pdg.uow.edu.au/sus/
lsof - lsof is a tool for examining I/O channels open on your Unix system. These can include files, FIFOs and network sockets. This information can be extremely useful for security and a variety of other purposes. Works on most Unix-like systems. - http://freshmeat.net/projects/lsof
The Coroner's Toolkit (TCT) - The Coroner's Toolkit (TCT) provides post-break-in data collection that could be useful in determining what happened. Less polished that the authors (Dan Farmer and Wietse Venema) usual work, the toolkit offers a patch-work of tools that help exhume - http://www.porcupine.org/forensics/tct.html
Tripwire Open Source - Open source version of the original Unix file integrity scanner. Calculates and stores signatures of file permissions, ownership and contents. Scans the same files later, detecting changes. This open source version is targeted at Linux systems. - http://www.tripwire.org
Tripwire Inc. - Commercial version of the original Unix file integrity scanner. Calculates and stores signatures of file permissions, ownership and contents. Scans the same files later, detecting changes. - http://www.tripwire.com/
Postfix Mail Transfer Agent - Drop-in Sendmail replacement by Wietse Venema. Offers several features that make it difficult to crack. - http://www.postfix.org
GNU Privacy Guard - OpenPGP (RFC2440) implementation from the GNU project. Encrypts/decrypts/signs/digests files using strong cryptography. FAQ, downloads, documentation. - http://www.gnupg.org/
OpenSSH - Portable Distribution - Open source implementation of SSH1 and SSH2 protocols. Ported from OpenBSD by the OpenSSH portability team. - http://www.openssh.org/portable.html
sudoscript - A pair of Perl scripts that provide an audited root shell using sudo and script(1). Tarballs, RPM's and individual components. - http://www.egbok.com/sudoscript
Pidentd - Daemon implementing IDENT protocol, it can be used to identify the user who initiated a TCP/IP connection - ftp://ftp.lysator.liu.se/pub/ident/servers/
Sudo - Run selected commands as root, with the users' own password. Allows the administrator to grant limited root privileges to a subset of users, without giving out the root password. - http://www.sudo.ws/
mcrypt - A replacement for the unix crypt, using several block algorithms in several modes like cbc, and cfb. - http://hq.hellug.gr/~mcrypt
OpenSSL - The OpenSSL Project is a collaborative effort to develop a robust, commercial-grade, fully featured, and Open Source toolkit implementing the Secure Sockets Layer and Transport Layer Security protocols with full-strength cryptography world-wide. - http://www.openssl.org/
SAINT - (Security Administrator's Integrated Network Tool) Scans systems and networks and reports potential vulnerabilities. - http://www.wwdsi.com/saint/
North American Cryptography Archives - Strong cryptographic software, libraries, and information about cryptography, data security, and privacy. - http://cryptography.org