Free audit software for linux

Scorched 3D project is a game based loosely (or actually quite heavily now) on the classic DOS game Scorched Earth "The Mother Of All Games". Scorched 3D adds amongst other new features a 3D island environment and LAN and internet play. Scorched 3D is totally free and is available for both Microsoft Windows and Unix (Linux, FreeBSD, Mac OS X, Solaris etc.) operating systems.
You can pick up the game and begin playing very quickly. Then, when/if you are interested, you can poke in the dimmer recesses of the game and get into the strategy (or just ignore it altogether!).
At its lowest level, Scorched 3D is just an artillery game with two+ tanks taking turns to destroy opponents in an arena. Choose the angle, direction and power of each shot, launch your weapon, and try to blow up other tanks. Thats basically it.
But Scorched 3D can be a lot more complex than that, if you want it to be. You can earn money from successful battles and use it to invest in additional weapons and accessories. You can play with up to twenty four other players at a time, mixing computer players with humans.
Theres a variety of changing environmental conditions and terrains to be dealt with. After the end of each round (which ends when everybody dies or theres only one person left), you get to buy stuff using the prize money you won from previous matches.
Enhancements:
- Added: UDP message handler for games COMs
- Added: ClearTracerLines console command
- Added: Moved ODE and zlib to external libraries and updated vesions
- Added: Changed objects and trees to be targets
- Added: Removed GIF files in preference to PNG files
- Added: wxWindows server GUI has been depricated (now console only)
- Added: Windows build of scorched has been updated to use visual studio express
- Added: Split server, client and laucher into seperate applications (server now has no reliance on GUI libs)
- Added: Refactored source to give a better client/server devide
- Added: More smoke kicked up when tank drives over and removes a target
- Added: Transparency available to missiles (and all other models)
- Added: Users connecting to web admin console from the local machine dont need an admin account
- Added: Console server now sends server logging to stdout
- Added: GLWTime widget to allow a clock to be drawn on screen
- Added: Dragging the mouse will drag the landscape (clicking still moves to look at point)
- Added: Split and inter-dependancy removal of configure.ac files
- Added: Camera recentered on tank at the start of each new round
- Added: For single player games camera position remembered for each player
- Added: Server only compilation for Windows and Unix systems
- Added: Text chat shown during level loading
- Added: All models are cached including animated models
- Added: All models are now animated (missiles, tanks, targets, boids etc...)
- Added: Bird animations are now not syncronized
- Added: Concept of an offical server, displayed on the net browsing dialog
- Added: Custom port and socket support for stats database connection
- Added: Asyncronous message support to UDP message handler
- Added: Server is only simulated periodically when playing offline
- Added: Mysql reconnection when connection lost
- Added: File logger splits files into ~256K chunks (and not by number of lines)
- Added: Removed use of ODE in preference to a simplier particle physics engine
- Added: Added target collision space that can be used for fast target bounds checking
- Added: Server now simulates the shots in real-time allowing for the addition of real-time gameplay
- Added: Server only sends initial shots and seeds to clients for each turn saving on bandwidth
- Added: ScorePerMoney value is now per 1000 rather than per 100
- Added: Web management authentication failure reponse is delayed before sending back to client
- Added: Web management sessions view to show logged in web admins
- Added: Web management exit when empty option (to exit server when no one is playing)
- Added: Web management log file search feature for finding strings in log files
- Added: Web management landscape, main, players, mods settings dialogs
- Added: Web management mod upload and import feature to allow remote uploading of mods
- Added: Web management looking up of unique ids for users
- Added: Web management combining user stats
- Added: DebugFeatures option for server.xml to disable InfoGrid
- Added: New wall types: WallActive and WallInactive
- Added: botonly option for accessories (ie: only for bots, not for AI objects)
- Added: Server file logging can be turned on from server settings
- Added: Concept of movement routines for targets so targets can now move
- Added: Boids and ships are now targets (can have a physical presence)
- Added: Boids and ships have the same positions on all clients and the server
- Added: Cleaned unused tags from landscape placement and ambientsound files
- Added: All aspects of the landscape (placement, sound, movement...) can be defined in the same file
- Added: Concept of a general include file to replace specific sound, movement, placement files.
- Added: nocollision, nodamageburn, nofalling, displaydamage and displayshadow attributes to targets.
- Added: New Plan map and buoys drawn on map
- Added: Server log page on web admin can auto-refresh
- Added: minsize and maxsize attributes to tree placement type to control scale
- Added: WeaponGroupSelect to allow weapons to select target from groups (e.g. boids weapons)
- Added: thrusttime and thrustamount attributes to WeaponProjectile to simulate missile thrust
- Added: maintainvelocity attribute to WeaponRoller to allow rollers to main the previous weapons momentum
- Added: Objects that become very small are now culled (not drawn)
- Added: maxobjects attribute to tree placement to set an upper limit on the number of trees created (default 2000)
- Added: Trees are now specified as a different model type (Tree) instead of a seperate placement type
- Added: Spline movement type for moving targets round a pre-defined set of control points
- Added: usefuel attribute on WeaponMoveTank can now be true, false or an integer for a constant use of fuel.
- Added: Changed the default web interface colors to match the forum scheme (finally)
- Added: Laserproof shield attribute can be set to true, false or total. Total blocks all laser damage.
- Added: Plan view darkens to increase the visibility of when lines are drawn by other players
- Added: flattendestroy attribute to targets to specify if they should be removed then a tank stops near them
- Added: Scorched splash screen shown each time a new version is installed
- Added: Capability for music (music can be configured for different actions both globaly and on a per level basis)
- Added: tabgroups to accessories, a tabgroup is the grouping used to group accessories in the buy dialog
- Added: Seperate volume control for music
- Added: Per-level options to allow levels to specify specific options e.g. Teams, No Walls etc..
- Added: Customer user avatars can be placed into the .scorched3d/avatars directory
- Added: nofallingdamage attribute to targets so they dont get hurt when falling
- Added: drag attribute to WeaponProjectile to allow a more realistic projectile motion
- Added: Error messages with lines that are more than 75 characters are wrapped onto the next line
- Added: Players can gift money to other players in their team
- Added: Some floats can now be a random range or a distribution of values
- Added: Web management chat is now in real-time
- Added: Reason for user discconecting from a net game is now visible to all clients
- Added: Shift-z hides and shows all gui components
- Added: Chat channels for server side filtering of chat
- Added: Chat spam auto muting
- Added: Chat supports links to players, channels and weapons. Displayed as tooltips.
- Added: New launcher and splash screen graphics
- Added: Scorched server automatically calculates ranks and orphaned avatars
- Added: WaterCollision attribute to WeaponProjectile
- Added: WeaponLabel and WeaponGotoLabel to allow looping with in weapons
- Added: Any image file type can be used for textures, levels, etc... (not avatars)
- Added: texture attribute to WeaponLightning to allow different textures to be used
- Added: jpg file support
- Added: Full screen anti-aliasing support
- Added: New TankAIs, ais are more accurate, can defeat shields and use fuel, napalm, rollers
- Added: boolean option to select whether graphics are paused when window focus lost
- Added: WeaponMessage primitive to be able to display messages (combat channel only - should add ability to select channel)
- Added: Level of detail for water (geo mipmaps) and changed water bounds so all of it moves
- Added: New water movement algorithm using discrete fourier transform (based on an algorithm by Thorsten Jordan)
- Added: GL shader support for more realistic renderering of the water
- Added: Landscape reflections in water
- Added: Shadows on water (hides sun too)
- Added: Option to disable pausing of graphics when window loses focus
- Added: FramesPerSecondLimit option to settings dialog
- Added: Admin audit log showing all admin operations on players
- Added: Admin username and optional reason are added to the list of banned players
- Added: Realtime-shadows
- Added: Depth-cueing on landscape
- Added: Assists are awarded when a tank resigns
- Added: Player tank remains when a player disconnects during shots being played
- Added: dampenvelocity tag to control amount of inertia given to rollers with maintainvelocity true
- Added: Different and more explosion textures
- Added: Explosion mode is always animate (noanimate tag added to WeaponExplosion)
- Added: Teleport animation
- Added: Server looped messages are sent on the announce channel so they can be turned off
- Added: Servers with stats support with always give the same players the same player id
- Added: Players that are muted and then leave and rejoin are still muted when stats support is enabled
- Added: WeaponPosition primitive to set explicit position of an accessory
- Fixed: High detail tanks being used for other players when detail level set low
- Fixed: Removed keep-alive header in http requests
- Fixed: Server will only show log files via the management interface that it created
- Fixed: SDL_Quit being called twice on the client
- Fixed: Sound failing to initialize will not prevent the client from being run
- Fixed: Optimized settings sent to the client to send only different settings
- Fixed: Optimized path finding code for tank movement
- Fixed: Wall hit indicators are now particles and so wont mask other effects
- Fixed: Server only serializes and compresses coms message once when sending to multiple clients
- Fixed: If client starts falling behind at 8x speed it will drop to 4x speed
- Fixed: Teleports with groundonly set to false should function correctly in caverns
- Fixed: Cleaned up tank state machine
- Fixed: MOTD and Rules dialogs reflect changes made while connected to server
- Fixed: Darkened night water (thanks Deathstryker)
- Fixed: Flag reseting on buying screen when buying items
- Fixed: Tanks on the plan view are surrounded by a black border (also smoothed)
- Fixed: Server web managament can view settings that do not fall into the usual brackets
- Fixed: Bug where a space in the installation file name could cause starting issues
- Fixed: Spectators cannot win (or draw) a game
- Fixed: Pressing enter can send many lines of text
- Fixed: Clients hanging when a mod download was in place

SMBD Audit application is a set of VFS audit module for Samba 3 and web frontend to view and search samba audit logs.

Module stores logs directly into MySQL database with libmysqlclient.

You can search database by Login, Address, Share, Action, Log Message(specify filename or directory name), From and To Date.

Here is a very short list of what SMBD Audit package includes, and what it does.

- a VFS audit module, to provide logging to MySQL database

- a web front end to view and search logs.

glibc-audit is a modified version of glibc for application developers who check their code with an automatic memory access checker such as valgrind, Insure++, or Purify.
glibc-audit has been audited and cleaned up so that reports from the developers use of a memory access checker are more likely to be interesting to the developer, with less "noise" from the C library itself. Typically, glibc-audit initializes all of its local variables and structs before use. Ordinary glibc uses uninitialized dummy variables that are "dont-care" to its logic but reported by the memory access checker.
Also, the r_debug.r_brk protocol has been enhanced to co-operate with a co-resident auditor. If the auditor sets .r_brk, then the runtime loader will call the auditor directly whenever a shared library event occurs.
This is much more convenient than using breakpoints. By default the old breakpoint protocol works just like before. The new protocol is binary compatible with the old on machines where a pointer to a function is the same size as an ordinary pointer. Platforms where a pointer to a function is larger (such as HP-PA RISC, Alpha processor, or PowerPC) are not binary backward compatible, and will have to increment r_debug.r_version. Exising clients (such as gdb) also will see an ignorable type mismatch error when they are built. But for now, it is worth more not to antagonize gdb at runtime on x86.
The patch modifies 91 files. Compared to glibc-2.3.2-27.9, the additional code occupies 18 more bytes of .text, and 24 fewer bytes in the .so. On a nano-scopic scale, the typical execution cost is 0 to 3 CPU cycles per affected routine; the estimated median total impact is less than 1 second per machine per day. In the case of *printf(), glibc-audit is faster than glibc because the cleaned-up source helps gcc-3.2 avoid generating atrocious code when initializing printf_spec.info for parse_one_spec() in stdio-common/printf-parse.h.
Glibc-audit was constructed by running a memory access checker on the internal testcases of glibc, then analyzing the reported errors and modifying the source. The process revealed 10 memory access bugs in glibc-2.3.2-11.9. Seven were fixed in glibc-2.3.2-27.9, two more have been fixed in CVS, and one is a design flaw that probably will not be fixed.
Predecessor patches to glibc-audit-1 were submitted to the glibc project, but those patches were ignored [user "guest", password "guest"], declined, or rejected. There is enough improvement in usability and reliability to publish glibc-audit-1 separately.
The unmodified glibc-2.3.2-27.9.src.rpm is available from RedHat mirrors. rpmbuild -ba --target i686 took about 4 hours and 2.5GB of disk space on a machine with 1.1GHz CPU, 384MB RAM, UDMA100 disk.
Enhancements:
- The patches were updated to glibc-2.4-4.
- A glibc bug that interfered with gdb stop-on-solib-events was fixed.
- On x86, x86-64, and PowerPC, the __NR_open system call was improved to avoid leaking information from the user to the kernel.

Spike PHP Security Audit Tool project is a tool that performs a static analysis of PHP code for security exploits.
Usage:
To install, unzip Spike phpSecAudit package.
> unzip spike_phpSecAudit.zip
Change directory to your php repository.
> cd /path/to/code/to/audit
Execute the run.php, passing the file name or directory to audit.
> php /path/to/spike_phpSecAudit/run.php test_file.php
or
> php /path/to/spike_phpSecAudit/run.php dir_name
Enhancements:
- Modified to be PHP 4 friendly.
- A few functions have been added to the knowledge base: extract, shell_exec, pcntl_exec, and exec.
- The organization of the knowledge base file (vuln_db.xml) has been slightly improved.
- The _getAllPhpFiles function may miss a few (unverified).
- The tokenizer needs to be able to differentiate between a native function call and class method call of the same name, i.e. mail() and $class->mail().

WarLinux is a linux distribution for Wardrivers.

It is available on disk and bootable CD. Its main intended use is for systems administrators that want to audit and evaluate thier wireless network installations.

Should be handy for wardriving also.

SNARE (System iNtrusion Analysis and Reporting Environment) is a kernel patch, daemon, and Gnome2 GUI, that together provide a host intrusion detection facility and C2-style auditing/event logging capability for Linux similar to the Basic Security Module (BSM) for Solaris, or the Windows Event Log.
SNARE is divided into three key components:
The Kernel changes
In order to collect event log data, Snare needs to add auditing support into the operating system. You can choose to either install a binary version of the kernel, with Snare already integrated, or you can apply a patch to your kernel source.
Although we try hard to make Snare as easy to install as possible, there are hundreds of different distributions and kernel versions, and it would be an immense task to build Snare for each variant. We are hoping that recent efforts towards creating a native auditing subsystem for linux will soon mean that the kernel component of the Snare for Linux agent, will no longer be required.
The Snare Audit Daemon
The Snare audit daemon acts as an interface between the Linux kernel, and the security administrator. It allow you to turn on events, filter the output, and potentially push audit log information back to a central location for collection, analysis and archival.
The Snare Micro-Web Server, and Audit GUI
The Snare audit GUI provides a graphical user interface to the Snare audit daemon. It allows you to add, remove or modify audit objectives, and change reporting options.
The Micro-Web Server, is embedded in the audit daemon, and provides a very simple configuration capability that can be managed from your web browser.
Enhancements:
- Added support for compound matching elements (e.g. name=/etc/* name!=/etc/blah/*)
- Improved authentication support for remote control interface
- Updated SELinux policy (RHEL5 support)
- Improved automatic audit configuration using objective returncode detection to pre filter unnecessary records
- Fixed element matching error
- Fixed error in criticality reporting (e.g. criticality was always zero)
- Fixed race condition that could potentially clear all audit rules on restart
- Improved effeciency allowing a higher throughput
- Improved installer for easier deployment
- Disabled local logging by default

Qmail Auditor consists of a email auditing tool.
QMail Auditor provides simple a method for auditing emails. It is easy to configure and uses regular expressions as rules.
The format of audit file is :
Any e-mail (outbound or inbound) have passed at this filter.
The valids "field header"(s) :
all - field from or to of e-mails
to - field to
from - field from
In case of regular expression you read the
# man re_format
# man regex
E-mail to forward is a valid mail account to redirect.
Example of this :
from nelio@walk.* auditoria@spyware.walk.com.br
to nelio@spyware.* auditoria@spyware.walk.com.br
Enhancements:
- Now the config file name has renamed.
- From audit (in /var/qmail/control for /var/qmail/control/auditor) and qmail-queue-real-audit for qmail-queue-real-auditor.

ngacl project is an effort to give Linux and its filesystems a full blown ACL system, similar to that used by NFSv4 and Windows.
With this software, you have 13 different access rights, dynamic inheritance, and audit ACLs. The implementation is filesystem-independent because the kernel parts are an LSM module.
In addition, there is a Samba-VFS module that enables you to alter ACLs with the Windows ACL editor.
Enhancements:
- This release adds working audit ACLs, stability, and semantic enhancements.