A number of additional utilities provide services you'll find useful when you build and maintain your firewall.
See the discussion of the TIS FWTK in the "Authentication Tools" section of this appendix.
ftp://ftp.win.tue.nl/pub/security/
ftp://coast.cs.purdue.edu/pub/tools/unix/tcp_wrappers/
With this package, from Wietse Venema, you can monitor and filter incoming requests for servers started by inetd. These servers include FTP, Telnet, finger, rlogin, rsh, SMTP, HTTP, and others.
ftp://ftp.win.tue.nl/pub/security/
ftp://coast.cs.purdue.edu/pub/tools/unix/chrootuid
chrootuid, from Wietse Venema, makes it easy to run a network service at a low privilege level and with restricted filesystem access. The program can be used to run Gopher, HTTP, WAIS, and other network daemons in a minimal environment: the daemons have access only to their own directory tree and run under a low-privileged userid. The arrangement greatly reduces the impact of possible security problems in daemon software.
ftp://sierra.stanford.edu/pub/sources/swatch.tar.gz
ftp://coast.cs.purdue.edu/pub/tools/unix/swatch/
SWATCH, by Todd Atkins of Stanford University, is the Simple Watcher. It monitors log files created by syslog, and allows an administrator to take specific actions (such as sending an email warning, paging someone, etc.) in response to logged events and patterns of events.
trimlog, by David A. Curry, is a program that helps you manage log files. It reads a configuration file to determine which files to trim, how to trim them, how much they should be trimmed, and so on. The program helps keep your logs from growing until they consume all available disk space.