If you’re looking for real-time network statistics, check out the terrific ntop tool (http://www.ntop.org). It is a full-featured protocol analyzer with a web frontend, complete with SSL and graphing support. Unfortunately, ntop isn’t exactly lightweight (the precise amount of resources required depend on the size of your network and the volume of network traffic), but [...]

AIDE (Advanced intrusion detection environment) is an intrusion detection program. More specifically a file integrity checker.
AIDE constructs a database of the files specified in AIDE.conf, AIDE’s configuration file. The AIDE database stores various file attributes including: permissions, inode number, user, group, file size, mtime and ctime, atime, growing size, number of links and link [...]

Process accounting allows you to keep detailed logs of every command a user runs, including CPU time and memory used. From a security standpoint, this means the system administrator can gather information about what user ran which command and at what time. This is not only very useful in assessing a break-in or local root [...]