SentryTools (ex-Abacus Project)
The Abacus Project suite consists of the following tools right now: Psionic Logcheck/LogSentry - This tool is a clone of a program that ships with the TIS Gauntlet firewall but has been changed in many ways to make it work nicely for normal system auditing.
Logcheck will automatically monitor your system logs and mail security violations to you on a periodic basis. Psionic PortSentry - PortSentry is a port scan detector that takes an active stance to shut down attacking hosts while notifying administrators and provides an easy configuration and startup. Attacking hosts are denied access to your host by dropping of local routes, dynamic packet filter changes, or adding the host to a TCP Wrappers hosts.deny file, all in real-time.
Psionic HostSentry - HostSentry is a host based intrusion detection tool that performs Login Anomaly Detection (LAD). This tool allows administrators to spot strange login behavior and quickly respond to compromised accounts and unusual behavior. HostSentry incorporates a dynamic database and actually "learns" the user login behavior. This behavior is then utilized by modular signatures to detect unusual events.
The Abacus Project has been bought by Cisco lately. The development of the product goes ahead as GPL and has moved on SourceForge: http://sourceforge.net/projects/sentrytools/ As far as I can tell, only PortSentry and LogSentry are present on SourceForge right now.