Packages that monitor OS configs and service/ports?

I have several Redhat servers and workstations that I need to be able to monitor for any changes and be notified of any changes to the OS. The features I need to specifically monitor are:
ports - opening of new ports that are not already in a whitelist
services - any starting or attempts to start a service that is not in a whitelist.
users - any addition of new users or attempts to create a new user
system changes - any major change done to the OS in general.

Basically I need to be able to monitor the RHEL5 servers and workstations for any attempts to change their configs.

Does anyone know of a software package which does this kind of thing? I've found
several that do metrics but not any that are more specific to security monitoring.
Thanks for any ideas anyone can provide.

I guess there are, HP is big in this area, but you can write your own. For instance, you can have a shadow file of users and compare it to the current list, a shadow list of listeners and compare it to "netstat -an|grep LISTEN", on the cron, however often you want. What is a "service" in this context?