Angst is an active sniffer, based on libpcap and libnet. It dumps into a file the payload of all the TCP packets received on the specified ports. It implements two methods for active sniffing. Angst is able to monitor ARP requests, and after enabling IP forwarding on the local host, it sends ARP replies mapping all IPs to the local MAC address. Also, it can flood the local network with random MAC addresses (like macof), causing switches to send packets to all ports.
asapm is an AfterStep look & feel Advanced Power Management (APM) monitor for laptop and notebook PCs running Linux or FreeBSD/NetBSD/OpenBSD and X Windows. It displays charge left in the battery, the time left to the total discharge of the battery, computer is connected to the mains or is working on a battery and the battery status high/low/critical.
bcnu is a Web-based system management tool which delivers information on the status of networked systems in a simple and easy-to-use manner. It uses a web browser to display information about hosts in a tabular form. Historical information can be held indefinitely, and there is a powerful query tool available to interrogate it. Client systems can run an agent which logs information back to a central system. An agent scheduler is integrated to allow agents to be run at different intervals. Standard agents include ftp, http, disk space, logfiles, processes, and more.
Big Brother is a combination of monitoring methods. Unlike SNMP where information is just collected and devices polled, Big Brother is designed in such a way that each local system broadcasts its own information to a central location. Simultaneously, Big Brother also polls all networked systems from a central location. This creates a highly efficient and redundant method for proactive network monitoring.
DansGuardian is a Web content filtering proxy that uses Squid to do all the fetching. It filters using multiple methods including, but not limited to, phrase matching, file extension matching, MIME type matching, PICS filtering, and URL/domain blocking. It has the ability to switch off filtering by certain criteria including username, domain name, source IP, etc. The configurable logging produces a log in an easy to read format. It has the option to only log text-based pages, thus significantly reducing redundant information (such as every image on a page).
fwlogwatch is a packet filter and firewall log analyzer with support for Linux ipchains, Linux netfilter/iptables, Solaris/BSD/HP-UX/IRIX ipfilter, Cisco IOS, Cisco PIX/ASA, Netscreen, Elsa Lancom router, and Snort IDS log files. It can output its summaries in text and HTML and has a lot of options. fwlogwatch also features a realtime anomaly response capability with a Web interface.