Tenable Nessus is a world-leader in active vulnerability scanners. It features high-speed discovery, configuration auditing, asset profiling, sensitive data discovery, and vulnerability analysis of your security posture. Nessus scanners may be distributed throughout an entire enterprise, inside DMZs, and across physically separate networks. It is free of charge for personal use in a non-enterprise environment.
Snort is a network intrusion detection and prevention system. It is the most widely deployed technology of its kind in the world. It performs detection using a variety of methods including rules-based detection, anomaly detection, and heuristic analysis of network traffic. Its rules language is open source and available to the public as well.
Berkeley DB (libdb) is a programmatic toolkit that provides embedded database support for both traditional and client/server applications. It includes b+tree, queue, extended linear hashing, fixed, and variable-length record access methods, transactions, locking, logging, shared memory caching, database recovery, and replication for highly available systems. DB supports C, C++, C#, Java, PHP, and Perl APIs. It supports key-value pair (NoSQL), SQL, and Java Object formatted data. It is available for a wide variety of Unix platforms as well as QNX, Android, Mac OS X, and several varieties of Windows.
Monit is a utility for managing and monitoring processes, programs, files, directories, and devices on a Unix system. It conducts automatic maintenance and repair and can execute meaningful causal actions in error situations. It can be used to monitor files, directories, and devices for changes, such as timestamps changes, checksum changes, or size changes. It is controlled via an easy to configure control file based on a free-format, token-oriented syntax. It logs to syslog or to its own log file and notifies users about error conditions via customizable alert messages. It can perform various TCP/IP network checks, protocol checks, and can utilize SSL for such checks. It provides an HTTP(S) interface for access.
GKrellM is a GTK-based stacked monitor program that charts SMP CPUs, disks, load, active net interfaces, and internet connections. There are also builtin monitors for memory and swap, file systems with mount/umount feature, mailbox checking including POP3 and IMAP, clock/calendar, laptop battery, sensors (temperatures, voltages, and fans), and uptime. It has LEDs for the net monitors and an on/off button and online timer for PPP. There is a GUI popup for configuration, plugin extensions can be installed, and many themes are available. It also features a client/server monitoring capability.
GNU libmicrohttpd is a small C library for embedding HTTP server functionality into other applications. It is reentrant, fast, supports HTTP 1.1, and permits listening on multiple ports. The API is simple and still powerful enough to allow programmers to use the entire HTTP feature set. SSL/TLS support is available as an option.
Socat is a relay for bidirectional data transfer between two independent data channels. Each of these data channels may be a file, pipe, device (terminal or modem, etc.), socket (Unix, IP4, IP6 - raw, UDP, TCP), SSL, a client for SOCKS4, or proxy CONNECT. It supports broadcasts and multicasts, abstract Unix sockets, Linux tun/tap, GNU readline, and PTYs. It provides forking, logging, and dumping and different modes for interprocess communication. Many options are available for tuning socat and its channels. Socat can be used, for example, as a TCP relay (one-shot or daemon), as a daemon-based socksifier, as a shell interface to Unix sockets, as an IP6 relay, or for redirecting TCP-oriented programs to a serial line.
Suricata is an Intrusion Detection and Prevention (IDS/IPS) engine developed by the Open Information Security Foundation and its supporting vendors. The engine is multi-threaded and has native IPv6 support, file extraction capabilities, and many more features. It's capable of loading existing Snort rules and signatures, and supports many frontends through Barnyard2.