Snort is a network intrusion detection and prevention system. It is the most widely deployed technology of its kind in the world. It performs detection using a variety of methods including rules-based detection, anomaly detection, and heuristic analysis of network traffic. Its rules language is open source and available to the public as well.
FTimes is a system baselining and evidence collection tool. Its primary purpose is to gather and/or develop topographical information and attributes about specified directories and files in a manner conducive to intrusion and forensic analysis. It was designed to support the following initiatives: content integrity monitoring, incident response, intrusion analysis, and computer forensics.
Zfswatcher is ZFS storage pool monitoring and notification daemon. It periodically inspects the zpool status and sends configurable notifications on status changes such as disk failures. It also controls the disk enclosure LEDs. There is an embedded Web interface for displaying status and logs.
Andrisoft WANSIGHT is a fully featured network traffic analyzer and collector. It provides in-depth traffic analysis, traffic accounting, and bandwidth monitoring, and enables you to generate complex traffic reports, graphs, and tops, instantly pin down the cause of network incidents, understand patterns in application performance, and make the right capacity planning decisions. It supports 10GbE packet sniffing and NetFlow, sFlow, and IPFIX.
MIB Smithy SDK is a dynamic extension to Tcl/Tk (8.4+) that allows development of custom scripts for controlling SNMP agents, manipulating SMI definitions, doing conversions, and more. It is based on the core of Muonics' MIB Smithy, and the SDK supports SMIv1 and SMIv2, as well as SNMPv1/v2c/v3 with HMAC-SHA-96 and HMAC-MD5-96 authentication and DES/CBC and AES128/CFB privacy. It also provides complete read-write access to all elements of SMI/MIB Module definitions, unlike similar extensions that provide only read access to a limited subset. The SDK allows multiple discrete SMI databases and SNMP sessions, and provides all of the built-in validation and error recovery capabilites of the full product, without the visual MIB development environment.
Shinken is an advanced monitoring system that is based on Nagios, but redesigned and rewritten from scratch while maintaining compatibility. It can monitor all IT devices from systems to end user applications. In case of a failure, Shinken can alert the operation engineers so they can promptly repair it. It has the same capabilities as Nagios along with more advanced built-in facilities such as load balanced and high availability monitoring.