EtherApe is a GNOME/pcap-based etherman, interman, and "tcpman" clone. It displays network activity graphically. Active hosts are shown as circles of varying size, and traffic among them is shown as lines of varying width. It supports Ethernet, FDDI, Token Ring, ISDN, PPP, WLAN, and SLIP transports. It knows about VLANs, IP, IPv6, TCP, UDP, FTP, and a number of other protocols. Additional statistics windows will let you concentrate on protocols or nodes.
jWatchdog delivers a simple watchdog to actively monitor your infrastructure and send you notifications in case something goes wrong. It is configured using a simple XML configuration file. This configuration file can be changed on-the-fly without a need to restart the watchdog. jWatchdog does not offer data collection itself. It assumes that you already collected the data on which you want to run jWatchdog. The de facto standard tool Collectd is recommended for data collection. jWatchdog assumes that you use the RRDTool collectd output plugin to store the collected data in RRD files, or use Graphite as a datasource.
PHREL is a per host rate limiter. It will track the rate of incoming traffic on a server and insert a chain into iptables when a configured threshold is crossed. The inserted chain may either rate limit or block the offending host for a period of time. The inserted chain is automatically removed when the offending host's traffic levels return to normal. PHREL is particularly well suited to protecting nameservers (DNS) from random hosts that flood requests, and to preventing SSH brute force login attempts.
Trojan scan is a simple shell script that allows for simple but relatively effective checking for trojans, rootkits and other malware that may be using your server and network for unwanted (and possibly illegal) purposes. It works by listing all processes that use the Internet with the lsof command (using -Pni flags). This list is then transformed into signatures in the form of process_name:port_number:user. These signatures then are matched against the allowed process defined in the configuration. If any signatures of running processes are found that do not match the allowed signatures, an email report is sent including ps, ls, and optional lsof output.
Observium is an autodiscovering network monitoring system focused primarily on Cisco and Linux networks but includes support for a wide range of network hardware and operating systems. Observium has grown out of a lack of easy to use NMSes. It is intended to provide a more navigable interface to the health and performance of your network. Its design goals include collecting as much historical data about devices as possible, being completely autodiscovered with little or no manual intervention, and having a very intuitive interface.