sipsak is a command line tool for performing various tests on Session Initiation Protocol (SIP) applications and devices. It can make several different tests, send the contents of a file, and interpret and react on the responses. It supports (de-) registration with given contact URIs and digest authentication.
bandwidthd tracks usage of TCP/IP network subnets and builds HTML files with graphs to display network utilization. Charts are built by individual IP to show their utilization over 2, 8, 45, and 400 day periods. It color codes HTTP, HTTPS, TCP,UDP, ICMP, VPN, and P2P traffic. Unlike MRTG, it tracks each individual IP address and subnets, not the status of any particular link. Static mode is fast and easy to set up and has few dependencies. Database mode supports filtering by subnet, multiple sensors, custom reports and intervals, and can process thousands of IPs efficiently. Network utilization can be logged in CDF or a backend database.
Webfwlog is a Web-based firewall log reporting and analysis tool. It allows users to design reports to use on logged firewall data in whatever configuration they desire. Included are sample reports as a starting point. Reports can be sorted with a single click, or "drilled-down" all the way to the packet level, and saved for later use. Supported log formats are netfilter, ipfilter, ipfw, ipchains, and Windows XP. Netfilter support includes ulogd MySQL or PostgreSQL database logs using the iptables ULOG target.
Weplab is a tool to review the security of WEP encryption in wireless networks from an educational point of view. Several attacks are available, so it can measure the effectiveness and minimum requirements of each one. Currently, weplab supports several methods, and it is able to crack the WEP key from 600,000 encrypted packets.
StdioTunnel allows you to tunnel arbitrary TCP connections through any shell access connection. If the connection provides a clear 8-bit data path and allows you to start programs, you can use it with StdioTunnel. It tunnels TCP connections in much the same way SSH does, but is useful in particular cases where SSH port forwarding is disabled, and it does not require running or changing the configuration of any server processes on either side of the connection.
coNCePTuaL is a domain-specific programming language for rapidly generating programs that measure the performance and/or test the correctness of networks and network protocol layers. A few lines of coNCePTuaL code can produce programs that would take significantly more effort to write in a conventional programming language.
Rateless-coded Transport is a set of applications that use ground-breaking error correcting codes technology. They support fast reliable transmission over UDP, live content streaming and Internet multicast trees, duplex firewall transparency, ultra-fast reliable transport for WANs (up to 40-times faster than TCP), and optimal peer-to-peer multi-source download protocols.
mwcollect is an easy solution to collect worm-like malware in a non-native environment like FreeBSD or Linux. The first versions were used to collect binaries for botnet monitoring, and bots are still what it is mostly collecting. Some people consider it a next generation honeypot; however, that comparison often leads to the misunderstanding that computers running mwcollect can actually be infected with the malware, which is not the case.
ldp (LDAP Distributed Profile) will read a user-specific shell profile (.profile) from an LDAP directory server upon login, allowing users (including multiple people operating as root) to always have the same settings irrespective of which machine they are working on. ldp also operates correctly when logging in via SSH via public key auth.