Bandwidth Monitor NG is a small console-based live network and disk I/O bandwidth monitor for Linux, BSD, Solaris, Mac OS X, and others. It supports /proc/net/dev, netstat, getifaddr, sysctl, kstat, /proc/diskstats, /proc/partitions, IOKit, devstat, and libstatgrab. An unlimited number of interfaces and disks are supported. Interfaces and disks are added or removed dynamically from the list. You can white or blacklist interfaces and disks. The output includes KB/s, Kb/s, packets, errors, average, max, and total sum, and can be viewed via curses, a plain console, CSV, or HTML. Configuration can be done through a config file or the command line.
DansGuardian is a Web content filtering proxy that uses Squid to do all the fetching. It filters using multiple methods including, but not limited to, phrase matching, file extension matching, MIME type matching, PICS filtering, and URL/domain blocking. It has the ability to switch off filtering by certain criteria including username, domain name, source IP, etc. The configurable logging produces a log in an easy to read format. It has the option to only log text-based pages, thus significantly reducing redundant information (such as every image on a page).
FTimes is a system baselining and evidence collection tool. Its primary purpose is to gather and/or develop topographical information and attributes about specified directories and files in a manner conducive to intrusion and forensic analysis. It was designed to support the following initiatives: content integrity monitoring, incident response, intrusion analysis, and computer forensics.
fupids2 is a so-called human oriented IDS based on the FUPIDS project. fupids2 calculates an attacker level for every user on all Unix/Linux/BSD systems in the network. It looks at the behavior of the user (the programs the user uses, the daytime the user is active, the building and room the user uses, the part of the room in which the user sits, and so on) and reports if the user engages in behavior that is unusual for that person. This method can often detect accounts overtaken by attackers.
Ganglia is a scalable distributed monitoring system for high-performance computing systems such as clusters and grids. It is based on a hierarchical design targeted at federations of clusters. Ganglia is currently in use on over 500 clusters around the world and has scaled to handle clusters with 2000 nodes.
Internode Nodemap is a network visualization tool. Using SNMP, it gathers a periodic snapshot of the current state of the network. Then, under instructions from its config file, it plots a series of "maps" of the network over the top of GIF images in the Web server's document root, using color and HTML CSS to indicate potential performance or reliability problems. The maps are hierarchical "drill-down" views of the network. The top-level map is a summary which can be clicked on to reveal specific details; these more specific maps can also have additional maps nested within.
LFT (Layer Four Traceroute) is a sort of "traceroute" that often works much faster than the commonly-used Van Jacobson method and goes through many configurations of packet-filter based firewalls. More importantly, LFT implements numerous other features, including TCP, UDP, or ICMP-based traces, AS number lookups through several reliable sources, loose source routing, netblock name lookups, and more. LFT also distinguishes between layer-4 protocols, which make its statistics slightly more realistic, and gives a savvy user the ability to trace protocol routes, not just layer-3 hops.
MIB Smithy is an application for SNMP and COPS developers, MIB and PIB designers, and Internet-draft authors. It provides a GUI-based environment for designing, editing, and compiling MIB and PIB modules according to the SMIv1, SMIv2, and COPS-PR-SPPI standards. It accelerates the development process by providing an easy-to-use GUI-based environment for developing the specifications without the syntax and formatting concerns of editing the modules by hand. It includes a number of built-in basic SNMP management tools, XML support, and (with MIB Smithy Professional) support for custom compiler output formats.