fwknop implements an authorization scheme called Single Packet Authorization that requires only a single encrypted packet to communicate various pieces of information, including desired access through an iptables, ipfw, or pf firewall policy and/or specific commands to execute on the target system. The main application of this program is to protect services such as SSH with an additional layer of security in order to make the exploitation of vulnerabilities much more difficult. The authorization server works by passively monitoring authorization packets via libpcap. Also supported is a robust port knocking implementation based around iptables log messages.
Performance Co-Pilot (PCP) is a framework and set of services for supporting system-level performance monitoring and performance management. It provides a unifying abstraction for all of the interesting performance data in a system, and allows client applications to easily retrieve and process any subset of that data using a single API. A client-server architecture allows multiple clients to monitor the same host, and a single client to monitor multiple hosts. Archive logging and replay are integrated so that a client application can use the same API to process real-time data from a host or historical data from an archive.
Angel is a simple yet useful tool to monitor the services on your network. Technically speaking, it's a Perl program that runs every 'n' minutes (usually fired from your cron) and calls different perl subprograms (referred to as "plugins" from now on) to do the actual testing. It will then generate an HTML table containing the status of your network.
Network Time Tools (NTT) is a set of network tools designed to provide monitoring of a network and the services on that network, and provide various reports on the hosts/services and optional alerts via email, pager, and cellphones. It comes with a protocol scanner, a bandwidth measurement tool, and a CGI front end that can handle a regular browser or WAP-enabled cellphones via WML.
The Spoofaudit network auditing tool will help you to determine what basic spoofing filters (rfc2827 & rfc3013) are present between two test points on two networks, and what anti-spoofing filters are missing. The tools are designed to work between endpoints that would not normally have filtering between them except anti-spoofing filters.
Saswire is a Perl program which generates a database in SDBM format containing the modification time, MD5 checksum, size, and creation time for a list of files specified in a input file. It is designed to check for unwanted modifications of Unix system binaries if security is compromised.