Check_MK is a complex addon for Nagios/Icinga and consists of three subprojects. The check and inventory system Check_MK is a general purpose Nagios plugin for retrieving data. It adopts a new approach for collecting data and obsoletes NRPE, check_by_ssh, NSClient, and check_snmp. It features a significant reduction of CPU use on the Nagios host and automatic inventory of items to be checked, and is especially useful with larger Nagios installations. "MK Livestatus" gives immediate and fast access to live and historic Nagios status data. It's a supported backend for many addons including NagVis, NagiosBP, and Thruk. "Check_MK Multisite" is a feature complete replacement for the Nagios GUI, and uses MK Livestatus as a backend. It is very fast, and supports efficient distributed monitoring.
Endian Firewall is an all-in-on Linux security distribution that turns any system into a full-featured security appliance. It features a stateful packet inspection firewall, application-level proxies for various protocols (HTTP, POP3, SMTP), anti-virus support, virus and spam filtering for email traffic (POP and SMTP), content filtering of Web traffic, and a "hassle free" VPN system based on OpenVPN.
fwsnort translates snort rules into an equivalent iptables ruleset. By making use of the iptables string match module, fwsnort can detect application layer signatures which exist in many snort rules. fwsnort adds a --hex-string option to iptables, which allows snort rules that contain hex characters to be input directly into iptables rulesets without modification. In addition, fwsnort makes use of the IPTables::Parse Perl module in order to (optionally) restrict the snort rule translation to only those rules that specify traffic that could potentially be allowed through an existing iptables policy.
DansGuardian is a Web content filtering proxy that uses Squid to do all the fetching. It filters using multiple methods including, but not limited to, phrase matching, file extension matching, MIME type matching, PICS filtering, and URL/domain blocking. It has the ability to switch off filtering by certain criteria including username, domain name, source IP, etc. The configurable logging produces a log in an easy to read format. It has the option to only log text-based pages, thus significantly reducing redundant information (such as every image on a page).
darkstat is an ntop-workalike network statistics gatherer. It runs as a background process on a cable or DSL router, uses libpcap to capture network traffic, and has a Web interface that serves up reports of statistics such as data transferred by host, port, and protocol. It also has a neat bandwidth usage graph.
Cacti is a complete frontend to RRDTool. It stores all of the necessary information to create graphs and populate them with data in a MySQL database. The frontend is completely PHP driven. Along with being able to maintain graphs, data sources, and round robin archives in a database, Cacti also handles the data gathering. There is SNMP support for those used to creating traffic graphs with MRTG.
aircrack-ng is a set of tools for auditing wireless networks. It's an enhanced/reborn version of aircrack. It consists of airodump (an 802.11 packet capture program), aireplay (an 802.11 packet injection program), aircrack (static WEP and WPA-PSK cracking), airdecap (decrypts WEP/WPA capture files), and some tools to handle capture files (merge, convert, etc.).