ZABBIX is an enterprise-class distributed monitoring solution designed to monitor and track performance and availability of network servers, devices, and other IT resources. It supports distributed and Web-based monitoring, auto-discovery, real-time monitoring, SLA assurance, trending, and more.
aircrack-ng is a set of tools for auditing wireless networks. It's an enhanced/reborn version of aircrack. It consists of airodump (an 802.11 packet capture program), aireplay (an 802.11 packet injection program), aircrack (static WEP and WPA-PSK cracking), airdecap (decrypts WEP/WPA capture files), and some tools to handle capture files (merge, convert, etc.).
Endian Firewall is an all-in-on Linux security distribution that turns any system into a full-featured security appliance. It features a stateful packet inspection firewall, application-level proxies for various protocols (HTTP, POP3, SMTP), anti-virus support, virus and spam filtering for email traffic (POP and SMTP), content filtering of Web traffic, and a "hassle free" VPN system based on OpenVPN.
360-FAAR (Firewall Analysis Audit and Repair) is an offline, command line, Perl firewall policy manipulation tool to filter, compare to logs, merge, translate, and output firewall commands for new policies, in Checkpoint dbedit, Cisco ASA, or ScreenOS commands. It is all contained in one file. It can read policy and logs for: Checkpoint FW1 (in odumper.csv / logexport format), Netscreen ScreenOS (in get config / syslog format), and Cisco ASA (show run / syslog format). It uses both inclusive and exclusive CIDR and text filters, permitting you to split large policies into smaller ones for virutalization at the same time as removing unused connectivity. It supports policy to log association, object translation, rulebase reordering and simplification, rule moves, and duplicate matching automatically. It allows you to seamlessly move rules to where you need them. 'print' mode creates a spreadsheet for your audit needs with one command.
LibreNMS is an autodiscovering PHP/MySQL-based network monitoring system forked from Observium. It aims to be easy to use and painless to deploy, and to support monitoring of a wide range of devices. Observium's license changed to a modified QPL license in May 2012, then was split into free and commercial versions. The aim of LibreNMS is to continue to create a usable NMS, but with a community focus and GPL licensing.
CoralReef is a comprehensive software suite developed by CAIDA for collecting and analyzing data from passive Internet traffic monitors in real time or from trace files. The package also includes programming APIs for C and Perl, and applications for capture, analysis, and Web report generation.
MIB Smithy SDK is a dynamic extension to Tcl/Tk (8.4+) that allows development of custom scripts for controlling SNMP agents, manipulating SMI definitions, doing conversions, and more. It is based on the core of Muonics' MIB Smithy, and the SDK supports SMIv1 and SMIv2, as well as SNMPv1/v2c/v3 with HMAC-SHA-96 and HMAC-MD5-96 authentication and DES/CBC and AES128/CFB privacy. It also provides complete read-write access to all elements of SMI/MIB Module definitions, unlike similar extensions that provide only read access to a limited subset. The SDK allows multiple discrete SMI databases and SNMP sessions, and provides all of the built-in validation and error recovery capabilites of the full product, without the visual MIB development environment.
ntopmg is a network probe that shows network usage in a way similar to what top does for processes. It acts as a Web server, creating an HTML dump of the network status. It sports a flow collector, an HTTP-based client interface for creating ntop-centric monitoring applications, and RRD for persistently storing traffic statistics. Its C++ core can be scripted in Lua, for changing the appearance and extending functionality.
C-ICAP Classify is a module that allows classification (labeling) of Web pages, images, and soon video based on content. Labels are placed in HTTP headers. Any PIC-Label META tags are exported into HTTP headers. This allows for creation of very flexible filters according to rules defined by the user, using the ICAP enabled proxy's ACLs. It is not a URL filter, so implementing it with sslBump or similar proxy technologies makes it very difficult to bypass. Text classification is done using Fast Hyperspace (based on Hyperspace from CRM114) and/or a Fast Naive Bayes. Image and video (when implemented) use haar feature detection from the OpenCV library.