Snort is a network intrusion detection and prevention system. It is the most widely deployed technology of its kind in the world. It performs detection using a variety of methods including rules-based detection, anomaly detection, and heuristic analysis of network traffic. Its rules language is open source and available to the public as well.
GKrellM is a GTK-based stacked monitor program that charts SMP CPUs, disks, load, active net interfaces, and internet connections. There are also builtin monitors for memory and swap, file systems with mount/umount feature, mailbox checking including POP3 and IMAP, clock/calendar, laptop battery, sensors (temperatures, voltages, and fans), and uptime. It has LEDs for the net monitors and an on/off button and online timer for PPP. There is a GUI popup for configuration, plugin extensions can be installed, and many themes are available. It also features a client/server monitoring capability.
The GNU Gatekeeper is a free H.323 gatekeeper based on the OpenH323 project. You can use it to manage a Voice-over-IP network and let endpoints (e.g., Netmeeting) communicate through symbolic names. It also has an external interface for billing and other applications. It runs on a number of Unix versions (including Linux and Solaris) and Windows.
OpenVPN is a robust and highly configurable VPN (Virtual Private Network) daemon which can be used to securely link two or more private networks using an encrypted tunnel over the Internet. OpenVPN's principal strengths include wide cross-platform portability, excellent stability, support for dynamic IP addresses and NAT, adaptive link compression, single TCP/UDP port usage, a modular design that offloads most crypto tasks to the OpenSSL library, and relatively easy installation that in most cases doesn't require a special kernel module.
Ettercap is a network sniffer/interceptor/logger for ethernet LANs. It supports active and passive dissection of many protocols (even ciphered ones, like SSH and HTTPS). Data injection in an established connection and filtering on the fly is also possible, keeping the connection synchronized. Many sniffing modes were implemented to give you a powerful and complete sniffing suite. Plugins are supported. It has the ability to check whether you are in a switched LAN or not, and to use OS fingerprints (active or passive) to let you know the geometry of the LAN.
aircrack-ng is a set of tools for auditing wireless networks. It's an enhanced/reborn version of aircrack. It consists of airodump (an 802.11 packet capture program), aireplay (an 802.11 packet injection program), aircrack (static WEP and WPA-PSK cracking), airdecap (decrypts WEP/WPA capture files), and some tools to handle capture files (merge, convert, etc.).
Big Brother is a combination of monitoring methods. Unlike SNMP where information is just collected and devices polled, Big Brother is designed in such a way that each local system broadcasts its own information to a central location. Simultaneously, Big Brother also polls all networked systems from a central location. This creates a highly efficient and redundant method for proactive network monitoring.
bandwidthd tracks usage of TCP/IP network subnets and builds HTML files with graphs to display network utilization. Charts are built by individual IP to show their utilization over 2, 8, 45, and 400 day periods. It color codes HTTP, HTTPS, TCP,UDP, ICMP, VPN, and P2P traffic. Unlike MRTG, it tracks each individual IP address and subnets, not the status of any particular link. Static mode is fast and easy to set up and has few dependencies. Database mode supports filtering by subnet, multiple sensors, custom reports and intervals, and can process thousands of IPs efficiently. Network utilization can be logged in CDF or a backend database.