Ettercap is a network sniffer/interceptor/logger for ethernet LANs. It supports active and passive dissection of many protocols (even ciphered ones, like SSH and HTTPS). Data injection in an established connection and filtering on the fly is also possible, keeping the connection synchronized. Many sniffing modes were implemented to give you a powerful and complete sniffing suite. Plugins are supported. It has the ability to check whether you are in a switched LAN or not, and to use OS fingerprints (active or passive) to let you know the geometry of the LAN.
GKrellM is a GTK-based stacked monitor program that charts SMP CPUs, disks, load, active net interfaces, and internet connections. There are also builtin monitors for memory and swap, file systems with mount/umount feature, mailbox checking including POP3 and IMAP, clock/calendar, laptop battery, sensors (temperatures, voltages, and fans), and uptime. It has LEDs for the net monitors and an on/off button and online timer for PPP. There is a GUI popup for configuration, plugin extensions can be installed, and many themes are available. It also features a client/server monitoring capability.
Nets is a flexible and extensible network inventory and asset management system that works on all Unix and Windows platforms, and works with most SQL databases. Its complete GUI allows you to maintain details of your entire network, from network links down to interfaces and routers. It assists in provisioning, costing, reporting, and maintaining network details. It includes a network browser, an extension API, and plugins for IP address map visualisation, reports, schematics.
Snort is a network intrusion detection and prevention system. It is the most widely deployed technology of its kind in the world. It performs detection using a variety of methods including rules-based detection, anomaly detection, and heuristic analysis of network traffic. Its rules language is open source and available to the public as well.
netscript is a portable/multi-platform, lightweight TCP/UDP socket scripting system. It is intended to automate situations, built on a word-to-word ruleset response system. It includes wildcard support, character replacement, random replacement, argument inclusion, server timeout, initial send, display altering, multiple character dump formats, telnet protocol support, logging, program to socket dumping, executable ruleset support, reverse binding, module support, data truncation, data formatting, permission options, virtual hosting support, history storage, dynamic storage variables, directory placement, character omitting, timed rules, background support, syslog support, routing support, socket options, interactive mode, and graphical user interface support.
SecurityFocus ARIS Extractor is a sophisticated Intrusion Detection System (IDS) log analyzer and reporting system, integrated with the SecurityFocus ARIS web site. It allows administrators to upload Intrusion Detection System (IDS) logs to the SecurityFocus ARIS Web site, producing sophisticated reporting, and research attacks and events. By filtering out insignificant or benign data and converting it to a common (XML) format, ARIS extractor streamlines incident reporting for both security professionals and home users, allowing IDS operators to focus only on relevant attacks and incidents. It allows you to analyze and archive logged incidents, cross reference incidents/attacks with the SecurityFocus Vulnerability Database, look up contact information for offending IP addresses, generate personal incident statistics and reports, automatically identify and report important incidents, reduce the amount of time spent parsing IDS logs, and generate daily summary reports, delivered by email (optional). All of this is done without revealing any information that could be used to discern your identity. It can be configured to obfuscate IP addresses, names, and other pertinent details before submitting them to the ARIS Analyzer web site. It supports Snort, Cisco Secure IDS, Dragon, NetProwler, RealSecure, BlackICE Defender, and ICEPac.