Open Source Linux Network Monitoring Software - Page 7

** As of Snort 2.9.7.6, we are longer releasing Snort on SourceForge. Please head to http://www.snort.org from now on!** **As of June 2017, the mailing lists are no longer on SourceForge, and have moved to https://lists.snort.org** Snort is a libpcap-based sniffer/logger which can be used as a network intrusion detection and prevention system. It uses a rule-based detection language as well as various other detection mechanisms and is highly extensible.

Two Packages: (1) Command line network monitoring tool that sniffs packets for a fixed time and then reports total byte and packet counts for each connection (ip/port pairs and protocol). (2) Web reports based on collected data from one.

Knocker is a simple, versatile, and easy-to-use TCP security port scanner written in C, using threads. It is able to analyze hosts and the network services which are running on them. It is available for Linux, FreeBSD, Unix, and Windows95/98/2000.

Lilith is a logging and access event viewer for Logback, log4j & java.util.logging. It has features comparable to Chainsaw for log4j. This means that it can receive logging events from remote applications using Logback as their logging backend

Operative Systems Suported are: Linux-ubuntu, kali-linux, backtack-linux (un-continued), freeBSD, Mac osx (un-continued) Netool its a toolkit written using 'bash, python, ruby' that allows you to automate frameworks like Nmap, Driftnet, Sslstrip, Metasploit and Ettercap MitM attacks. this toolkit makes it easy tasks such as SNIFFING tcp/udp traffic, Man-In-The-Middle attacks, SSL-sniff, DNS-spoofing, D0S attacks in wan/lan networks, TCP/UDP packet manipulation using etter-filters, and gives you the ability to capture pictures of target webbrowser surfing (driftnet), also uses macchanger to decoy scans changing the mac address. Rootsector module allows you to automate some attacks over DNS_SPOOF + MitM (phishing - social engineering) using metasploit, apache2 and ettercap frameworks. Like the generation of payloads, shellcode, backdoors delivered using dns_spoof and MitM method to redirect a target to your phishing webpage. recent as introducted the scanner inurlbr (by cleiton)

This application is developed in Java Swing Framework and here the user can select which network to monitor (displays bandwidth usage speed & network data usage). This Application also have a system tray icon support so that User can view and control the application activities via the system tray Icon Changelog: 2016 April 14th – Version 1.9 - Smashed some bugs - User can now save the log when exiting the application. Upcoming Updates: - Enhance the log functionality.

LDAP Directory Server Monitoring tool with focus on 389 DS / Red Hat / Sun / Oracle ODSEE and Open LDAP. IBM Tivoli and Novell eDirectory. Other Directory Services are also supprted.

A set of Nagios plugins using snmp to monitor hosts and network equipement.

A verbose packet sniffer that displays a great amount of detail on each packet it reads, including application layer fields.

This is a set of perl and php scripts that are used to collect, process, store and display netflow data.

NFSwatch lets you monitor NFS requests to any given machine, or the entire local network. It mostly monitors NFS client traffic (NFS requests); it also monitors the NFS reply traffic from a server in order to measure the response time for each RPC.

Common network dump analyzer tool to extract application data and pretty show. It reassembles and shows HTTP/SMTP/POP3/IMAP etc files. Please donate if you want this to be a candy.

WebInject is a tool for automated testing of web applications and web services. It can be used to test system components with HTTP interfaces, as a test harness to create a suite of functional and regression tests, or for service-level monitoring.

Wmping is a simple usefull program that allows to check host status in your network environment. It can be used for monitoring servers in the network.

Series Documents: Netkiller Linux ,Ubuntu, CentOS, FreeBSD, Shell ; Netkiller Developer, Version Control ; Netkiller Database, LDAP ; Netkiller Architect ; Netkiller Security ; Netkiller Cisco IOS ; Netkiller Postfix

Snort_inline is a modified version of Snort. It accepts packets from iptables, instead of libpcap. It uses new rule types to tell iptables if the packet should be dropped or allowed to pass based on the Snort rules.

ipband a pcap based traffic monitor. It tallies per-subnet traffic and bandwidth usage and starts detailed logging if specified threshold for the specific subnet is exceeded.

IFStatus was developed for Linux users that are usually in console mode. It is a simple, easy to use program for displaying commonly needed / wanted statistics in real time about ingoing and outgoing traffic of multiple network interfaces.

Linux bandwidth monitor (bwmon) is yet another utility that measures bandwidth utiliazation per interface basis. It is coded in C and takes advantage of curses library. It runs only on Linux systems since the utility reads /proc/net/dev.

This is a Docsis cable modem diagnostic tool for Linux and FreeBSD, it can get information from Docsis 1.0 , 1.1 and 2.0 cable modems. It gathers information from the cable modem via SNMP and displays various cable parameters in real time.

RTG is a high-performance SNMP statistics monitoring system. Designed for service providers to collect large amounts of time-series SNMP data quickly. Data is inserted into a database to which RTG analysis, reporting and graphing applications interface

Distributed Nagios eXecutor (DNX) is comprised of, a NEB module, server, and client daemons which allow the check plug-ins to execute across multiple "worker nodes" in a load distribution cluster.

FlowDoh is an NFSEN (nfsen.sourceforge.net) plugin that can... * Provide a real-time dashboard of the top-talkers on your network * Send email alerts based on network activity thresholds * Allow quick drill-down into detailed flow information * Record historical values so you can know if the network traffic is normal (Planned feature) FlowDoh can be used for multiple purposes: * Find hacked servers on your network * Identify users who are hogging bandwidth (such as peer-to-peer file-sharing) * Create a baseline of network statistics about your servers (planned feature) FAQ: Q: Why is it called FlowDoh? A: Because "'Doh!" is what you will say after installing FlowDoh and finding that some of your servers are already hacked. Another possible answer is this acronym: Flow-Dashboard-Of-Hogs.

Simple Event Correlator (SEC) is a lightweight event correlator for network management, log file monitoring, security management, fraud detection, and other tasks which involve event correlation.

The program thrulay is used to measure the capacity, delay, and other performance metrics of a network by sending a bulk TCP or UDP stream over it.