OsGate.org Logo

Useful network software - sniffer ids monitoring port reverse proxy load balancing cluster

Networks Networks

Date 30.01.2012

Visits 4155

"This OpenCont aims to provide a list of useful software for network purposes. "

Preface

This list of software has been thought as a reminder, so that during the years we don't forget the software that we have used. I encourage you try every single software listed below because each has something fabulous.

This list can change during the time.

Software list

 Category Name Description Usage Link
IDS Snort One of the most famous intrusion detection system (probably the most famous). Command line http://www.snort.org/
Monitoring arpwatch Tool used to monitor ARP traffic on a network. It generates a list of pair MAC-IP address and its purpose is to send an alter when a pair changes or when a new one is detected. Command line  -
  Cacti Cacti is a networking solution used to draw network graphs by using the RRDtool standard. It comes with a nice web interface. Web interface http://www.cacti.net/
  Monit Monit is a lightweight monitoring solution. It is able to check for example, for file mode change or when a process is stopped. Web interface http://mmonit.com/
  mrtg The Multi Router Traffic Grapher can monitor all network SNMP devices and draw graphs. Command line http://oss.oetiker.ch/mrtg/
  Nagios Nagios, as defined from their website, is the "standard in IT infrastrucutre monitoring". It is able to show problems/errors in your network infrastrucutre. Web interface http://www.nagios.org/ 
  ntop Ntop is similar to the top command, the only difference is that it monitors network instead of processes. Web interface http://www.ntop.org/
  OSSIM A collection of various security software (nessus, snort, nagios, etc...). OSSIM is a web-based security suite that combines the feature of these programs in order to offer a different (and better) monitoring experience. Web interface http://www.alienvault.com/community 
  pfstat A small utility to draw network usage graphs. Command line http://www.benzedrine.cx/pfstat.html 
  Zenoss core Zenoss core is able to monitor a lot of network aspects (availability,events, ....). It is also able to monitor particulare resources such as temperature sensors or power supplies. Web interface http://community.zenoss.org/index.jspa
Vulnerability Scanner Nessus Nessus is probably the most known vulnerability scanner. It's a proprietary software but is free for non-enterpise use. Standalone GUI http://www.tenable.com/products/nessus
  Nikto A scanner for web servers capable to performs depth analysis. It's written in PERL. Command line http://cirt.net/nikto2
Fingerprinting p0f P0f is a fingerprint utility used to identify the entities on a TCP/IP communication. Command line http://lcamtuf.coredump.cx/p0f3/
Port Knocking knockd A port-knock server that listen for a specific port sequence ("knock") in order to open another port. Used for example to log in a firewall from a remote location. Command line http://www.zeroflux.org/projects/knock
Sniffing dsniff A powerful collection of various tools used to sniff, as their web site says, "interesting data". Command line http://monkey.org/~dugsong/dsniff/
  tcpdump A venerable utility used to sniff network traffic by using the command line. Command line http://www.tcpdump.org/
  wireshark The most famous GUI based sniffer. Standalone GUI http://www.wireshark.org/
Proxy / Reverse Proxy apache The most used web server on the web has proxy/reserve proxy capabilities too. Command line http://httpd.apache.org/
  nginx Small and reliable web server with a lot of functionalities. It can act as proxy/reverse proxy. Command line http://nginx.org/
  privoxy Privoxy is a proxy with an important set of characteristics like filtering or access control. Often used with TOR. Command line http://www.privoxy.org/
Redundancy and Load Balance CARP CARP is a protocol and its implementaion is mostly found in BSD systems. If you want to build a reliable cluster CARP represent a quick and reliable solution. Command line http://en.wikipedia.org/wiki/Common_Address_Redundancy_Protocol 
  Heartbeat Heartbeat is a cluster solution mainly used to build the infrastrucutre of a cluster. It is used along other software (e.g: Pacemaker) in order to bring a better cluster experience. Command line http://linux-ha.org/wiki/Heartbeat
  DRDB DRDB offers a cluster solution for block devices in order to form an high-availability solution. Command line http://www.drbd.org/