Useful network software - sniffer ids monitoring port reverse proxy load balancing cluster
Networks
30.01.2012
6948
"This OpenCont aims to provide a list of useful software for network purposes. "
Preface
This list of software has been thought as a reminder, so that during the years we don't forget the software that we have used. I encourage you try every single software listed below because each has something fabulous.
This list can change during the time.
Software list
| Category | Name | Description | Usage | Link |
| IDS | Snort | One of the most famous intrusion detection system (probably the most famous). | Command line | http://www.snort.org/ |
| Monitoring | arpwatch | Tool used to monitor ARP traffic on a network. It generates a list of pair MAC-IP address and its purpose is to send an alter when a pair changes or when a new one is detected. | Command line | - |
| Cacti | Cacti is a networking solution used to draw network graphs by using the RRDtool standard. It comes with a nice web interface. | Web interface | http://www.cacti.net/ | |
| Monit | Monit is a lightweight monitoring solution. It is able to check for example, for file mode change or when a process is stopped. | Web interface | http://mmonit.com/ | |
| mrtg | The Multi Router Traffic Grapher can monitor all network SNMP devices and draw graphs. | Command line | http://oss.oetiker.ch/mrtg/ | |
| Nagios | Nagios, as defined from their website, is the "standard in IT infrastrucutre monitoring". It is able to show problems/errors in your network infrastrucutre. | Web interface | http://www.nagios.org/ | |
| ntop | Ntop is similar to the top command, the only difference is that it monitors network instead of processes. | Web interface | http://www.ntop.org/ | |
| OSSIM | A collection of various security software (nessus, snort, nagios, etc...). OSSIM is a web-based security suite that combines the feature of these programs in order to offer a different (and better) monitoring experience. | Web interface | http://www.alienvault.com/community | |
| pfstat | A small utility to draw network usage graphs. | Command line | http://www.benzedrine.cx/pfstat.html | |
| Zenoss core | Zenoss core is able to monitor a lot of network aspects (availability,events, ....). It is also able to monitor particulare resources such as temperature sensors or power supplies. | Web interface | http://community.zenoss.org/index.jspa | |
| Vulnerability Scanner | Nessus | Nessus is probably the most known vulnerability scanner. It's a proprietary software but is free for non-enterpise use. | Standalone GUI | http://www.tenable.com/products/nessus |
| Nikto | A scanner for web servers capable to performs depth analysis. It's written in PERL. | Command line | http://cirt.net/nikto2 | |
| Fingerprinting | p0f | P0f is a fingerprint utility used to identify the entities on a TCP/IP communication. | Command line | http://lcamtuf.coredump.cx/p0f3/ |
| Port Knocking | knockd | A port-knock server that listen for a specific port sequence ("knock") in order to open another port. Used for example to log in a firewall from a remote location. | Command line | http://www.zeroflux.org/projects/knock |
| Sniffing | dsniff | A powerful collection of various tools used to sniff, as their web site says, "interesting data". | Command line | http://monkey.org/~dugsong/dsniff/ |
| tcpdump | A venerable utility used to sniff network traffic by using the command line. | Command line | http://www.tcpdump.org/ | |
| wireshark | The most famous GUI based sniffer. | Standalone GUI | http://www.wireshark.org/ | |
| Proxy / Reverse Proxy | apache | The most used web server on the web has proxy/reserve proxy capabilities too. | Command line | http://httpd.apache.org/ |
| nginx | Small and reliable web server with a lot of functionalities. It can act as proxy/reverse proxy. | Command line | http://nginx.org/ | |
| privoxy | Privoxy is a proxy with an important set of characteristics like filtering or access control. Often used with TOR. | Command line | http://www.privoxy.org/ | |
| Redundancy and Load Balance | CARP | CARP is a protocol and its implementaion is mostly found in BSD systems. If you want to build a reliable cluster CARP represent a quick and reliable solution. | Command line | http://en.wikipedia.org/wiki/Common_Address_Redundancy_Protocol |
| Heartbeat | Heartbeat is a cluster solution mainly used to build the infrastrucutre of a cluster. It is used along other software (e.g: Pacemaker) in order to bring a better cluster experience. | Command line | http://linux-ha.org/wiki/Heartbeat | |
| DRDB | DRDB offers a cluster solution for block devices in order to form an high-availability solution. | Command line | http://www.drbd.org/ |
Previous