AIDE (Advanced Intrusion Detection Environment) is a file and directory integrity checker. It creates a database from the regular expression rules that it finds from the config file. Once this database is initialized it can be used to verify the integrity of the files. Several message digest algorithms are used. All of the usual file attributes can also be checked for inconsistencies.
fping is a ping-like program which uses the Internet Control Message Protocol (ICMP) echo request to determine if a target host is responding. fping differs from ping in that you can specify any number of targets on the command line, or specify a file containing the lists of targets to ping. Instead of sending pings to one target until it times out or replies, fping will send out a ping packet and move on to the next target in a round-robin fashion.
Heartbeat is a full-function high-availability system for Linux and other POSIX-like OSes. It monitors services and restarts them on errors. When managing a cluster (more than 1 machine), it will also monitor the members of the cluster and begin recovery of lost services in less than a second. It runs over serial ports and UDP broadcast/multicast, as well as OpenAIS multicast. It is easily adapted to different interconnect media and protocols. When used in a cluster, it can operate using shared disks, data replication, or no data sharing. Versions starting with 2.0 are comparable to any commercial HA package, providing resource monitoring, larger clusters, and detailed dependency information.
Mars is a simple, extensible, services-oriented network status monitor written in Java. It monitors a network by simulating client connections to Internet services and reporting when those services are not responding as expected. It is quick and easy to install and configure, which distinguishes it from more complex network monitoring tools. Mars monitors HTTP, HTTPS, SMTP, IMAP, POP3, FTP, SSH, and JDBC, and notifies via SMTP and XMPP "out of the box". Support for new protocols, notifications, and reporting mechanisms is easy to add via Java or XML.
ngrep strives to provide most of GNU grep's common features, applying them to the network layer. ngrep is a pcap-aware tool that will allow you to specify extended regular or hexadecimal expressions to match against data payloads of packets. It currently recognizes IPv4/6, TCP, UDP, ICMPv4/6, IGMP and Raw across Ethernet, PPP, SLIP, FDDI, Token Ring, and null interfaces, and understands BPF filter logic in the same fashion as more common packet sniffing tools, such as tcpdump and snoop.
ntopmg is a network probe that shows network usage in a way similar to what top does for processes. It acts as a Web server, creating an HTML dump of the network status. It sports a flow collector, an HTTP-based client interface for creating ntop-centric monitoring applications, and RRD for persistently storing traffic statistics. Its C++ core can be scripted in Lua, for changing the appearance and extending functionality.
OpenNMS is the first enterprise-grade network management platform developed using the open source model. The three main functional areas of OpenNMS are service polling, which monitors services on the network and reports on their "service level"; data collection from the remote systems via SNMP in order to measure the performance of the network; and a system for event management and notifications.
Performance Co-Pilot (PCP) is a framework and set of services for supporting system-level performance monitoring and performance management. It provides a unifying abstraction for all of the interesting performance data in a system, and allows client applications to easily retrieve and process any subset of that data using a single API. A client-server architecture allows multiple clients to monitor the same host, and a single client to monitor multiple hosts. Archive logging and replay are integrated so that a client application can use the same API to process real-time data from a host or historical data from an archive.
Snort is a network intrusion detection and prevention system. It is the most widely deployed technology of its kind in the world. It performs detection using a variety of methods including rules-based detection, anomaly detection, and heuristic analysis of network traffic. Its rules language is open source and available to the public as well.