Mars is a simple, extensible, services-oriented network status monitor written in Java. It monitors a network by simulating client connections to Internet services and reporting when those services are not responding as expected. It is quick and easy to install and configure, which distinguishes it from more complex network monitoring tools. Mars monitors HTTP, HTTPS, SMTP, IMAP, POP3, FTP, SSH, and JDBC, and notifies via SMTP and XMPP "out of the box". Support for new protocols, notifications, and reporting mechanisms is easy to add via Java or XML.
ngrep strives to provide most of GNU grep's common features, applying them to the network layer. ngrep is a pcap-aware tool that will allow you to specify extended regular or hexadecimal expressions to match against data payloads of packets. It currently recognizes IPv4/6, TCP, UDP, ICMPv4/6, IGMP and Raw across Ethernet, PPP, SLIP, FDDI, Token Ring, and null interfaces, and understands BPF filter logic in the same fashion as more common packet sniffing tools, such as tcpdump and snoop.
Nmap ("Network Mapper") is a utility for network exploration, administration, and security auditing. It uses IP packets in novel ways to determine which hosts are available online (host discovery), which TCP/UDP ports are open (port scanning), and what applications and services are listening on each port (version detection). It can also identify remote host OS and device types via TCP/IP fingerprinting. Nmap offers flexible target and port specifications, decoy/stealth scanning for firewall and IDS evasion, and highly optimized timing algorithms for fast scanning.
ntopmg is a network probe that shows network usage in a way similar to what top does for processes. It acts as a Web server, creating an HTML dump of the network status. It sports a flow collector, an HTTP-based client interface for creating ntop-centric monitoring applications, and RRD for persistently storing traffic statistics. Its C++ core can be scripted in Lua, for changing the appearance and extending functionality.
The GNU Gatekeeper is a free H.323 gatekeeper based on the OpenH323 project. You can use it to manage a Voice-over-IP network and let endpoints (e.g., Netmeeting) communicate through symbolic names. It also has an external interface for billing and other applications. It runs on a number of Unix versions (including Linux and Solaris) and Windows.
OpenNMS is the first enterprise-grade network management platform developed using the open source model. The three main functional areas of OpenNMS are service polling, which monitors services on the network and reports on their "service level"; data collection from the remote systems via SNMP in order to measure the performance of the network; and a system for event management and notifications.
Performance Co-Pilot (PCP) is a framework and set of services for supporting system-level performance monitoring and performance management. It provides a unifying abstraction for all of the interesting performance data in a system, and allows client applications to easily retrieve and process any subset of that data using a single API. A client-server architecture allows multiple clients to monitor the same host, and a single client to monitor multiple hosts. Archive logging and replay are integrated so that a client application can use the same API to process real-time data from a host or historical data from an archive.
Pure FTP Server is a fast, production quality, standards-conformant FTP server based on Troll-FTPd. It has no known vulnerability, it is trivial to set up, and it is especially designed for modern kernels. Features include PAM support, IPv6, chroot()ed home directories, virtual domains, built-in 'ls', FXP protocol, anti-warez system, bandwidth throttling, restricted ports for passive downloads, an LDAP backend, XML output, and more.
Radiator RADIUS server is flexible, extensible, and authenticates from a huge range of authentication methods, including Wireless, TLS, TTLS, PEAP, SQL, proxy, DBM, files, LDAP, NIS+, password, NT SAM, Emerald, Platypus, Freeside, TACACS+, PAM, external, OPIE, POP3, EAP, MOTP, TOTP, HOTP, Active Directory, Vasco Digipass, SecurID, Yubikey, WiMAX, and many more. It runs on Unix, Linux, Solaris, Windows, MacOS 9, MacOS X, VMS, and more.
Snort is a network intrusion detection and prevention system. It is the most widely deployed technology of its kind in the world. It performs detection using a variety of methods including rules-based detection, anomaly detection, and heuristic analysis of network traffic. Its rules language is open source and available to the public as well.