Zabbix is an enterprise-class distributed monitoring solution designed to monitor and track performance and availability of network servers, devices, and other IT resources. It supports distributed and Web-based monitoring, auto-discovery, real-time monitoring, SLA assurance, trending, and more.
NetHogs is a small 'net top' tool. Instead of breaking the traffic down per protocol or per subnet, like most tools do, it groups bandwidth by process. NetHogs does not rely on a special kernel module to be loaded. If there's suddenly a lot of network traffic, you can fire up NetHogs and immediately see which PID is causing this. This makes it easy to identify programs that have gone wild and are suddenly taking up your bandwidth. Since NetHogs heavily relies on /proc, most features are only a
IPFire is a Linux firewall distribution that is built from source and comes with lots of additional features. It is easy to set up and administer. It features a firewall with stateful inspection, a content filtering engine, traffic control (QoS), VPN technology, and a lot of logging.
A simple tc command wrapper tool. Easy to setup traffic control of network bandwidth/latency/packet-loss/packet-corruption to network interfaces.
OpenWRT is a Linux distribution for wireless routers and low-resource embedded devices. It provides a coherent base system for different plattforms, various hardware and firmware drivers, and a Debian-style packaging system for application and add-on packages. The JSON-RPC based admin web interface LuCI makes configuration very user-friendly, but keeps the similar SSH and command line UCI interface and /etc files accessible. With its own PROCD system event daemon it can immediately respond to up
OpenMPTCProuter is a solution to aggregate and encrypt (and can obfuscate) multiple internet connections and terminates it over any VPS which make clients benefit security, reliability, net neutrality, as well as dedicated public IP. The aggregation is based on Multipath TCP (MPTCP), which is ISP, WAN type, and latency independent "whether it was Fiber, VDSL, SHDSL, ADSL or even 4G", different scenarios can be configured to have either aggregation or failover based on MPTCP. Aggregation via Mu
Nmap ("Network Mapper") is a network utility for service discovery, monitoring and security auditing. Nmap utilizes raw IP packets for host discovery, port scanning, OS fingerprinting, firewall probing, and generating various statistics. It permits inspecting large network ranges but also works for single server checks. It's cross-platform compatible and also provides a X11 reporting GUI with Zenmap, and Ncat for data transfer and debugging, Ndiff for result comparison, and Nping for response an
curl and libcurl is a tool for transferring files using URL syntax. It supports HTTP, HTTPS, FTP, FTPS, SCP, SFTP, TFTP, DICT, TELNET, LDAP, POP3, IMAP, SMTP, RTSP, RTMP, and FILE, as well as HTTP-post, HTTP-put, cookies, FTP upload, resumed transfers, passwords, port numbers, SSL certificates, Kerberos, and proxies. It is powered by libcurl, the client-side URL transfer library. There are bindings to libcurl for about 40 languages and environments.
ivykis is a library for asynchronous I/O readiness notification. It is a thin, portable wrapper around OS-provided mechanisms such as /dev/poll, epoll_create(2), kqueue(2), poll(2), and port_create(3C). ivykis was mainly designed for building high-performance network servers, but can be used as building block for any kind of event-driven application that uses poll(2)able file descriptors as its inputs.
fping is a program to send ICMP echo probes to network hosts, similar to ping, but much better performing when pinging multiple hosts.
Trottinett was written to allow a laptop computer to quickly switch between a wired and a wifi connection, optionally using the same MAC address for both interfaces.
tinc is a Virtual Private Network (VPN) daemon that uses tunneling and encryption to create a secure private network between multiple hosts on the Internet. This tunneling allows VPN sites to share information with each other over the Internet without exposing any information.
Net::Transmitter provides a stream wrapper that ensures data integrity over network connections, such as HTTP transfers and raw TCP sockets. It abstracts blocking read/writes and esnures to fetch the complete packet stream, avoiding manual state keeping and loop probing.
"Why Can't I Connect?" diagnoses network settings and protocols to resolve TCP/IP connection issues. It supports various SQL servers, FTP and SFTP file transfers, SMTP and IMAP/POP3 for email applications, as well as IRC, LDAP, Usenet. It can also probe raw and generic TCP/IP connections.
Dante is a free implementation of the proxy protocols SOCKS version 4 and SOCKS version 5 (RFC 1928) that supports both IPv4 and IPv6. It can be used as a firewall between networks and to control outgoing or incoming traffic. The package consists of two parts: a SOCKS server and a proxy client that supports SOCKS, HTTP proxies, and UPnP. RFC 1961 (GSSAPI) is supported in both the client and the server. Commercial support is available.
OpenVPN is a full-featured open source SSL VPN solution that accommodates a wide range of configurations, including remote access, site-to-site VPNs, Wi-Fi security, and enterprise-scale remote access solutions with load balancing, failover, and fine-grained access-controls. Starting with the fundamental premise that complexity is the enemy of security, OpenVPN offers a cost-effective, lightweight alternative to other VPN technologies that is well-targeted for the SME and enterprise markets.
Vortex Library is an implementation of the RFC 3080 and RFC 3081 standard definitions, known as the BEEP Core protocol, implemented on top of the TCP/IP stack. It comes with complete XML-RPC over BEEP RFC 3529 support, complete support for the TUNNEL profile (which allows you to perform proxy operations for every BEEP profile developed), support for HTTP proxies, and more. The API is consistent, easy to use, and allows you to write application protocols very quickly. The API is designed to allow
* Compiler for the eC Language * Cross-Platform API * 2D Graphics Engine (Bitmaps, Fonts...) * Networking Library (Sockets, Remote objects, HTTP) * Development Environment (Code Editor, Projects, Debugging, Form designer) * Graphical User Interface * 3D Graphics Engine * Database Access (SQLite support) * Build System (Generate cross-platform Makefiles)
Dowse is a transparent proxy facilitating the awareness of ingoing and outgoing connections, from, to, and within a local area network. Dowse provides a central point of soft control for all local traffic: from ARP traffic (layer 2) to TCP/IP (layers 3 and 4) as well as application space, by chaining a firewall setup to a trasparent proxy setup. A core feature for Dowse is that of hiding all the complexity of such a setup.
pimd is a lightweight, stand-alone implementation of the Protocol Independent Multicast-Sparse Mode (PIM-SM/SSM) specification.
etherpoke is a scriptable network session monitor. etherpoke defines three events: SESSION_BEGIN, SESSION_END, SESSION_ERROR to which a hook (system command) can be assigned. The event hook can be any program installed in the system. SESSION_BEGIN is triggered when the first packet matching the filter rule is captured. SESSION_END is triggered when the time since the last matching packet was captured exceeds the session timeout. SESSION_ERROR is triggered when it is no longer possible to pro
FreeBSD is an operating system and a major BSD distribution, which focuses on stability, performance, cutting-edge features and security. It's both UNIX® and Linux-compatible, ports a wide range of applications (24000), is suitable for server, embedded and desktop use. Has robust networking capabilities, cross-platform support, hardware and KMS/drm2 video drivers, hardware and network virtualization support, jails, dtrace, capsicum, understands ZFS and other filesystems, and simple installation
The WendzelNNTPd is a IPv6-ready NNTP usenet-server with the main goal to be as easy to use as possible. It is portable (Linux/*BSD/*nix), supports AUTHINFO authentication, contains ACL as well as role based ACL and supports invisible newsgroups. It currently supports MySQL and SQLite backends.
ArpON is a daemon that handles and inspects ARP (address resolution protcol) requests and thusly can prevent MITM attacks, ARP sppofing, cache or route poisoning. It also blocks related network attacks like ARP sniffing, hijacking, or injection, or higher-level DNS and HTTP request/session spoofing, or SSL/TLS circumvention. It also protects networks with proactive (network interface or system shutdown) and dynamic ARP traffic inspections in complexer setups.
WMND is a dockapp for monitoring network interfaces under WindowMaker and other compatible window managers. WMND can monitor multiple interfaces at the same time, sports several display modes and can also monitor remote interfaces through SNMP.
BIRD is a dynamic routing daemon for UNIX-like systems. It should support all routing protocols used in the contemporary Internet, such as BGP, OSPF, RIP, and their IPv6 variants. It also features a very flexible configuration mechanism, and a route filtering language.
HAproxy is a high-performance and highly-robust TCP and HTTP load balancer which provides cookie-based persistence, content-based switching, SSL off-loading, advanced traffic regulation with surge protection, automatic failover, run-time regex-based header control, Web-based reporting and management interface, advanced logging to help trouble-shooting buggy applications and/or networks, and a few other features. Its own event-driven state machine achieves 100,000 connections per second and surpa
For users on Linux and Unix, KDE offers a full suite of user workspace applications which allow interaction with these operating systems in a modern, graphical user interface. This includes Plasma Desktop, KDE's innovative and powerful desktop interface. Other workspace applications are included to aid with system configuration, running programs, or interacting with hardware devices. While the fully integrated KDE Workspaces are only available on Linux and Unix, some of these features are availa
rsync is a replacement for rcp (and scp) that has many more features. It uses the "rsync algorithm" which provides a very fast method for remote files into sync. It does this by sending just the differences in the files across the link, without requiring that both sets of files are present at one of the ends of the link beforehand.
Hotspotd is a daemon to create a WiFi hotspot on Linux. It uses the standard hostapd program for access-point provisioning and establishes a NAT (Network address translation) with the target device using the iptables firewall. Hotspotd uses dnsmasq to allocate ip-addresses in a pre-defined range for target devices.