List of applications/Security
- For detailed guides, see the main ArchWiki page, Security.
- Arpwatch — Tool that monitors ethernet activity and keeps a database of Ethernet/IP address pairings.
- Honeyd — Tool that allows the user to set up and run multiple virtual hosts on a computer network.
- http://www.honeyd.org/ || AUR
- IPTraf — Console-based network monitoring utility.
- Nmap — Security scanner used to discover hosts and services on a computer network, thus creating a "map" of the network.
- Ntop — Network probe that shows network usage in a way similar to what top does for processes.
- PortBunny — Extremly fast console port scanner.
- Snort — Network intrusion prevention and detection system.
- http://www.snort.org/ || AUR
- Sshguard — Daemon that protects SSH and other services against brute-force attacts, similar to Fail2ban.
- vnStat — Console-based network traffic monitor that keeps a log of network traffic for the selected interfaces.
- Wireshark — Network protocol analyzer that lets you capture and interactively browse the traffic running on a computer network.
Threat and vulnerability detection
- Nessus — Comprehensive vulnerability scanning program.
- Tripwire — Intrusion detection system.
- AIDE — File and directory integrity checker.
- Logwatch — Customizable log analysis system.
- Swatch — Utility that can monitor just about any type of log.
- Tcpdump — Common console-based packet analyzer that allows the user to intercept and display TCP/IP and other packets being transmitted or received over a network.
- slock — Very simple and lightweight X screen locker. Offers only a black background when locked, there are no animations or text fields.
- sflock — Simple screen locker utility for X, based on slock. Provides a very basic user feedback.
- sxlock — Fork of sflock with a few enhancements. Provides basic user feedback, uses PAM authentication, supports DPMS and RandR.