List of applications/Security
- EtherApe — A graphical network monitor for various OSI layers and protocols.
- Fail2ban — Bans IPs after too many failed authentification attempts against common daemons.
- Arpwatch — A tool that monitors ethernet activity and keeps a database of Ethernet/IP address pairings.
- Honeyd — A tool that allows the user to set up and run multiple virtual hosts on a computer network.
- http://www.honeyd.org/ || AUR
- Nmap — A security scanner used to discover hosts and services on a computer network, thus creating a "map" of the network.
- Ntop — A network probe that shows network usage in a way similar to what top does for processes.
- IPTraf — A console-based network monitoring utility.
- PortBunny — An extremly fast console port scanner.
- Snort — A network intrusion prevention and detection system.
- Sshguard — A daemon that protects SSH and other services against brute-force attacts, similar to Fail2ban.
- vnStat — A console-based network traffic monitor that keeps a log of network traffic for the selected interfaces.
- Wireshark — A network protocol analyzer that lets you capture and interactively browse the traffic running on a computer network.
Threat & Vulnerability Detection
- Nessus — A comprehensive vulnerability scanning program.
- Tripwire — An intrusion detection system.
- AIDE — A file and directory integrity checker.
- Logwatch — A customizable log analysis system.
- Swatch — A utility that can monitor just about any type of log.
- Tcpdump — A common console-based packet analyzer that allows the user to intercept and display TCP/IP and other packets being transmitted or received over a network.