Icinga is an enterprise grade open source monitoring system which keeps
watch over networks and any conceivable network resource, notifies the user
of errors and recoveries and generates performance data for reporting.
Scalable and extensible, Icinga can monitor complex, large environments
across dispersed locations.
Icinga is a fork of Nagios and is backward compatible. That said, Nagios
configurations, plugins, and addons can all be used with Icinga. Though
Icinga retains all the existing features of its predecessor, it builds on
them to add many long awaited patches and features requested by the user
community.
This is the meta port for Icinga 1.x including net-mgmt/icinga-core and
net-mgmt/icinga-classicweb.
Nagios is a host and service monitor designed to inform you of network
problems before your clients, end-users or managers do. The monitoring
daemon runs intermittent checks on hosts and services you specify
using external "plugins" which return status information to Nagios.
When problems are encountered, the daemon can send notifications out
to administrative contacts in a variety of different ways (email,
instant message, SMS, etc.). Current status information, historical
logs, and reports can all be accessed via a web browser.
IPCAD is an IP accounting daemon. It uses bpf or pcap to access interfaces
and gather IP statistics. Collected numbers are arranged to form an
address-to-address flow pairs and than can be accessed via rsh in Cisco
fashion, or exported via NetFlow UDP protocol.
See README file and man pages for details.
RAToolSet is a suite of policy analysis tools. It is implemented in C++ on a
UNIX platform. It has been ported successfully to many platforms including
Sun Sparc stations running SunOS 4.1.3 or Solaris, FreeBSD, DEC Alphas
running OSF/1, and BSDI. It contains the following programs:
rtconfig routing policy analyzer and router configuration tool
peval a low-level policy evaluation tool
rpslcheck syntax checks the aut-num policy for an AS
Would you like to summarize and/or log network activity down to the ip address
and port level of detail, but not record every packet?
Ipaudit provides that ability.
Ipaudit listens to a network device in promiscuous mode, and records of every
'connection', each conversation between two ip addresses. A unique connection
is determined by the ip addresses of the two machines, the protocol used
between them and the port numbers (if they are communicating via UDP or TCP).
It uses a hash table to keep track of the number of bytes and packets in both
directions. When ipaudit receives a signal SIGTERM (kill) or SIGINT (kill -2,
usually the same as a Control-C), it stops collecting data and writes the
tabulated results.
Ipaudit is built using the pcap packet capture library to read the network port
from LBNL Network Research Group.
Kismet is an 802.11 layer2 wireless network detector, sniffer, and intrusion
detection system. Kismet will work with any wireless card which supports
raw monitoring (rfmon) mode, and can sniff 802.11a, 802.11b, and 802.11g
traffic.
Kismet identifies networks by passively collecting packets. In addition
to standard networks, it can detect (and given time, decloak) hidden
networks, and infer the presence of nonbeaconing networks via data traffic.
Capture sources that are known to be supported: Atheros, Prism2, WSP100,
Drone, wtapfile, pcapfile. Kismet also supports radiotap headers and
should work with current FreeBSD systems.
LibreNMS is an autodiscovering PHP/MySQL/SNMP based network monitoring
which includes support for a wide range of network hardware and
operating systems including Cisco, Linux, FreeBSD, Juniper, Brocade,
Foundry, HP and many more.
LibreNMS has grown out of a lack of easy to configure network
monitoring platforms. It is intended to provide a more navigable
interface to the health and performance of your network. Its design
goals include collecting as much historical data about devices as
possible, being completely autodiscovered with little or no manual
intervention, and having a very intuitive interface.
NDPMon is an equivalent of ArpWatch for IPv6.
NDPMon, Neighbor Discovery Protocol Monitor, is a tool working with
ICMPv6 packets. NDPMon observes the local network to see if nodes
using neighbor discovery messages behave properly. When it detects
a suspicious Neighbor Discovery message, it notifies the administrator
by writing in the syslog and in some cases by sending an email
report.
NeDi is a lightweight network management framework, which is based on a
scheduled discovery, an SQL backend, and a web-based user interface. It
sucks information through SNMP or CLI from your switches and routers and
stores information (such as MACs and IPs) in a MySQL database.
Later, you can use its web interface to easily locate nodes withing your
network.