< Prev 1 2 3 4 5 6 7 8 9 Next >
Category: Utilities » Usage Monitoring
dnsgraph is a very simple DNS statistics RRDtool frontend for Bind that produces daily, weekly, monthly, and yearly graphs of success/failure, recursion/referral, and nxrrset/nxdomain.
Webmin Usermonitor is a Webmin module that allows you to view all user connections to the system which are based on Telnet, SSH, or Samba. It is able to kill a user's connection or send a message to the user.
MIDAS NMS is a highly configurable network monitoring and network intrusion detection server. It uses a distributed client/server model that allows it to scale to very large networks, and features highly optimized Snort support that dramatically reduces the overhead of both the Snort Sensor and the alert data repository. It also supports Netsaint/Nagios plugins and Big Brother clients, allowing for easy migration.
simplemon is a Perl script for monitoring processes (and their UID/GID) and free disk space. It generates carefully formatted mail, which is suitable for sending via SMS. It supports Solaris and FreeBSD currently.
GKrellMEris is a plugin for GKrellM which displays the current date in Discordian date format as a scrolling text string in the GKrellM window. The format of the string can be configured by the user using control codes like those provided by ddate.
This tool is a command prompt (cmd.exe) logger, useful for generating intrusion evidence that was previously unavailable. With this tool, you can log command prompt sessions be it from the console, a compromised IIS system or through a netcat tunnel. This works a bit like a wrapper, ComLog taking the place of cmd.exe and passes the commands to be executed to the real cmd.exe which is renamed cm_.exe. Version 1.05 changes incude MS-DOS icon added to the executable, and better camouflage to avoid detection by the monitoree. Pro version allows you to choose the filename for cm_.exe to anything you like, to make it even harder to detect. It also allows you to specify pattern strings that you want obfuscated from the monitoree's output.
Login Monitor monitors idle times for logins and kicks users off after they are idle for a set amount of time. It is useful for people who forget to log out of machines they connect to remotely.
dnotify is a simple program that makes it possible to execute a command every time the contents of a specific directory change in Linux. It is run from the command line and takes two arguments: one or more directories to monitor and a command to execute whenever a directory has changed. Options control what events to trigger on: when a file was read in the directory, when one was created/deleted, etc.
Tcpdump allows you to dump the traffic on a network. It can be used to print out the headers of packets on a network interface that matches a given expression. You can use this tool to track down network problems, to detect "ping attacks" or to monitor the network activities.
APD is an promiscuous node detection tool which uses ARP packets to determine whether or not a host is in promiscuous mode. This project is based of the work of securityfriday.
Browse by category