Webfwlog is a Web-based firewall log reporting and analysis tool. It allows users to design reports to use on logged firewall data in whatever configuration they desire. Included are sample reports as a starting point. Reports can be sorted with a single click, or "drilled-down" all the way to the packet level, and saved for later use. Supported log formats are netfilter, ipfilter, ipfw, ipchains, Cisco routers, Snort, and Windows XP. Netfilter support includes ulogd MySQL or PostgreSQL database logs using the iptables ULOG or NFLOG target.
Firekeeper is an intrusion detection and prevention system for Firefox. It is able to detect, block and warn the user about malicious sites. Firekeeper uses flexible rules similar to Snort ones to describe browser-based attack attempts. Rules can also be used to effectively filter different kinds of unwanted content.
The ipoque PRX traffic manager effectively detects and controls all major peer-to-peer (P2P) filesharing, instant messaging (IM), and Voice over IP (VoIP) protocols. Bandwidth and volume limits can be assigned to network links, subnets, individual users, and user groups. Detailed usage statistics are provided and can be exported for post-processing. This community edition is a fully functional version with a bandwidth limit of 2 Mbit/s.
Trojan Scan is a simple shell script that allows for simple but relatively effective checking for trojans, rootkits and other malware that may be using your server and network for unwanted (and possibly illegal) purposes. It is relatively simple and won't catch them all, but can help to find these programs on shared servers with many users. It works by listing all process that use the Internet with the lsof command (using -Pni flags). This list is then transformed into signatures, which are then are matched against the allowed process defined in the configuration. If any signatures of running processes are found that do not match the allowed signatures, an email report is sent including ps, ls, and optional lsof output for the unknown processes.
simena-io is a Linux tool written in Perl and designed to show ethernet interface statistics in bits/second and packets/second in real time. It requires at least Linux kernel 2.2 and Perl 5. It does not require a root account. There is only one command parameter: the refresh rate in seconds. If no parameter is provided, simena-io will refresh every 2 seconds by default. Detailed documentation can be obtained by running "perldoc simena-io".
Swan is a bandwidth manager and Internet gateway that effectively controls and manages the collective bandwidth of an organization. As an Internet gateway it includes a transparent proxy, caching engine, access control lists, caching DNS server, logging and monitoring tools, an authentication mechanism, bandwidth clubbing, and policy management. It is ideal for ISPs, corporations, schools, colleges, etc. Both GUI and console-based interfaces are available for controlling the software. Installation is through a bootable CD that automatically formats the system.
net-status-monitor is a simple console script to test whether Internet connectivity is working. If it is, the script tells you the external IP address (in case your dynamic DNS provider is down). If not, it tries to find the point where the connectivity fails. The output is quite simple, so you can put it on your grandmother's PC. "Just tell me what the read line says" should give you enough information.