Webfwlog is a Web-based firewall log reporting and analysis tool. It allows users to design reports to use on logged firewall data in whatever configuration they desire. Included are sample reports as a starting point. Reports can be sorted with a single click, or "drilled-down" all the way to the packet level, and saved for later use. Supported log formats are netfilter, ipfilter, ipfw, ipchains, Cisco routers, Snort, and Windows XP. Netfilter support includes ulogd MySQL or PostgreSQL database logs using the iptables ULOG or NFLOG target.
PushToTest TestMaker is a distributed test automation platform for application performance management and monitoring. It repurposes tests written in Selenium, soapUI, TestGen4Web, and Mozmill, and unit tests in Java, .NET, Jython, Groovy, PHP, Ruby, and Perl into functional tests, load and performance tests, and business service monitors. TestMaker is ideal for Web applications, Service Oriented Architecture (SOA) applications, Rich Internet Application (RIA using Ajax, Flex, Flash) and Business Process Management (BPM) applications.
collectd is a small and modular daemon which collects system information periodically and provides means to store the values. Included in the distribution are numerous plug-ins for collecting CPU, disk, and memory usage, network interface and DNS traffic, network latency, database statistics, and much more. Custom statistics can easily be added in a number of ways, including execution of arbitrary programs and plug-ins written in Perl. Advanced features include a powerful network code to collect statistics for entire setups and SNMP integration to query network equipment.
Sshguard monitors services through their logging activity. It reacts to messages about dangerous activity by blocking the source address with the local firewall. Sshguard employs a clever parser that can transparently recognize several logging formats at once (syslog, syslog-ng, metalog, multilog, raw messages), and detects attacks for many services out of the box, including SSH, several ftpds, and dovecot. It can operate all the major firewalling systems, and features support for IPv6, whitelisting, suspension, and log message authentication.
grsecurity is a complete security system for Linux 2.4 and 2.6 that implements a detection/prevention/containment strategy. It prevents most forms of address space modification, confines programs via its Role-Based Access Control system, hardens syscalls, provides full-featured auditing, and implements many of the OpenBSD randomness features. It was written for performance, ease-of-use, and security. The RBAC system has an intelligent learning mode that can generate least privilege policies for the entire system with no configuration. All of grsecurity supports a feature that logs the IP of the attacker that causes an alert or audit.
MoSShE (MOnitoring in Simple SHell Environment) is a simple, lightweight (both in size and system requirements) server monitoring package designed for secure and in-depth monitoring of a handful of typical/critical Internet systems. It supports email alerts and SLA monitoring out of the box, and whatever you can script. The system is programmed in plain (Bourne) SH, and made to be compatible with BASH and Busybox so it can easily be deployed on embedded systems. Monitoring is designed to be distributed over multiple systems, usually running locally. As no parameters are accepted from the outside, checks cannot be tampered or misused from outside. The system is designed to allow decentralized checks and evaluation as well as classical agent-based checks with centralized data accumulation. Agent data is transferred via HTTP, so available Web servers can be co-used for agent data transfer. Each agent creates simple (static) HTML pages with full and condensed status reports on each system, allowing simple local checks.
Expresso Framework is an open standards-based J2EE architectural framework that allows the developer to concentrate on application logic. It is a library of extensible Java Server application framework components for creating database-driven Web applications based on open standards. Expresso integrates with Apache Jakarta Struts, which emphasizes presentation and application configuration, and bringing a powerful tag library to Expresso. Expresso adds capabilities for security, robust object-relational mapping, background job handling and scheduling, self-tests, logging integration, automated table manipulation, database connection pooling, email connectivity, event notification, error handling, caching, internationalization, XML automation, testing, registration objects, configuration management, workflow, automatic database maintenance, and a JSP tag library.
x11vnc allows one to remotely view and interact with real X displays (i.e. a display corresponding to a physical monitor, keyboard, and mouse) with any VNC viewer. It is designed to be compatible with all Unix variants and Mac OS X, and depends on a small set of standard libraries. It supports SSL/TLS and VeNCrypt encryption, Unix password logins, single port access, Zeroconf, file transfer, and UltraVNC extensions. It is part of the LibVNCServer project.
Heartbeat is a full-function high-availability system for Linux and other POSIX-like OSes. It monitors services and restarts them on errors. When managing a cluster (more than 1 machine), it will also monitor the members of the cluster and begin recovery of lost services in less than a second. It runs over serial ports and UDP broadcast/multicast, as well as OpenAIS multicast. It is easily adapted to different interconnect media and protocols. When used in a cluster, it can operate using shared disks, data replication, or no data sharing. Versions starting with 2.0 are comparable to any commercial HA package, providing resource monitoring, larger clusters, and detailed dependency information.