arpwatch
- Ebuilds: 4, Stable: 3.8, Testing: 3.8 Description:
The arpwatch package contains arpwatch and arpsnmp. Arpwatch and arpsnmp
are both network monitoring tools. Both utilities monitor Ethernet or
FDDI network traffic and build databases of Ethernet/IP address pairs,
and can report certain changes via email. Install the arpwatch package
if you need networking monitoring devices which will automatically keep
track of the IP addresses on your network.
Homepage:https://ee.lbl.gov/ License: BSD GPL-2
barnyard2
- Ebuilds: 1, Stable: 1.13 Description:
Barnyard2 is a fork of the original barnyard project (which is no longer under development).
Barnyard2 is an open source interpreter for Snort unified2 binary output files. Its primary
use is allowing Snort to write to disk in an efficient manner and leaving the task of
parsing binary data into various formats to a separate process that will not cause Snort to
miss network traffic. Barnyard2 is under active development and continues to adapt based on
user feedback.
Homepage:https://github.com/firnsy/barnyard2 https://firnsy.com/projects License: GPL-2
boreas
- Ebuilds: 1, Stable: 22.5.0 Description:
Boreas is a command line tool to scan for alive hosts. It supports IPv4 and IPv6 address ranges and allows to exclude certain addresses from a range.
The alive ping tests support ICMP, TCP-ACK, TCP-SYN and ARP and any combination.
For TCP ping an individual port list can be applied.
Homepage:https://www.greenbone.net https://github.com/greenbone/boreas License: GPL-3
braa
- Ebuilds: 1, Stable: 0.82-r1, Testing: 0.82-r1 Description: Quick and dirty mass SNMP scanner
Homepage:http://s-tech.elsat.net.pl/braa/ License: GPL-2
bwm-ng
- Ebuilds: 1, Stable: 0.6.3, Testing: 0.6.3 Description: Bandwidth Monitor NG is a small and simple console-based bandwidth monitor
Homepage:http://www.gropp.org/ License: GPL-2
bwping
- Ebuilds: 2, Stable: 2.6, Testing: 2.6 Description:
A tool to measure bandwidth and response times between two hosts using
Internet Control Message Protocol (ICMP) echo request/echo reply mechanism.
Homepage:https://bwping.sourceforge.io/ License: BSD
cacti
- Ebuilds: 1, Stable: 1.2.26, Testing: 1.2.26 Description:
Cacti is a complete network graphing solution designed to harness the
power of RRDTool's data storage and graphing functionality. Cacti
provides a fast poller, advanced graph templating, multiple data
acquisition methods, and user management features out of the box. All of
this is wrapped in an intuitive, easy to use interface that makes sense
for LAN-sized installations up to complex networks with hundreds of
devices.
Homepage:https://www.cacti.net/ License: GPL-2
cacti-spine
- Ebuilds: 2, Stable: 1.2.20, Testing: 1.2.20 Description:
Spine (formerly known as Cactid) is a poller for Cacti that primarily
strives to be as fast as possible. For this reason it is written in
native C, makes use of POSIX threads, and is linked directly against the
net-snmp library for minmumal SNMP polling overhead. Spine is a
replacement for the default cmd.php poller so you must decide if using
Spine makes sense for your installation.
Homepage:https://cacti.net/spine_info.php License: LGPL-2.1
calamaris
- Ebuilds: 2, Testing: 2.99.4.7 Description: Parses logfiles of a wide variety of web proxy servers and generates reports
Homepage:https://cord.de/calamaris-english License: GPL-2+
cbm
- Ebuilds: 2, Testing: 0.4 Description:
The Color Bandwidth Meter (CBM) is a small program to display the traffic
currently flowing through the network devices in a simple curses-based GUI.
The traffic for all interfaces include values as receive, transfer and total
Bytes/s or bits/s (or its multiples as KB/s and Kb/s).
Homepage:https://github.com/resurrecting-open-source-projects/cbm License: GPL-2
chronograf
- Ebuilds: 1, Testing: 1.8.5 Description: Monitoring, processing and alerting on time series data
Homepage:https://www.influxdata.com License: AGPL-3+
darkstat
- Ebuilds: 2, Stable: 3.0.721-r1, Testing: 9999999 Description:
darkstat is a network statistics gatherer. It's a packet sniffer that
runs as a background process on a cable/DSL router, gathers all sorts of
statistics about network usage, and serves them over HTTP.
Homepage:https://unix4lyfe.org/darkstat/
driftnet
- Ebuilds: 3, Stable: 1.6.0, Testing: 1.6.0 Description: Watches network traffic and displays media from TCP streams observed
Homepage:https://chris.ex-parrot.com/driftnet/ License: GPL-2
dsniff
- Ebuilds: 1, Testing:
Description:
dsniff is a collection of tools for network auditing and penetration testing.
dsniff, filesnarf, mailsnarf, msgsnarf, urlsnarf, and webspy passively monitor a
network for interesting data (passwords, e-mail, files, etc.). arpspoof,
dnsspoof, and macof facilitate the interception of network traffic normally
unavailable to an attacker (e.g, due to layer-2 switching). sshmitm and webmitm
implement active monkey-in-the-middle attacks against redirected SSH and HTTPS
sessions by exploiting weak bindings in ad-hoc PKI.
Homepage:https://monkey.org/~dugsong/dsniff/ License: BSD
echoping
- Ebuilds: 1, Stable: 6.0.2_p434-r6, Testing: 6.0.2_p434-r6 Description: Small program to test performances of remote servers
Homepage:https://framagit.org/bortzmeyer/echoping License: GPL-2
etherape
- Ebuilds: 2, Stable: 0.9.20, Testing: 0.9.21 Description:
EtherApe is a graphical network monitor for Unix modeled after etherman.
Featuring link layer, ip and TCP modes, it displays network activity
graphically. Hosts and links change in size with traffic. Color coded
protocols display. It supports Ethernet, FDDI, Token Ring, ISDN, PPP
and SLIP devices. It can filter traffic to be shown, and can read
traffic from a file as well as live from the network.
Homepage:https://etherape.sourceforge.io/ License: GPL-2
ethloop
- Ebuilds: 1, Stable: 10-r4, Testing: 10-r4 Description: Local simulator for testing Linux QoS disciplines
Homepage:http://luxik.cdi.cz/~devik/qos/ethloop/ License: all-rights-reserved
flow-tools
- Ebuilds: 1, Stable: 0.68.6-r2, Testing: 0.68.6-r2 Description: Flow-tools is library and a collection of programs used to collect,
send, process, and generate reports from NetFlow data. The tools can be
used together on a single server or distributed to multiple servers for
large deployments. The flow-toools library provides an API for
development of custom applications for NetFlow export versions 1,5,6 and
the 14 currently defined version 8 subversions. A Perl and Python
interface have been contributed and are included in the distribution.
Homepage:https://github.com/5u623l20/flow-tools/ License: BSD GPL-3
fprobe
- Ebuilds: 2, Stable: 1.1-r7 Description: libpcap-based tool to collect network traffic data and emit it as NetFlow flows
Homepage:https://fprobe.sourceforge.net License: GPL-2
goaccess
- Ebuilds: 3, Testing: 1.9.3 Description:
GoAccess is an open source real-time web log
analyzer and interactive viewer that runs in a terminal in *nix systems.
It provides fast and valuable HTTP statistics for system administrators
that require a visual server report on the fly.
Homepage:https://goaccess.io License: MIT
greenbone-feed-sync
- Ebuilds: 2, Stable: 25.1.0, Testing: 25.2.0 Description:
This is the new script for syncing the Greenbone Community Feed.
The greenbone-nvt-sync script was previously installed by net-analyzer/openvas-scanner.
Homepage:https://github.com/greenbone/greenbone-feed-sync License: GPL-3+
gsa
- Ebuilds: 3, Stable: 26.0.0, Testing: 26.10.1 Description:
The Greenbone Security Assistant is the web interface developed for the Greenbone Security Manager appliances.
It connects to the Greenbone Vulnerability Manager GVM to provide a full-featured user interface for vulnerability management.
Greenbone Security Assistant consists of GSA - The webpage written in React and
Homepage:https://www.greenbone.net https://github.com/greenbone/gsa License: AGPL-3+
gspoof
- Ebuilds: 1, Stable: 3.2-r3, Testing: 3.2-r3 Description: A simple GTK/command line TCP/IP packet generator
Homepage:http://gspoof.sourceforge.net/ License: GPL-2
gvm
- Ebuilds: 2, Stable: 25.5.0 Description:
GVM previously named OpenVAS stands for Open Vulnerability Assessment System and is a network security scanner
with associated tools like a graphical user front-end.
The core component is a server with a set of network vulnerability tests (NVTs) to detect security problems in remote systems and applications.
Homepage:https://www.greenbone.net License: AGPL-3+
gvm-libs
- Ebuilds: 3, Stable: 22.28.0, Testing: 22.35.4 Description:
This is the libraries module for the Greenbone Vulnerability Management Solution.
It is used for the Greenbone Security Manager appliances and provides various
functionalities to support the integrated service daemons.
Homepage:https://www.greenbone.net https://github.com/greenbone/gvm-libs/ License: GPL-2+
gvm-tools
- Ebuilds: 3, Stable: 25.4.0, Testing: 25.4.5 Description:
The Greenbone Vulnerability Management Tools or gvm-tools
in short are a collection of tools that help with remote controlling
a Greenbone Security Manager (GSM) appliance and its
underlying Greenbone Vulnerability Manager (GVM).
The tools essentially aid accessing the communication protocols
GMP (Greenbone Management Protocol) and OSP (Open Scanner Protocol).
Homepage:https://www.greenbone.net https://github.com/greenbone/gvm-tools/ License: GPL-3
gvmd
- Ebuilds: 3, Stable: 26.3.0, Testing: 26.18.1 Description:
The Greenbone Vulnerability Manager is the central management service between security scanners and the user clients.
It manages the storage of any vulnerability management configurations and of the scan results.
Access to data, control commands and workflows is offered via the XML-based Greenbone Management Protocol (GMP).
The primary scanner OpenVAS Scanner is controlled directly via protocol OTP while any other
remote scanner is coupled with the Open Scanner Protocol (OSP).
Homepage:https://www.greenbone.net https://github.com/greenbone/gvmd/ License: AGPL-3+
hexinject
- Ebuilds: 1, Testing: 1.6-r2 Description:
HexInject is a very versatile packet injector and sniffer, that provide
a command-line framework for raw network access. It's designed to work
together with others command-line utilities, and for this reason it
facilitates the creation of powerful shell scripts capable of reading,
intercepting and modifying network traffic in a transparent manner.
Homepage:http://hexinject.sourceforge.net/ License: BSD
hunt
- Ebuilds: 1, Stable: , Testing:
Description: Tool for checking well known weaknesses in the TCP/IP protocol
Homepage:http://lin.fsid.cvut.cz/~kra/index.html License: GPL-2
ifmetric
- Ebuilds: 1, Stable: 0.3-r4, Testing: 0.3-r4 Description: Set metrics of all IPv4 routes attached to a given network interface at once
Homepage:http://0pointer.de/lennart/projects/ifmetric/ License: GPL-2
ifstat
- Ebuilds: 1, Stable: 1.1-r2, Testing: 1.1-r2 Description: Network interface bandwidth usage, with support for snmp targets
Homepage:http://gael.roualland.free.fr/ifstat/ License: GPL-2
ifstatus
- Ebuilds: 1, Stable: 2.0.0, Testing: 2.0.0 Description: Simple CLI program for displaying network statistics in real time
Homepage:https://ifstatus.sourceforge.io/ License: GPL-2+
ike-scan
- Ebuilds: 1, Stable: 1.9.5, Testing: 1.9.5 Description: A utility for finding, fingerprinting and testing IKE VPN servers
Homepage:https://github.com/royhills/ike-scan License: GPL-2
ipaudit
- Ebuilds: 1, Stable: 1.1, Testing: 1.1 Description: IPAudit monitors network activity on a network by host, protocol and port
Homepage:https://ipaudit.sourceforge.net/ License: GPL-2+
ipband
- Ebuilds: 1, Stable: 0.8.1-r2, Testing: 0.8.1-r2 Description: Pcap based IP traffic and bandwidth monitor
Homepage:https://ipband.sourceforge.net/ License: GPL-2+
ipguard
- Ebuilds: 1, Testing: 1.04-r1 Description: Tool designed to protect LAN IP adress space by ARP spoofing
Homepage:http://ipguard.deep.perm.ru/ License: BSD-2
ippl
- Ebuilds: 1, Stable: 1.4.14-r7, Testing: 1.4.14-r7 Description: A daemon which logs TCP/UDP/ICMP packets
Homepage:http://pltplp.net/ippl/ License: GPL-2
ipsumdump
- Ebuilds: 1, Testing: 1.86-r1 Description:
The ipsumdump program summarizes TCP/IP dump files into a self-describing ASCII
format easily readable by humans and programs. The companion ipaggcreate
program counts various properties of packet aggregates.
Homepage:https://read.seas.harvard.edu/~kohler/ipsumdump/ License: the-Click-license
iptraf-ng
- Ebuilds: 2, Stable: 1.2.2, Testing: 1.2.2 Description:
IPTraf-ng is a console-based network monitoring program for
Linux that displays information about IP traffic.
Homepage:https://github.com/iptraf-ng/iptraf-ng License: GPL-2 doc? ( FDL-1.1 )
kapacitor
- Ebuilds: 1, Testing: 1.5.5 Description: Monitoring, processing and alerting on time series data
Homepage:https://www.influxdata.com License: MIT
knocker
- Ebuilds: 1, Stable: 0.8.0 Description: Knocker is an easy to use security port scanner written in C
Homepage:https://knocker.sourceforge.net License: GPL-2
lft
- Ebuilds: 1, Stable: 3.91-r1 Description:
(Note that version 3.80 is really 3.8, but released after 3.79.)
LFT, short for Layer Four Traceroute, is a sort of 'traceroute' that often
works much faster (than the commonly-used Van Jacobson method) and goes through
many configurations of packet-filters (firewalls). More importantly, LFT
implements numerous other features including AS number lookups through several
reliable sources, loose source routing, netblock name lookups, et al. What
makes LFT unique? LFT is the all-in-one traceroute tool because it can launch a
variety of different probes using ICMP, UDP, and TCP protocols, or the RFC1393
trace method. For example, rather than only launching UDP probes in an attempt
to elicit ICMP "TTL exceeded" from hosts in the path, LFT can send TCP SYN or
FIN probes to target arbitrary services. Then, LFT listens for "TTL exceeded"
messages, TCP RST (reset), and various other interesting heuristics from
firewalls or other gateways in the path. LFT also distinguishes between
TCP-based protocols (source and destination), which make its statistics
slightly more realistic, and gives a savvy user the ability to trace protocol
routes, not just layer-3 (IP) hops. With LFT's verbose output, much can be
discovered about a target network.
WhoB is a likable whois client (see whois(1)) designed to provide everything a
network engineer needs to know about a routed IP address by typing one line and
reading one line. But even so, it's worth typing a few more lines because WhoB
can do lots of other cool things for you! It can display the origin-ASN based
on the global routing table at that time (according to Prefix WhoIs, RIPE NCC,
or Cymru), the 'origin' ASN registered in the RADB (IRR), the netname and
orgname, etc. By querying pWhoIs, WhoB can even show you all prefixes being
announced by a specific Origin-ASN. WhoB performs the lookups quickly, the
output is easily parsed by automated programs, and it's included as part of the
Layer Four Traceroute (LFT) software package. LFT uses WhoB as a framework (and
you can too, quite easily--see whois.h). Recent LFT releases (as of version
2.5) include WhoB functionality through a standalone "whob" client/command
placed in the LFT binary directory.
LFT and WhoB continue to evolve and provide more and more useful data to
network engineers and to anyone else that cares how IP datagrams are being
routed. With the advent of smarter firewalls, traffic engineering, QoS, and
per-protocol packet forwarding, LFT and WhoB have become invaluable tools for
many network managers worldwide.
Homepage:http://pwhois.org/lft/ License: VOSTROM
macchanger
- Ebuilds: 2, Stable: , Testing:
Description: Utility for viewing/manipulating the MAC address of network interfaces
Homepage:https://github.com/alobbs/macchanger License: GPL-2
masscan
- Ebuilds: 1, Testing: 1.3.2 Description:
This is the fastest Internet port scanner. It can scan the
entire Internet in under 6 minutes, transmitting 10 million
packets per second.
It produces results similar to nmap, the most famous port
scanner. Internally, it operates more like scanrand,
unicornscan, and ZMap, using asynchronous transmission.
The major difference is that it's faster than these other
scanners. In addition, it's more flexible, allowing
arbitrary address ranges and port ranges.
Homepage:https://github.com/robertdavidgraham/masscan License: AGPL-3
mping
- Ebuilds: 1, Stable: 2.01, Testing: 2.01 Description:
UNINETTs delay statistics for IPv6 is now up and
running as a test project. The main goal with this
test project,is to test how well
Mping 2.0 works against the IPv6 network, and how well
it handles IPv4 and IPv6 adresses simultaniously. For
now we have to
resort to "IPv6 over IPv4 tunneling", but this is not
a permanent solution.
Homepage:https://mping.uninett.no License: GPL-2
mrtg
- Ebuilds: 1, Stable: 2.17.10-r1, Testing: 2.17.10-r1 Description: A tool to monitor the traffic load on network-links
Homepage:https://oss.oetiker.ch/mrtg/ License: GPL-2
munin
- Ebuilds: 3, Stable: 2.0.76-r3, Testing: 2.0.76-r3 Description:
Munin the tool surveys all your computers and remembers what it saw. It
presents all the information in in graphs through a web interface. Its
emphasis is on plug and play capabilities. After completing a installation a
high number of monitoring plugins will be playing with no more effort. Using
Munin you can easily monitor the performance of your computers, networks,
SANs, and quite possibly applications as well. It makes it easy to determine
"what's different today" when a performance problem crops up. It makes it
easy to see how you're doing capacity wise on all limited resources.
Homepage:https://munin-monitoring.org/ License: GPL-2
nagios
- Ebuilds: 2, Stable: 4.5.8, Testing: 4.5.9 Description:
Nagios is a host and service monitor designed to inform you of
network problems before your clients, end-users or managers do. It
has been designed to run under the Linux operating system, but
works fine under most *NIX variants as well. The monitoring daemon
runs intermittent checks on hosts and services you specify using
external "plugins" which return status information to Nagios. When
problems are encountered, the daemon can send notifications out to
administrative contacts in a variety of different ways (email,
instant message, SMS, etc.). Current status information,
historical logs, and reports can all be accessed via a web
browser.
Homepage:https://www.nagios.org/ License: metapackage
nagios-core
- Ebuilds: 2, Stable: 4.5.8, Testing: 4.5.9 Description:
Nagios is a host and service monitor designed to inform you of
network problems before your clients, end-users or managers do. It
has been designed to run under the Linux operating system, but
works fine under most *NIX variants as well. The monitoring daemon
runs intermittent checks on hosts and services you specify using
external "plugins" which return status information to Nagios. When
problems are encountered, the daemon can send notifications out to
administrative contacts in a variety of different ways (email,
instant message, SMS, etc.). Current status information,
historical logs, and reports can all be accessed via a web
browser.
Homepage:https://www.nagios.org/ License: GPL-2
nagstamon
- Ebuilds: 1, Stable: 3.16.2 Description: systray monitor for displaying realtime status of several monitoring systems
Homepage:https://nagstamon.de License: GPL-2
nagtrap
- Ebuilds: 1, Testing: 0.1.3-r1 Description: Integrated snmptt visualization addon for the Nagios monitoring system
Homepage:http://www.nagtrap.org/ License: GPL-2
ndsad
- Ebuilds: 1, Stable: 1.33-r2 Description:
The NetUP ndsad (NetUp Data Stream Accounting Daemon) utility captures
IP-traffic from network interfaces and export NetFlow v.5. Data is
gathered from libpcap library on Unix and from winpcap on Windows. Also
you are able to use tee/divert sockets on FreeBSD and ULOG on Linux for
data source.
Homepage:https://sourceforge.net/projects/ndsad License: GPL-2
nessus-agent-bin
- Ebuilds: 1, Testing: 11.1.1 Description: A remote security scanner for Linux - agent component
Homepage:https://www.tenable.com/ License: GPL-2 Tenable-Master-Agreement
nessus-bin
- Ebuilds: 1, Testing: 10.11.2 Description: A remote security scanner for Linux
Homepage:https://www.tenable.com/ License: GPL-2 Tenable-Master-Agreement
net-snmp
- Ebuilds: 2, Stable: 5.9.5.2, Testing: 9999 Description: Software for generating and retrieving SNMP data
Homepage:https://www.net-snmp.org/ License: HPND BSD GPL-2
netcat
- Ebuilds: 1, Stable: 110.20180111-r2, Testing: 110.20180111-r2 Description: The network swiss army knife
Homepage:https://nc110.sourceforge.io License: netcat
nethogs
- Ebuilds: 2, Stable: 0.8.8, Testing: 0.8.8 Description:
NetHogs is a small 'net top' tool. Instead of breaking the traffic down
per protocol or per subnet, like most tools do, it groups bandwidth by
process. NetHogs does not rely on a special kernel module to be loaded.
If there's suddenly a lot of network traffic, you can fire up NetHogs and
immediately see which PID is causing this. This makes it easy to indentify
programs that have gone wild and are suddenly taking up your bandwidth.
Homepage:https://github.com/raboof/nethogs License: GPL-2
netperf
- Ebuilds: 3, Stable: 2.7.0_p20210121, Testing: 2.7.0_p20210121-r1 Description:
Netperf is a benchmark that can be used to measure the performance of many
different types of networking. It provides tests for both unidirectional
throughput, and end-to-end latency. The environments currently measureable by
netperf include:
- TCP and UDP via BSD Sockets for both IPv4 and IPv6
- DLPI
- Unix Domain Sockets
- SCTP for both IPv4 and IPv6
Homepage:https://github.com/HewlettPackard/netperf License: MIT
netpipe
- Ebuilds: 1, Testing: 3.7.2-r1 Description:
NetPIPE is a protocol independent performance tool that visually
represents the network performance under a variety of conditions.
It performs simple ping-pong tests, bouncing messages of increasing
size between two processes, whether across a network or within an
SMP system. Message sizes are chosen at regular intervals, and with
slight perturbations, to provide a complete test of the communication
system. Each data point involves many ping-pong tests to provide an
accurate timing. Latencies are calculated by dividing the round
trip time in half for small messages ( less 64 Bytes ).
Homepage:http://bitspjoule.org/netpipe/ License: GPL-1+
nfdump
- Ebuilds: 4, Stable: 1.7.6 Description: nfdump is a toolset to collect and process netflow and sflow
data, sent from netflow/sflow compatible devices. The toolset supports
netflow v1, v5/v7,v9,IPFIX and SFLOW.
Homepage:https://github.com/phaag/nfdump License: BSD
ngrep
- Ebuilds: 2, Stable: 1.47_p20241209, Testing: 1.47_p20241209 Description: A grep for network layers
Homepage:https://github.com/jpr5/ngrep
nikto
- Ebuilds: 2, Testing: 2.5.0 Description: Web server vulnerability scanner
Homepage:https://www.cirt.net/Nikto2 License: GPL-2
nmbscan
- Ebuilds: 1, Stable: 1.2.5-r1, Testing: 1.2.5-r1 Description:
nmbscan scans the shares of a SMB network, using the NMB and SMB protocols.
It is useful for acquiring information on a local area network for such purposes as security auditing.
It can obtain such information as NMB/SMB/Windows hostname, IP address, IP hostname, ethernet MAC address, Windows username, NMB/SMB/Windows domain name, and master browser.
It can discover all the NMB/SMB/Windows hosts on a local area network by using the hosts lists maintained by master browsers.
Homepage:http://nmbscan.g76r.eu/ License: GPL-2
notus-scanner
- Ebuilds: 2, Stable: 22.7.2 Description:
This is a new scanner that scans after every regular scan, so no user interaction is necessary.
It offers better performance due to less system resource consumption and thus, faster scanning.
Homepage:https://github.com/greenbone/notus-scanner License: AGPL-3 AGPL-3+
nrpe
- Ebuilds: 4, Stable: 4.1.0, Testing: 4.1.0, 4.0.2 Description:
A daemon for allowing Nagios to connect directly to servers and
execute commands defined in a centralized configuration file.
Homepage:https://github.com/NagiosEnterprises/nrpe License: GPL-2+
nsca
- Ebuilds: 1, Stable: 2.7.2-r104, Testing: 2.7.2-r104 Description:
This program is designed to accept passive service check results
from clients that use the send_nsca utility (which is included in
this package) and pass them along to the Nagios process by using
the external command interface. The program can either be run as a
standalone daemon or as a service under inetd. If you have
libmcrypt installed on your systems, you can choose from multiple
crypto algorithms (DES, 3DES, CAST, xTEA, Twofish, LOKI97,
RJINDAEL, SERPENT, GOST, SAFER/SAFER+, etc.) for encrypting the
traffic between the client and the server. Encryption is
important in this addon, as it prevents unauthorized users from
sending bogus check results to Nagios. Read the included SECURITY
document for more information.
This package provides the send_nsca utility running on the client.
Homepage:https://www.nagios.org/ License: GPL-2
nstats
- Ebuilds: 1, Stable: 0.4-r4, Testing: 0.4-r4 Description: Displays statistics about ethernet traffic including protocol breakdown
Homepage:http://trash.net/~reeler/nstats/ License: Artistic
ntopng
- Ebuilds: 1, Testing: 6.0 Description: Network traffic analyzer with web interface
Homepage:https://www.ntop.org/ License: GPL-3
nttcp
- Ebuilds: 1, Stable: 1.47-r3, Testing: 1.47-r3 Description: Tool to test TCP and UDP throughput
Homepage:http://www.leo.org/~elmar/nttcp/ License: public-domain
nuttcp
- Ebuilds: 1, Testing: 8.1.4-r1 Description:
nuttcp is a network performance measurement tool intended for use
by network and system managers. Its most basic usage is to determine
the raw TCP (or UDP) network layer throughput by transferring memory
buffers from a source system across an interconnecting network to
a destination system, either transferring data for a specified time
interval, or alternatively transferring a specified number of bytes.
Homepage:https://www.nuttcp.net/ License: GPL-2
ookla-speedtest
- Ebuilds: 1, Testing: 1.2.0 Description:
Speedtest CLI brings the trusted technology and global server network
behind Speedtest to the command line. Built for software developers,
system administrators and computer enthusiasts alike,
Speedtest CLI is the first official Linux-native Speedtest application
backed by Ookla.
Homepage:https://www.speedtest.net/apps/cli License: Ookla
openvas-scanner
- Ebuilds: 3, Stable: 23.26.1, Testing: 23.40.0 Description:
Open Vulnerability Assessment System (OpenVAS) Scanner is the Greenbone Vulnerability Management (GVM) Solution.
It is used for the Greenbone Security Manager appliances and is a full-featured scan engine that executes a continuously
updated and extended feed of Network Vulnerability Tests (NVTs).
Homepage:https://www.greenbone.net https://github.com/greenbone/openvas-scanner/ License: GPL-2 GPL-2+
ospd-openvas
- Ebuilds: 3, Stable: 22.9.0, Testing: 22.10.1 Description:
This is an OSP server implementation to allow GVM to remotely control OpenVAS.
Once running, you need to configure OpenVAS for the Greenbone Vulnerability Manager, for example via the web interface Greenbone Security Assistant. Then you can create scan tasks to use OpenVAS.
Homepage:https://www.greenbone.net https://github.com/greenbone/ospd-openvas License: AGPL-3+ GPL-2+
ossec-hids
- Ebuilds: 1, Stable: 3.6.0 Description:
OSSEC is a full platform to monitor and control your systems. It mixes
together all the aspects of HIDS (host-based intrusion detection), log
monitoring and SIM/SIEM together in a simple, powerful and open source
solution.
To determine which build target (agent, server, hybrid or local) best
suits your needs, please visit https://www.ossec.net/ and review the
documentation provided there.
Homepage:https://www.ossec.net/ License: GPL-2
p0f
- Ebuilds: 2, Stable: 3.09_beta-r2, Testing: 3.09_beta-r2 Description: A tool to perform passive OS detection based on SYN packets
Homepage:https://lcamtuf.coredump.cx/p0f3/ License: LGPL-2.1
poink
- Ebuilds: 1, Stable: 2.03, Testing: 2.03 Description:
A TCP/IP-based ping implementation. It does not require special
privileges and is designed for multiuser shell systems. It is
meant to be a secure replacement for the standard IPv4 network
monitoring tool.
Homepage:https://directory.fsf.org/security/system/poink.html License: GPL-2+
prettyping
- Ebuilds: 1, Stable: 1.0.1, Testing: 1.0.1 Description:
'prettyping' is a wrapper around the standard 'ping' tool,
making the output prettier, more colorful, more compact,
and easier to read.
Homepage:https://denilson.sa.nom.br/prettyping/ License: MIT
pypacker
- Ebuilds: 1, Testing: 5.2 Description: Fast and simple packet creation and parsing library for Python
Homepage:https://gitlab.com/mike01/pypacker License: GPL-2
python-gvm
- Ebuilds: 3, Stable: 26.4.0, Testing: 26.9.1 Description:
The Greenbone Vulnerability Management Python API library (python-gvm) is a collection of
APIs that help with remote controlling a Greenbone Security Manager (GSM) appliance and its
underlying Greenbone Vulnerability Manager (GVM). The library essentially abstracts accessing
the communication protocols Greenbone Management Protocol (GMP) and Open Scanner Protocol (OSP).
Homepage:https://www.greenbone.net https://github.com/greenbone/python-gvm/ License: GPL-3+
rrdtool
- Ebuilds: 2, Stable: 1.9.0-r3, Testing: 1.9.0-r3 Description: A data logging and graphing system for time series data
Homepage:https://oss.oetiker.ch/rrdtool/ License: GPL-2
rustscan
- Ebuilds: 1, Testing: 2.4.1 Description: The Modern Port Scanner
Homepage:https://github.com/RustScan/RustScan License: GPL-3 Apache-2.0 ISC MIT MPL-2.0 Unicode-3.0 Unicode-DFS-2016
sancp
- Ebuilds: 1, Testing: 1.6.1-r7 Description: collect network traffic statistics and store them in pcap format
Homepage:https://sourceforge.net/projects/sancp/ License: QPL-1.0 GPL-2
sarg
- Ebuilds: 1, Stable: 2.4.0-r1 Description: Squid Analysis Report Generator is a tool that allow you to view where your users are going to on the Internet. Sarg provides many informations about Squid users activities: times, bytes, sites, etc...
Homepage:https://sourceforge.net/projects/sarg/ License: GPL-2
sbd
- Ebuilds: 1, Testing: 1.37-r1 Description:
sbd is a Netcat-clone, designed to be portable and offer strong encryption. It
features AES-CBC-128 + HMAC-SHA1 encryption (by Christophe Devine), program
execution (-e option), choosing source port, continuous reconnection with delay,
and some other nice features. Only TCP/IP communication is supported.
Homepage:http://tigerteam.se/dl/sbd/ License: GPL-2+
scanssh
- Ebuilds: 2, Stable: 2.1.3.1_p20260130, Testing: 2.1.3.1_p20260130 Description: Scanssh protocol scanner - scans a list of addresses an networks for running SSH protocol servers and their version numbers.
Homepage:https://github.com/ofalk/scanssh/ License: BSD
shodan
- Ebuilds: 2, Stable: 1.31.0, Testing: 9999 Description:
Shodan is a search engine for Internet-connected devices. Google lets
you search for websites, Shodan lets you search for devices. This
library provides developers easy access to all of the data stored in
Shodan in order to automate tasks and integrate into existing tools.
Homepage:https://github.com/achillean/shodan-python
siphon
- Ebuilds: 1, Stable: 666-r2, Testing: 666-r2 Description: A portable passive network mapping suite
Homepage:http://siphon.datanerds.net/ License: BSD
slurm
- Ebuilds: 1, Stable: 0.4.4, Testing: 0.4.4 Description:
Generic network load monitor for *BSD, Linux, HP-UX and Solaris witgh the next features:
* "realtime" traffic statistics
* three graph modes: combined RX and TX and two split views
* can monitor any network device
* curses ascii graphics
* ascii theme support
Homepage:https://github.com/mattthias/slurm License: GPL-2+
snort
- Ebuilds: 2, Testing: 2.9.20-r1 Description:
Snort is an open source network intrusion prevention and detection
system (IDS/IPS) developed by Sourcefire. Combining the benefits of
signature, protocol, and anomaly-based inspection, Snort is the most
widely deployed IDS/IPS technology worldwide. With millions of downloads
and approximately 300,000 registered users, Snort has become the de facto
standard for IPS.
Homepage:https://www.snort.org License: GPL-2
sslsplit
- Ebuilds: 1, Testing: 0.5.5-r1 Description:
SSLsplit is a tool for man-in-the-middle attacks against SSL/TLS
encrypted network connections. It is intended to be useful for network
forensics, application security analysis and penetration testing.
Homepage:
https://www.roe.ch/SSLsplit
https://github.com/droe/sslsplit
License: BSD-2
tcpflow
- Ebuilds: 1, Testing: 1.6.1-r1 Description: A tool for monitoring, capturing and storing TCP connections flows
Homepage:https://github.com/simsong/tcpflow License: GPL-3
tcping
- Ebuilds: 1, Stable: 2.1.0, Testing: 2.1.0 Description: Check if a desired port is reachable via TCP
Homepage:https://github.com/mkirchner/tcping License: MIT
tcpreplay
- Ebuilds: 2, Stable: 4.5.2, Testing: 9999 Description:
Tcpreplay is a suite of utilities for UNIX systems for editing and replaying
network traffic which was previously captured by tools like tcpdump and
ethereal/wireshark. The goal of tcpreplay is to provide the means for
providing reliable and repeatible means for testing a variety of network
devices such as switches, router, firewalls, network intrusion detection and
prevention systems (IDS and IPS).
Homepage:http://tcpreplay.appneta.com/ https://github.com/appneta/tcpreplay
ttl
- Ebuilds: 6, Testing: 0.19.0 Description: Modern traceroute/mtr-style TUI with hop stats and optional ASN/geo enrichment
Homepage:https://github.com/lance0/ttl License:
Apache-2.0 BSD CDLA-Permissive-2.0 ISC MIT MPL-2.0 openssl
Unicode-3.0 Unicode-DFS-2016 WTFPL-2 ZLIB
upnpscan
- Ebuilds: 1, Stable: 0.4-r3 Description:
A tool that scans the LAN or a given address range for UPnP capable
devices. This is done by sending M-SEARCH discovery packets to either
the UPnP multicast address or to the specified ip range.
Homepage:http://www.cqure.net/wp/upnpscan/ License: GPL-2
vnstat
- Ebuilds: 3, Stable: 9999, 2.13-r2, Testing: 9999 Description:
vnStat is a network traffic monitor for Linux that keeps a log of daily
network traffic for the selected interface(s). vnStat isn't a packet sniffer.
The traffic information is analyzed from the /proc filesystem. That way vnStat
can be used even without root permissions.
Homepage:https://humdi.net/vnstat/
wireshark
- Ebuilds: 4, Stable: 4.6.4, Testing: 9999 Description:
Wireshark is the world's foremost network protocol analyzer, and is the de
facto (and often de jure) standard across many industries and educational
institutions. Wireshark has a rich feature set which includes 1) deep
inspection of hundreds of protocols, with more being added all the time, 2)
live capture and offline analysis, 3) standard three-pane packet browser, 4)
captured network data can be browsed via a GUI, or via the TTY-mode TShark
utility, 5) the most powerful display filters in the industry, 6) rich VoIP
analysis, 7) read/write many different capture file formats: tcpdump (libpcap),
Catapult DCT2000, Cisco Secure IDS iplog, Microsoft Network Monitor, Network
General Sniffer® (compressed and uncompressed), Sniffer® Pro, and NetXray®,
Network Instruments Observer, Novell LANalyzer, RADCOM WAN/LAN Analyzer,
Shomiti/Finisar Surveyor, Tektronix K12xx, Visual Networks Visual UpTime,
WildPackets EtherPeek/TokenPeek/AiroPeek, and many others, 8) capture files
compressed with gzip can be decompressed on the fly, 9) live data can be read
from Ethernet, IEEE 802.11, PPP/HDLC, ATM, Bluetooth, USB, Token Ring, Frame
Relay, FDDI, and others, 10) decryption support for many protocols, including
IPsec, ISAKMP, Kerberos, SNMPv3, SSL/TLS, WEP, and WPA/WPA2, 11) coloring rules
can be applied to the packet list for quick, intuitive analysis, 12) output can
be exported to XML, PostScript®, CSV, or plain text.
Homepage:https://www.wireshark.org/ License: GPL-2
wtfis
- Ebuilds: 3, Stable: 0.14.0, Testing: 9999 Description:
wtfis is a commandline tool that gathers information about a domain,
FQDN or IP address using various OSINT services. Unlike other tools of
its kind, it's built specifically for human consumption, providing
results that are pretty (YMMV) and easy to read and understand.
Homepage:https://github.com/pirxthepilot/wtfis
xnetload
- Ebuilds: 1, Stable: 1.11.3-r1, Testing: 1.11.3-r1 Description: Displays a count and a graph of the traffic over a specified network connection
Homepage:https://www.xs4all.nl/~rsmith/software/ License: GPL-2
xprobe
- Ebuilds: 2, Stable: 0.3-r2, Testing: 0.3-r2 Description:
Active OS fingerprinting tool. This is the new xprobe, called xprobe2, due to
xprobe1 being obsoleted. xprobe2 has a different approach to OS fingerprinting.
xprobe2 relies on fuzzy signature matching, probabilistic guesses, multiple
matches simultaneously, and a signature database.
Homepage:http://sys-security.com/blog/xprobe2 License: GPL-2
yersinia
- Ebuilds: 1, Stable: 0.8.2_p20221119 Description:
Yersinia is a network tool designed to take advantage of some weakeness
in different network protocols. It intends to be a solid framework for
analyzing and testing the deployed networks and systems.
Homepage:http://www.yersinia.net/ License: GPL-2
zabbix
- Ebuilds: 8, Stable: 7.4.2, Testing: 7.4.6 Description:
ZABBIX is software for monitoring of your applications, network and servers.
ZABBIX supports both polling and trapping techniques to collect data from
monitored hosts. A flexible notification mechanism allows easy and quickly
configure different types of notifications for pre-defined events.
Homepage:https://www.zabbix.com/ License: AGPL-3
zmap
- Ebuilds: 1, Stable: 4.3.2, Testing: 4.3.2 Description:
ZMap is an open-source network scanner that enables researchers to easily
perform Internet-wide network studies. With a single machine and a well
provisioned network uplink, ZMap is capable of performing a complete scan of
the IPv4 address space in under 45 minutes, approaching the theoretical limit
of gigabit Ethernet.
ZMap can be used to study protocol adoption over time, monitor service
availability, and help us better understand large systems distributed
across the Internet.
Homepage:https://zmap.io/ License: Apache-2.0
zniper
- Ebuilds: 1, Stable: 1.0-r3 Description: Displays and kill active TCP connections seen by the selected interface
Homepage:http://www.signedness.org/tools/ License: BSD