There are several tools you can use for network monitoring that will enhance the monitoring of your system:
linux-mon ( http:// sourceforge .net/projects/linux-mon ) Allows for monitoring of remote services for availability
Nagios ( http://sourceforge.net/projects/nagios ) Full featured program that provides the capability to monitor services, hosts , and networks via a web browser
ippl ( http://www.pltplp.net/ippl/ ) Program that logs incoming IP packets
scanlogd ( http://www.openwall.com/scanlogd/ ) Lightweight program that detects TCP port scans
argus ( http://www.qosient.com/argus/ ) Network transaction monitor
The importance of monitoring your network for unusual activity cannot be overstated. If you do not know your network and if you are not monitoring your network for suspicious activity, you are essentially allowing an attacker to attack your systems unabated. Using the tools in this chapter, you can ensure your network is running in a normal manner, and you will be aware of any malicious activities proactively, rather than waiting for an attack to occur.