Open source networking tools can come in handy. Whether you’re managing thousands of systems in a large enterprise data center or just connecting a couple of PCs at your home, open source networking tools can help you set up and maintain a low-cost network.
This month, we’re updating our list of open source networking tools to make that task a little easier.
On our list, you’ll find a lot of tools to help secure your network, as well as open source utilities that simplify troubleshooting, backup, deployment and other networking tasks. As always, if you have additional open source suggestions for this list, please note them in the comments section below.
Open Source Networking: Backup
1. Bacula
Replaces: Simpana Backup and Recovery , NetVault, HP StorageWorks EBS
Boasting that it is “by far the most popular open source backup program,” Bacula offers backup, recovery and data verification tools for use with networks. Commercial support, training and services are available through Bacula Systems. Operating System: Windows, Linux, OS X.
2. Amanda
Replaces: Simpana Backup and Recovery , NetVault, HP StorageWorks EBS
Not to be outdone, Amanda also claims to be “the most popular open source backup and recovery software in the world” and says that it currently protects 500,000 networks. In addition to the open source version, it comes in a paid enterprise version or as a pre-configured virtual appliance. Operating System: Windows, Linux, OS X.
3. Partimage
Replaces: Norton Ghost, Simpana Backup and Recovery , NetVault, HP StorageWorks EBS
In addition to supporting network backup and recovery, partimage is also useful for installing many identical computer images at once. It offers very fast saves and restores. Operating System: Linux.
Open Source Networking: Diagramming
4. Dia
Replaces: Microsoft Visio
For those times when you need to create a visual diagram of your network, Dia offers a no-cost alternative to Visio. It supports XML, EPS, SVG, XFIG, WMF and PNG file formats. Operating System: Windows, Linux.
5. GraphViz
Replaces: aiSee
Another alternative for creating network diagrams, GraphViz lets you use simple text or GXL (a variant of XML) to describe charts, and then it does the drawing work for you. See the Gallery for examples of the types of graphics it can create. Operating System: Windows, Linux, OS X.
Open Source Networking: Gateway/Unified Threat Management Appliances
Replaces: Check Point Security Gateways, SonicWall, Symantec Endpoint Protection
With Endian’s Community edition, you can create your own gateway security appliance, complete with antivirus support, virus and spam-filtering for email traffic, content filtering of Web traffic and a VPN. Or you can purchase the company’s commercial network security products based on the same technology. Operating System: Linux.
Replaces: Check Point Security Gateways, SonicWall, Symantec Endpoint Protection
Similar to Endian, Untangle offers a “Lite” version that is an open source solution you can use to build your own appliance. In addition, it also offers commercial hardware and software appliances. The website claims that Untangle lets you protect your network with less than 10 minutes of setup. Operating System: Linux.
Open Source Networking: Intrusion Detection
Replaces: Tripwire
Back in 2000, Tripwire released an open source version of its network monitoring software, and development on that project has continued since then. Like the commercial version of Tripwire, it alerts administrators when changes occur in specified files on your network. Operating System: Windows, Linux.
9. AFICK
Replaces: Tripwire
Short for “Another File Integrity Checker,” AFICK also offers very similar functionality to Tripwire. It quickly scans files and lets you know when data has changed.. Operating System: Windows, Linux.
Open Source Networking: IT Inventory Management
10. OCS Inventory NG
Replaces: LANDesk Inventory Manager, Systemhound
Find out what hardware is connected to your network and how it is being used. OCS also includes a deployment system for distributing software and scripts across your network. Operating System: OS Independent.
11. GLPI
Replaces: LANDesk Inventory Manager, Systemhound
Many users deploy OCS and GLPI together. OCS finds the resources connected to the network, and GLPI creates a database to help administrators track and manage those assets. Operating System: OS Independent.
Open Source Networking: Log File Monitoring and Analysis
12. Analog
The “most popular logfile analyser in the world,” Analog is an ultra-fast scalable log analysis tool for use with Web servers. Use it alone or with Report Magic to generate prettier charts and graphs. Operating System: Windows, Linux, OS X.
13. AWStats
This free log file analysis tool creates graphs from Web, streaming, ftp or mail server statistics. Check out the helpful comparison chart to see how its feature stack up against other open source and commercial applications. Operating System: Windows, Linux, OS X.
14. Snare
Replaces: LogLogic, SenSage Log Management
At this site, you’ll find numerous open source Snare agents designed to analyze log files from a security perspective. InterSect Alliance, the organization behind the Snare agents, also offers a commercial server that incorporates the open source tools. Operating System: Windows, Linux, OS X, others.
15. Webalizer
This speedy Web log file analyzer claims to be able to process a log file with 2 million hits in 30 seconds. It supports both IPv4 and IPv6, and it is available in dozens of languages. Operating System: Windows, Linux, OS X.
Open Source Networking: Multi-Function Server
16. ClearOS
Replaces: Windows Small Business Server
This software allows small business owners to set up their own networks with a server that offers file and printer sharing, anti-virus, Web server, mail server, firewall, content filtering, VPN, multi-WAN and many other features. It also comes in a professional version with paid support and additional apps. Operating System: Linux.
17. SME Server
Replaces: Windows Small Business Server
Also aimed at small and medium-sized enterprises, SME Server is based on CentOS and RedHat Linux. It offers easy administration, file and print sharing, mail server, firewall, directory services, Web application server and more. Operating System: Linux.
18. Zentyal
Replaces: Windows Small Business Server
Small businesses can use this app as a gateway, infrastructure manager, unified threat manager, office server, unified communication server or all of the above. It’s goal is to provide “a single, easy-to-use platform to manage all your network services.” Operating System: Linux.
Open Source Networking: Network Firewalls
19. Devil-Linux
Replaces: Barracuda Firewalls, Check Point Appliances
Devil-Linux originated as a hardened version of Linux meant for use as a firewall/router. However, now it can also be used as an application server, as well as a network firewall. Operating System: Linux.
20. Turtle Firewall
Replaces: Barracuda Firewalls, Check Point Appliances
Turtle allows administrators to configure iptables to set up a Linux-based firewall. It includes a Web interface, or you can directly modify XML files. Operating System: Linux.
21. Shorewall
Replaces: Barracuda Firewalls, Check Point Appliances
Another iptables-based firewall, Shorewall can be used on a PC used as a dedicated firewall, a multi-function gateway/router/server or on a standalone GNU/Linux system. It doesn’t claim to be the easiest Linux firewall to use, but it does claim to be the most flexible and the most powerful. Operating System: Linux.
22. IPCop
Replaces: Barracuda Firewalls, Check Point Appliances
Aimed at home or SOHO users, IPCop also helps users configure a system as a Linux firewall for their network. Unlike some of the other Linux firewall options, it features a user-friendly Web-based interface. Operating System: Linux.
23. Vuurmuur
Replaces: Barracuda Firewalls, Check Point Appliances
Yet another iptables firewall, Vuurmuur boasts a simple-to-learn configuration tool that allows for very complex setups. Features include secure remote administration, traffic shaping and powerful monitoring capabilities. Operating System: Linux.
24. m0n0wall
Replaces: Barracuda Firewalls, Check Point Appliances
While most of the firewalls on our list run on Linux, this one runs on BSD. It was designed for appliances, but it can also be used on standard PCs. Operating System: FreeBSD.
25. pfSense
Replaces: Barricuda NG Firewall, Check Point Appliances
Downloaded more than 1 million times, this m0n0wall fork was designed for use on standard PCs. It functions as a firewall and a router for enterprise networks, small home networks and everything in between. Operating System: FreeBSD.
Open Source Networking: Network Management
26. OpenNMS
Replaces: IBM Tivoli Network Manager, OpManager
The “world’s first open source, enterprise grade network management application platform,” OpenNMS has been helping administrators monitor their networks for more than a decade. It’s highly customizable and highly scalable, and it offers automated and directed discovery and provisioning, event and notification management, service assurance, and performance measurement capabilities. Operating System: Windows, Linux, OS X, iOS.
27. RANCID
Replaces: Orion NCM, CiscoWorks LAN Management Solution
Short for “Really Awesome New Cisco confIg Differ,” RANCID discovers and tracks configuration details for routers and other devices. It supports a variety of hardware, including Cisco routers, Juniper routers, Catalyst switches, Foundry switches, Redback NASs, and ADC EZT3 muxes. Operating System: Linux.
Open Source Networking: Network Monitoring
28. Zenoss
Replaces: IBM Tivoli Network Manager, OpManager
Zenoss helps IT departments monitor and manage their networks, applications and servers, and it includes support for virtualized and cloud environments. Commercial products based on the open source community version are available through Zenoss, Inc. Operating System: Linux, OS X.
29. Nagios
Replaces: Nimsoft, Orion NPM, OpManager
The self-described “industry standard in IT infrastructure monitoring,” Nagios helps users “achieve instant awareness of IT infrastructure problems,” by monitoring servers, switches, applications, and services. The link above will take you to the open source version; enterprise versions can be found at Nagios.com. Operating system: Linux, Unix.
30. Opsview
Replaces: IBM Tivoli Network Manager, OpManager
Designed for use in DevOps environments, Opsview offers a unified view of physical, virtual and cloud-based systems, and it’s compatible with Nagios plug-ins. In addition to the free Core version, it also comes in Pro, Enterprise and MSP versions. Operating System: Linux.
31. Munin
Replaces: Nimsoft, Orion NPM, OpManager
Named for a Norse god of memory, Munin aims to help network administrators analyze trends and figure out why performance problems occur. It offers a Web interface, easy installation and easy use. Operating System: Linux, OS X.
32. RRDTool
Replaces: Nimsoft, Orion NPM, OpManager
RRDtool calls itself “the open source industry standard, high performance data logging and graphing system for time series data.” It’s been incorporated into numerous other networking tools, including Endian and Cacti Operating System: Windows, Linux.
33. Cacti
Replaces: Nimsoft, Orion NPM, OpManager
Cacti takes information from RRDtool and uses it produce more advanced graphs. It also offers an intuitive interface and some management capabilities. Operating System: Windows, Linux.
34. Ganglia
Replaces: Nimsoft, Orion NPM, OpManager
While most of the tools on our list are designed for run-of-the-mill networks, this tool from the University of California, Berkeley Millennium Project monitors high-performance computing systems such as clusters and grids. It’s been around since 2000, and it’s currently used on thousands of clusters around the world. Operating System: Linux, others.
35. Zabbix
Replaces: Nimsoft, Orion NPM, OpManager
Calling itself “the enterprise-class monitoring solution for everyone,” Zabbix can monitor up to 100,000 networked devices for 1 million metrics, performing thousands of checks per second. It’s completely open source, but Zabbix does offer paid support and other services. Operating System: Windows (agent only), Linux, OS X.
36. Pandora FMS
Replaces: Nimsoft, Orion NPM, OpManager
This “Flexible Monitoring Solution” can be set up to track anything from network status to website defacement to stock market trends. It generates real-time graphs, sends custom alerts, creates SLA reports and much more. Operating System: Windows, Linux, OS X.
37. NDT
Replaces: NetFlow Traffic Analyzer, Nimsoft, Orion NPM, OpManager
Short for “Network Diagnostic Tool,” NDT is a client/server app that offers network performance testing. It can help identify problems such as duplex mismatch conditions on Ethernet/FastEthernet links, incorrectly set TCP buffers in the user’s computer, or problems with the local network infrastructure. Operating System: Linux.
38. Net-SNMP
Replaces: Nimsoft, Orion NPM, OpManager
This set of applications implements SNMP v1, SNMP v2c and SNMP v3 protocols for both IPv4 and IPv6. These are command line tools, so they’re not quite as user friendly as some of the other network monitoring applications. Operating System: Windows, Linux.
Open Source Networking: Network Simulation
39. GNS3
Replaces: OpNet Modeler, iTrinegy Network Emulator
This tool allows network engineers and administrators to simulate complex systems in order to design networks or to study for certification exams. There’s a tutorial and extensive documentation on the site to help new users learn how to use the application. Operating System: Windows, Linux, OS X.
Open Source Networking: Network Storage
40. FreeNAS
Replaces: Isilon products, IPDATA appliances, Netgear ReadyNAS
This open source storage platform allows end users to store and share files across Windows, Mac, Linux and Unix-like systems. Key features include thin provisioning, backup and restore, snapshots, zettabyte file system and a Web interface. Operating System: FreeBSD.
41. Gluster FS
Replaces: Isilon products, IPDATA appliances, Netgear ReadyNAS
This distributed file system can scale up to 72 brontobytes while handling thousands of clients. A commercial version of the same software is available through Red Hat. Operating System: Linux.
42. Openfiler
Replaces: Isilon products, IPDATA appliances, Netgear ReadyNAS
Openfiler offers unified storage incorporating both NAS and SAN features. Its customers include Motorola, Pratt & Whitney, BillMeLater and the London Metropolitan Police. Commercial support and plug-ins are available. Operating System: Linux.
Open Source Networking: Packet Analysis
43. Wireshark
The “world’s foremost network protocol analyzer,” Wireshark allows administrators to capture network traffic and browse it interactively. Features include deep inspection of hundreds of protocols, live capture and offline analysis, powerful display filters, VoIP analysis and much more. Operating System: Windows, Linux, OS X.
44. tcpdump
Although it lacks a user-friendly GUI, this command-line tool offers powerful packet analysis capabilities. Not that the same site also features the libpcap library for network traffic capture. Operating System: Linux.
45. WinDump
This is the version you’ll need if you want to run tcpdump on Windows. It also includes the WinPcap library and drivers for traffic capture. Operating System: Windows.
Open Source Networking: Password Crackers
46. Ophcrack
Replaces: Passware
Every network administrator needs to recover a lost or unknown password from time to time. Ophcrack uses the rainbow tables method to recover passwords, and it has a brute force module for cracking simple passwords. Operating System: Windows, Linux, OS X.
47. John the Ripper
Replaces: Passware
John the Ripper can crack weak Unix passwords very quickly. It also comes in a paid Pro version. Operating System: Windows, Linux, OS X.
Open Source Networking: Remote Access/VPN
48. OpenVPN
Replaces: CheckPoint Mobile Access Software Blad, Cisco VPN
This very popular open source VPN solution offers remote network access to your network with OpenSSL encryption and authentication capabilities. In addition to the open source community version, it also comes in a paid version for enterprises, and it’s available as a service through PrivateTunnel. Operating System: Windows, Linux, OS X, others.
49. TightVNC
Replaces: GoToMyPC, Numara Remote Manger
This remote control application allows users to interact with a system in one location while using a system in another location. In addition to its telecommuting uses, it’s also useful in many help desk situations. Operating System: Windows, Linux.
50. UltraVNC
Replaces: GoToMyPC, Numara Remote Manger
UltraVNC offers similar capabilities as TightVNC. Key features include file transfer, video driver, optional encryption plugins, MS logon, text chat, viewer toolbar, viewer auto scaling, multiple monitor support, auto reconnection and more. Operating System: Windows.
Open Source Networking: Router Software
51. Vyatta
Replaces: Cisco routers
Used by dozens of Fortune 500 companies, Vyatta allows users to create their own enterprise-grade networking appliance from any x86 system. You can find commercial products based on the same technology at Vyatta.com. Operating System: Linux.
52. FREESCO
Replaces: Cisco routers
This Linux-based software lets you set up your own router or a Web, FTP, DNS or SSH server. It incorporates firewalling and NAT capabilities. Operating system: Linux.
53. Tomato
Replaces the firmware on Lynksys, Buffalo, and other Broadcom-based routers
While the other projects in this category allow you to create your own routers from standard PCs, this project is a replacement for the firmware on routers you may already own, specifically Linksys’ WRT54G/GL/GS, Buffalo WHR-G54S/WHR-HP-G54 and other Broadcom-based routers. It includes some more advanced management capabilities, raises the maximum connections for P2P and enables additional wireless features.
Open Source Networking: Vulnerability Testing/Security Audits
54. BackTrack
Replaces: Lumension Scan, Sunbelt Network Security Inspector, Saint
BackTrack’s website describes it as “a Linux-based penetration testing arsenal that aids security professionals in the ability to perform assessments in a purely native environment dedicated to hacking.” It’s won numerous awards and has been downloaded more than 4 million times. Operating System: Linux.
55. Metasploit
Replaces: Lumension Scan, Sunbelt Network Security Inspector, Saint
This well-known penetration testing tool simplifies network discovery and vulnerability verification. In addition to the free community version, it also comes in paid pro and express versions that add more capabilities. Operating System: Windows, Linux.
56. Nexpost
Replaces: Lumension Scan, Sunbelt Network Security Inspector, Saint
Often used alongside Metasploit, Nexpose offers vulnerability scanning for very small organizations or individuals. It also comes in paid express, consultant and enterprise versions. Operating System: Windows, Linux.
57. Nmap
Replaces: Lumension Scan, Sunbelt Network Security Inspector, Saint
This powerful network scanner helps with numerous administrative tasks, such as network inventory, managing upgrades and monitoring uptime, as well as with performing security audits. It’s very flexible, portable and it’s won numerous awards. Operating System: Windows, Linux, OS X.
58. OpenVAS
Replaces: Nessus
The “world’s most advanced open source vulnerability scanner and manager,” OpenVAS is a framework with several tools for security testing and management. As of May 2012, it now includes more than 25,000 network vunlerability tests. Operating System: Windows, Linux, OS X.
59. Sara
Replaces: Nessus, Lumension Scan, Sunbelt Network Security Inspector, Saint
Short for “Security Auditor’s Research Assistant,” Sara integrates with the National Vulnerability Database (NVD) and performs SQL injection and XSS tests. It’s no longer under active development, but you can still download the code from this link. Operating System: Windows, Linux, OS X.
Open Source Networking: Web Filtering
60. DansGuardian
Replaces: McAfee Family Protection NetNanny
This content filtering tool uses phrase matching, PICS filtering and URL filtering to block objectionable material from your network. Highly flexible, it allows the user to define what is an what is not objectionable, with the default settings designed to be appropriate for young children. Operating System: Linux, OS X.