Below is a list of my top 5 network monitoring tools for Linux, in no particular order.
Nagios
Nagios is a network monitoring application that is capable of alerting a system administrator in the event that something goes wrong on a network, and even when it comes good again. Nagios lets you monitor network services (such as FTP, HTTP, SMTP, POP3, etc), host availability, host resources (CPU load, memory usage, etc), bandwidth utilization, and via the customizable nature of Nagios, it can potentially monitor anything (within reason). Some of the possibilities include monitoring for when SSL certificates are going to expire for a website, or when a domain name is going to expire, or even when a UPS drops below a set input voltage.
http://www.nagios.org/
Cacti
Cacti is a web based graphing tool, which stores its statistics in the RRDTool backend. It allows you create graphs of network traffic utilization, via the SNMP protocol. This allows you to create a central location of graphs, for all SNMP enabled network devices you have access to. Shell scripts can be written to allow graphing of other devices that may not be SNMP enabled.
http://www.cacti.net/
Tcpdump
Tcpdump is a network packet analyzer (or otherwise known as a packet sniffer). It allows you to intercept and display any network traffic that your network interface card can see. While a network that runs in a switched environment will prevent Tcpdump from viewing all data, it is still handy for viewing data that does go through the PC you are running it on, especially if the machine is a firewall/router. Great tool for diagnosing network related issues. You can create pcap compatible capture files, and open them at a later time in Wireshark/Ethereal for easy analyzing.
http://www.tcpdump.org/
Nmap
Nmap stands for “Network Mapper”, and is tool for network scanning and security auditing. It is probably the best known port scanner around. It is a great tool for checking to see what services are running, what ports are open, etc. It has the ability to perform host discovery, port scanning, version detection, operating system detection, and also has its own scripting engine (NSE).
http://nmap.org/
Ntop
NTop is similar to the standard unix/linux “top” program, but displays network traffic information instead of process information. It runs in a console, however there is a web interface avaliable as well. When used on a firewall/gateway it allows you to monitor the Internet usage of your entire network.
http://www.ntop.org/
