Powerful tool to monitor coarse/fine grained external network IP attacks?

[Dan Thurman]

I have been using a lot of tools from packet analyzers
to firestarter and such but I have yet to find a powerful
security tool with course/fine grained monitoring of say the
top X IP activities of IP accesses to systems of interest.

I have used BlackIce and other ISS security tools before but
I am interested in any free or opensourced security tools that
allows one to monitor these activities in real-time mode.

I was thinking along the lines of something like what is in
firestarter, top, and system-monitor combined in a away that
allows for maximum flexibility when monitoring IP accesses
and possibly with the addition of event notification of say
a DDOS attack or port attacks or any of that sort of thing.

Occasionally, I may suspect that I am under attack and would
like to whip up the security monitor to start probing for
potential attacks and to assuage my fears and to take any
necessary actions to thwart any further attacks...

Anyone have any suggestions?

Kind regards,
Dan