The Top 75 Open Source Security Apps
http://www.linuxplanet.com/linuxplanet/reviews/6479/1/
Cynthia Harvey
Monday, April 28, 2008 12:04:01 PM
This Windows-only app uses the incredibly popular ClamAV engine to detect viruses and spyware. It includes a scanning scheduler, automatic downloads, and a Microsoft Outlook plug-in. However, it does not provide real-time scanning; you'll need to scan your files manually in order to be protected. Operating System: Windows.
2. ClamAV
Numerous commercial and open-source products are based on the Clam Antivirus engine. Designed for protecting e-mail gateways, Clam AV offers automatic updates, a command line scanner, and more. Operating System: Unix, Linux, BSD.
Moon Secure is currently based on ClamAV, but the developers are working on an antivirus engine of their own that will enable real-time scanning. Operating System: Windows.
As you might expect from its name, Rootkit Hunter searches your system for rootkits and other unwanted tools. It does not provide live or scheduled scanning, but the Web site contains instructions for setting up your system to run Rootkit Hunter daily. Operating System: Linux, Unix.
5. AMaVis
Short for "A Mail Virus Scanner," AMaVis acts as a go between for your anti-virus software and your mail transport agent so that incoming e-mails can be scanned for viruses. The site contains the complete--and very extensive--list of supported applications. Operating System: OS Independent.
6. ClamMail ClamMail combines a POP3 e-mail proxy with the ClamAV engine. The result is free antivirus protection for messages accessed via Outlook, Thunderbird, Eudora, or other POP3 apps. Operating System: Windows.
7. P3Scan
This e-mail proxy server scans both incoming and outgoing messages for viruses, worms, trojans, spam, and other malware. Like most open-source anti-virus tools, it's based in part on the ClamAV engine. Operating System: Linux.
8. Viralator
Still getting the occasional network virus even after you install anti-virus software? Viralator supplements the existing anti-virus software on your proxy server to block malware that might otherwise slip in when users access free webmail accounts. Operating System: Linux, Unix.
Anti-Spyware
9. xpy
This tiny program (less than 60KB), improves security, improves performance, and closes some of the flaws which opens up Windows to spyware. It disables the Windows "calling home" features, disarms Internet Explorer, disables Windows Media Player, and more. Operating System: Windows.
10. Nixory
Nixory is designed to protect Firefox users from unwanted cookies and spyware. And unlike most similar programs, you won't need to delete your previously installed anti-spyware or anti-malware programs in order to use it. Operating System: OS Independent.
Communication and File Sharing
11. Mute
Using routing mechanisms inspired by ants (yes, the insects), Mute provides completely anonymous file transfer and file sharing that is virtually impossible to trace. In addition, messages passed on the network are protected by military grade encryption. Operating System: OS Independent.
12. Waste
Waste allows small groups of users to chat and download files securely and anonymously. Transmissions are encrypted using RSA and Blowfish algorithms. Operating System: Windows, Linux, BSD, OS X.
13. ANts P2P
This third generation peer-to-peer network hides your identity and encrypts all transmissions for completely secure communication. And as you might expect, it's also inspired by the behavior of ants. Operating System: OS Independent.
Data Removal
14. Eraser
Want to make sure that file you deleted can never be retrieved? Eraser writes over your files with random data so that no one can snoop into your private files. Operating System: Windows and DOS.
Also known as "DBAN," Darik's Boot and Nuke completely eliminates all of the data on a hard drive. It's an ideal way to clean up an old computer before you donate or recycle it. Operating System: OS Independent.
16. Wipe
Wipe erases all traces of deleted files from your hard drive so that they can't be retrieved. It relies heavily on the work of Peter Gutmann, one of the foremost experts in the field. Operating System: Linux.
Encryption
17. AxCrypt
Simply right-click on a file in Windows Explorer and you can encrypt it, and a double-click decrypts the data. AxCrypt also supports self-decrypting files so that you can protect files in transit while still allowing e-mail recipients to view the information easily. Operating System: Windows.
As you might expect, Mac GnuPG ports GnuPG so that it can be used on a Mac. It provides better privacy than PGP and supports multiple encryption standards and languages. Operating System: Mac OS X.
19. WinPT
Short for "Windows Privacy Tools," WinPT collects a number of different encryption tools into a single application. It's based on GnuPG and is compatible with PGP. Operating System: Windows.
20. PeaZip
This archiving utility creates, opens, and encrypts zip files and dozens of other compression formats. Additional features include split/join files (file span), wipe files (secure deletion), compare, checksum and hash files, system benchmark, and more. Operating System: Windows, Linux.
21. MCrypt
Intended as a replacement for the Unix crypt, MCrypt lets developers add a wide range of encryption functions to their code without needing to be expert cryptographers. Note that this is a developer tool, not an encryption app for end-users. Operating System: Windows, Linux, Unix.
Store secret data securely on your Palm-based handheld. Keyring provides secure triple-DES encryption and is available in a number of different languages. Operating System: PalmOS.
23. Hide in Picture
Conceal data within normal-looking bitmap images. A simple password decrypts the file. Operating System: Windows, DOS.
24. Steghide
Steghide compresses, encrypts, and conceals messages inside pictures or audio files. It also embeds a checksum to verify data integrity once decrypted. Operating System: OS Independent.
25. GPGrelay
This e-mail relaying server signs or encrypts e-mail communications using GnuPG (Gnu Privacy Guard) and your existing e-mail client. The developers are careful to note that this app only protects e-mail in transit--it is still stored in its decrypted state on your computer. Operating System: Windows.
26. MailCrypt
MailCrypt allows you to encrypt, decrypt, and sign messages and usenet articles using either PGP or GnuPG. One warning: MailCrypt may not be secure when used on an NT workstation (site has details). Operating System: OS Independent.
27. Open Signature
This digital signature project supports all Open SC cards and aims to be the first single app that can be used with cards from multiple countries. Open Signature originally focused on cards used in Italy but has branched out. Operating System: Windows, Linux, Unix.
28. Crypt
Ultra-fast and lightweight, Crypt can be used encrypt or decrypt just about anything on your Windows system, including regular files and directories, consoles, communication resources, disk devices, and more. Operating System: Windows.
File Transfer
29. WinSCP
WinSCP supports both SFTP and FTP file transfer. It also offers a basic file manager. Operating System: Windows.
Firewalls/Network Gateways 30. IPCop Designed for small
businesses, IPCop lets you turn an old PC into a network appliance that
protects against threats and speeds Web access. It's easy to use, and
it works with just about every type of connection from dial-up to
leased lines. Operating System: Linux.
31. ShellTer Notable for its SSH
protection, ShellTer is an iptables-based firewall that supports port
forwarding, blacklisting, whitelisting, and more. It's easy to
configure, easy to install, and easy to customize. Operating System:
Linux. Like IPCop, Endian
Firewall Community contains a complete Linux distribution that can be
used to turn any PC into a firewall appliance. It includes antivirus,
anti-spam, Web content filtering, and VPN capabilities. Operating
System: Linux. 33. Untangle Untangle combines an
open-source firewall, router, web filter, spam blocker, intrusion
detection system, anti-virus, anti-spyware, anti-spam, VPN, and more
into a package that rivals commercial network gateways. In order to use
it, you'll need a separate PC that will function as a security
appliance. Operating System: Linux. 34. Devil-Linux Like many of the
other apps in this category, Devil-Linux was originally intended to be
used to turn an old PC into a firewall/router. Now the program has been
updated so that it can also be used as an application server. Operating
System: Linux. 35. Turtle Firewall Turtle Firewall is
fast and easy-to-use--if you know what you're doing. You define and
select which zones, hosts, networks, and services you want to enable,
which gives you a lot of control but requires a good understanding of
network security. Operating System: Linux.
36. Shorewall Shorewall (aka
"Shoreline Firewall") makes it easy to configure Netfilter so that it
can be used as a firewall on a standalone system or as part of a
gateway appliance on a network. Once installed, it can also be used to
monitor Netfileter actions. Operating System: Linux. 37. FireHOL Like Shorewall,
FireHOL isn't an actual firewall as much as a firewall configurator. It
aims to make understanding and configuring firewalls easy, even for
those with limited knowledge on the subject. Operating System: Linux. 38. Sentry Firewall Sentry combines
firewall, server, and intrusion detection capabilities onto a bootable
CD. It relies on a number of well-known open source apps, including
Open VPN, Snort IDS, NMap, and more. Operating System: Linux. 39. Vuurmuur Designed to be easy
to use, Vuurmuur is an iptables-based firewall that doesn't require any
knowledge of iptables. It offers real-time log and connection viewing,
filtering, traffic volume accounting, auditing, and more. Operating
System: Linux. Forensics 40. ODESSA Short for "Open
Digital Evidence Search and Seizure Architecture," ODESSA contains a
number of different tools for collecting and analyzing digital
evidence. With more than seven years of development behind it, the
project is fairly mature, and the site contains links to a number of
other forensics-related projects. Operating System: Windows, Linux, OS
X. 41. Live View Live View creates a
virtual machine from a raw disk image or physical disk. As a result,
you can see and interact with a PC just as the user did, without
changing the environment or endangering your own PC. Operating System:
Windows. Internet Security Suites 42. Winpooch Calling itself "an
opensource watchdog for Windows," Winpooch incorporates anti-spyware
and anti-trojan capabilities with ClamWin Antivirus. It aims to give
the user complete control over which programs are running on the
system. Operating System: Windows. 43. DemocraKey The DemocraKey
tagline says it all: "It's like a condom for your computer." Install it
on a portable drive and plug it in to any computer. DemocraKey scans
for viruses and protects your privacy while you surf. Operating System:
Windows. Intrusion Detection 44. Snort As the most widely
deployed intrusion prevention technology in the world, Snort has earned
the right to call itself "the de facto standard for intrusion
prevention/detection." It performs real-time analysis to detect buffer
overflows, stealth port scans, CGI attacks, SMB probes, OS
fingerprinting attempts, and other attacks. Operating System: Linux,
Unix, BSD, Mac OS X. 45. AFICK Short for "Another
File Integrity Checker," AFICK monitors changes to your file systems in
order to alert you to possible intrusion. If you're familiar with
Tripwire, AFICK will look and feel very familiar. Operating System:
Windows, Linux, Unix.
46. snort_inline This modified version of Snort uses iptables instead of libpcap. Operating System: FreeBSD, Linux. Log File Analyzers 47. AWStats AWStats generates
graphs based on all kinds of log file information, including advanced
web, streaming, ftp, or mail server statistics. Note: The site works
best when viewed with Firefox. Operating System: Windows, Linux, Unix,
BSD. Wondering what your
Netfilter-based firewall has been doing all day? This app helps you
make sense of all the data tracked by your logs. Operating System:
Linux. Miscellaneous 49. Bastille Linux With a dual goal of
hardening systems and educating users about security, Bastille Linux
provides information about various topics, asks users related
questions, and then builds security policies based on the answers. In
assessment mode, it provides a report showing how Bastille has helped
improve the security of the system. Operating System: Linux, Unix, Mac
OS X. 50. Motion Motion is a
software-based motion detector. It monitors video feeds from one or
more cameras and sends an alert when the picture changes. Operating
System: Linux. 51. iAlertU Worried about your
MacBook getting stolen? When iAlertU senses sudden motion, it sets off
an alarm, and it even takes a picture of the thief and e-mails it to
you. Operating System: Mac OS X. Network Monitoring 52. Angry IP Scanner This very fast IP
address and port scanner pings IP addresses and provides a variety of
optional data about each address. Numerous plug-ins are available to
extend its capabilities, and if you can write Java code, it's easy to
write extensions of your own to find exactly the information you need
to monitor and manage your network. Operating System: Windows, Linux,
Mac OS X. 53. Winfingerprint This Windows-only
network monitoring tool provides information on OS, users, groups,
shares, SIDs, transports, sessions, services, service pack and hotfix
level, date and time, disks, and open ports. Operating System: Windows.
54. Knocker Written in C, Knocker is a simple, easy-to-use TCP security port scanner. Operating System: Windows, Linux, Unix, FreeBSD. 55. AIM Sniff Want to find out how
much time employees are wasting with instant messaging? AIM monitors
and archives AOL and MSN instant messages across your network.
Operating System: Linux, FreeBSD, OS X. 56. NSAT Network Security
Analysis Tool, or NSAT, scans your network for a host of security
vulnerabilities. It's easy to configure NSAT to do just what you want,
providing maximum flexibility. Operating System: Linux, Unix, FreeBSD,
OS X. 57. SniffDet The SniffDet remote
sniffer detection tool and library monitors your network and alerts you
to any machines running in promiscuous mode or with a sniffer. It
includes the ICMP test, ARP test; DNS test; LATENCY test, and more.
Operating System: Linux. 58. SEC Short for "Simple
Event Correlator," SEC applies rules to application data to determine
if particular events have occurred and to take pre-determined actions
as a result. It's particularly helpful for network management, system
monitoring, data security, intrusion detection, and log file monitoring
and analysis. Operating System: OS Independent. 59. Nipper This network
infrastructure parser analyzes configuration data from network devices
and creates an easy-to-understand report. Supported device
manufacturers include Cisco, Nokia, Juniper, CheckPoint, and Nortel.
Operating System: Windows, Linux, Unix, BSD, Mac OS X.
Password Management
Too many passwords to remember? KeePass encrypts all of your passwords and stores them securely on your hard drive or a portable drive. You can choose to unlock them using either a master password or a key-disk. Operating System: Windows, Linux, Mac OS X, Blackberry, PalmOS, and multiple other platforms used by mobile devices.
61. PWGen
Any network administrator will tell you that strong passwords are key to computer security, but creating difficult-to-crack passwords can be challenging. PWGen does the work for you, creating strong, randomly generated passwords. This app is particularly helpful when you use it with a password safe so that you don't have to remember all those random strings of characters. Operating System: Windows.
This GNOME application encrypts passwords with the blowfish algorithm and stores them securely. FPM also includes a password generator to help you create hard-to-crack passwords. Operating System: Linux.
Remote Administration
63. BO2K
Based on Back Orifice, BO2K provides file-synchronization and remote operation capabilities for network administrators. Unlike most commercially available products, it's small, fast, free, and very extensible. Operating System: Linux
Systems Administration Tools
64. Inside Security Rescue Toolkit
This toolkit packs tons of useful apps and a full, bootable Linux system into a package that fits on a single CD-ROM. Among the more useful features are the included partition support, network analysis, disaster recovery, anti-virus, and forensics tools. Operating System: Linux.
65. SNARE
Short for "System iNtrusion Analysis and Reporting Environment," SNARE collects log data from a number of different sources so that security threats can be analyzed. Commercial support and a more robust version of the software that includes analysis and reporting capabilities are also available at the site. Operating System: Windows, Linux, Unix, Solaris.
66. Network Security Toolkit (NST)
This bootable live ISO CD contains nearly 100 of the best open source security apps and should run on most x86 systems. It includes tools for network traffic analysis, intrusion detection, network packet generation, wireless network monitoring, a virtual system service server, or a sophisticated network/host scanner. It also provides assistance in troubleshooting crashed systems. Operating System: OS Independent.
67. BASE
BASE, short for "Basic Analysis and Security Engine," provides a front-end to analyze alerts from Snort IDS. It's easy to use and includes role-based user authentication. Operating System: OS Independent.
68. Startup Manager
Startup Manager gives you control over which applications start up when you boot your Windows PC. The result is better security, faster startup, and greater customization. Operating System: Windows.
69. Program Killer
Concerned that you might have unknown EXE files running on your Windows system? Program Killer detects processes being run by unauthorized program files and terminates them. Operating System: Windows.
User Authentication
70. Smart Sign
Smart Sign offers several different modules that help you use smart cards for user authentication and digital signatures. It supports a number of different card types and readers, as well as the Open CA certification authority. Operating System: Linux.
71. WiKID
The WiKID community version provides open-source, two-factor authentication for VPN, online banking, extranet access, and more. The commercially available enterprise version adds support and some proprietary code that cannot be released under GPL. Operating System: OS Independent.
Virtual Private Network Tools
72. Poptop
Utilizing PPTP (Point-to-Point Tunneling Protocol), Poptop allows remote users to establish a VPN and connect to their corporate network from any location. It allows both Windows and Linux clients to connect to Linux servers. Operating System: Windows, Linux
73. OpenVPN
Winner of numerous awards, OpenVPN provides remote access, site-to-site VPNs, Wi-Fi security, and enterprise-scale remote access solutions. It geared primarily for medium- to large-scale enterprises. Operating System: Windows, Linux, Mac OS X, Solaris, BSD
74. SSL Explorer
SSL Explorer bills itself as "the world's first browser-based open source SSL VPN." While it is a true open-source product, the site primarily promotes the fee-based enterprise edition of the software which includes commercial support and additional features. Operating System: Windows, Linux, Unix, BSD
75. Zebedee
While it's not a
true VPN tool, Zebedee does provide secure IP tunneling for TCP/IP or
UDP data transfer between two systems. It not only provides security
against snoopers, its compression capabilities save on network
bandwidth. Operating System: Windows, Linux, Unix.
This article originally appeared in eSecurityPlanet, a JupiterOnlineMedia site.