Open Source Security: 50 Good Apps: Page 2
14. Bastille Linux
Bastille Linux/Unix asks you questions about what level of security you need and then "locks down" your OS, educating you about a variety of security topics along the way. Formerly only available for Linux and Unix, it now comes in a Mac OS X version. Operating System: Mac, Linux, Unix.
Labeling itself "the de facto standard for intrusion detection/prevention," Snort is the most widely deployed intrusion detection/prevention system in the world. It can perform real-time traffic analysis, packet logging, protocol analysis, content searching, and more. Operating System: Mac, Linux, Unix, BSD, Solaris.
This host-based intrusion detection system boasts more than 5,000 downloads a month and is in use at a number of large organizations around the world. Key features include log analysis, file integrity checking, Windows registry monitoring, rootkit detection, and real-time alerting. Operating System: Windows, Mac, Linux, Unix, BSD, Solaris.
The Basic Analysis and Security Engine or BASE isn't an IDS itself, but it does works hand-in-hand with Snort to help you make sense of all your IDS data. It provides a Web interface that allows you to search and analyze alert messages. Operating System: OS Independent.
Log Monitoring and Analysis
Ettercap monitors your LAN, logging and intercepting potential attacks. Key features include sniffing of live connections, content filtering, and more. Operating System: Windows, Mac, Linux, Unix, BSD, Solaris.
With AWStats, you can generate graphical representations of Web, streaming, ftp, or mail server statistics. As a result, you can see at a glance what kind and how many attacks have been directed at your network without slogging through pages of data. Operating System: Windows, Mac, Linux, Unix.
Short for "System iNtrusion Analysis and Reporting Environment," SNARE collects and analyzes event log data. Multiple report formats are available. Operating System: Windows, Mac, Linux, Unix, BSD, Solaris.
While technically not open-source, Splunk is available for free and works so well it was worth inclusion in this list. It not only monitors log files, it analyzes what's happening, making it easier to follow the trail of a hacker and respond to threats. Plus, it can analyze other types of IT data (message alerts, performance data, etc.) as well as security-related files. Operating System: Windows, Mac, Linux, BSD, Solaris, AIX.
Multiple Function Security Solutions
Short for "Open Source Security Information Management," OSSIM combines 12 separate open source security tools, including Snort, Nessus, Nagios, and others. The dual goals are to prevent intrusions and give administrators a complete, detailed view of the entire network. Operating System: Windows, Mac, Linux, Unix, BSD, Solaris.
Combining Wireshark, Nessus, Snort, Nmap, Ntop, Kismet, and many other well-known open-source security apps, NST aims to provide network security administrators with a comprehensive set of security tools. It provides network traffic analysis, intrusion detection, network packet generation, wireless network monitoring, and a host of other functions. Operating System: OS Independent.
Kismet is a combination wireless network detector, packet sniffer, and IDS. Often used to detect unprotected or hidden networks, it's a valuable tool for checking the security of your wireless network, as well as monitoring network activity. Operating System: Windows, Mac, Linux, Unix, BSD.