At many colleges and universities around North America, students learn about a variety of topics. Quite often for reasons of cost and flexibility, courses rely on Open Source alternatives to solutions that the industry typically employs. In fact, for many, Open Source opens new doors for students that would have otherwise been locked out.

Seneca College, located in Toronto, is no exception. In fact, Seneca College recently won an award from McGraw-Hill for Innovation in Education, specifically due to the way we teach Open Source at the College.

This year we held our 2nd Annual Open Source Symposium and it certainly fit the bill as a wide variety of topics were presented from security to higher education theory. Most importantly, the presenters were not just from Seneca College's Programming and Networking programs. Professors from Humber College, York University, Sheridan College and Durham College presented in addition to those from the private sector including IBM.

Some of the topics covered included the usability of Open Source utilities and Voice over IP (VOIP), Wireless Discovery tools, the value of Open Office, changes in the upcoming new Kernel 2.6, and teaching .Net via Open Source tools.

Taking center stage was Open Source and how well it can help drive network security. While a few would argue benefits of closed-source applications, mostly due to their support features, I believe that it is Open Source that can encourage the industry to innovate.

As an example, tools used in the Wireless Discovery presentation highlighted how easy it is to enter into a wireless network. Tools like wavemon, airtraf, wave stumbler and lwspy determine the "accessibility" of a network. Other tools like Kismet, Air Snort, Wellenreiter and Moxy can also be used to expose network vulnerabilities.

We have to remember that we cannot be lax in security by just patching what we think is wrong. Tools like these remind us that we sometimes need to view things from other angles to get the full picture. A savvy network administrator, after setting up a wireless network, can use these tools to determine how open their network is. He can then apply appropriate security to the wireless network (e.g., firewall, authentication controls, encryption via VPN, WEP, MAC controls, static IP, etc.). Finally, of course, he checks again with some of the tools above.

Open Source and security share a fairly long history. Many of the recognizable security tools were created with Open Source ideals. Tools such as Nmap, SATAN, SAINT, SARA, Nessus, Snort, Prelude, ipchains, iptables, squid, tripwire, SSH/OpenSSH, GnuPGP/PGP, OpenSSL, honeyd, MIT Kerberos and many more. Very few, if any, areas of security haven't been covered by one open source project or another.

Page 2: Open Source's Expanding Reach