EmailSafety.net - InfoSec: Consultant touts open-source security tools

InfoSec: Consultant touts open-source security tools

Anti-Spam Software

What is Spam?

Spam Laws

Spam Facts

User Tips

Common Email Scams

What Are Visuses?

Virus Prevention Tips

Anti-Virus Software

Basic Tips

IDG Related content

Computer crime laws worry security pros
Computerworld Inc.

SANS notes sharp increase in Mac OS X flaws
Computerworld Inc.

DOD rolls out massive storage network with 17,000 ports
Computerworld Inc.

Community

Larry Jacobs of RAD Data Communications provides added value to Cisco networking scenarios with the RAD Frisco website

Things are worse

Securing Block Storage for the Long Haul

All security forums

Pointing to two Web sites, Freshmeat.net and Sourceforge.net, as central repositories to find open source software and information, Luallen told InfoSec attendees about the rich supply of vulnerability scanners, authentication software, penetration testing tools, antispam, intrusion-detection systems and more that exist as open source or freeware.

“The WiKiD Strong Authentication Server is a two-factor authentication server,” said Luallen, referencing ones he thought among the most useful . Among other great security tools there for the asking are SpamAssassin, which can identify spam, Splunk for log analysis, NTop for anomaly detection, TrueCrypt for encrypting data at rest, and the penetration-testing tool BackTrack. He said all are examples of useful security tools that companies should consider securing enterprise networks.

“Technically, the Splunk Log Analysis is not open source but it’s freeware, Luallen said. “It can interpret log files from almost any application out there. We have to know what’s going on in our environment, whether it’s Linux, Windows, switches, routers, whatever you will.” He added Splunk has become particularly useful because it can make use of the SANS Institute Top 5 log-analysis scripts.

Luallen said he had a few caveats about using open source and freeware tools in enterprises, however. These open source tools might be bought or their makers could abandon them. In addition, there’s a risk that this easily available software could have a backdoor or malware in it, inserted either deliberately or because a hacker compromised it. “Anything you download off the Internet could have a backdoor or a ‘phone home’ associated with it,” Luallen cautioned. He added some tools are also going to require a bit of programming skill to really take advantage of them.

1 | 2 | 3 | Next >

Recent News:

· The State of Spam: What to Expect in 2009
· Twitter hit with phishing scam
· Psychic predictions for tech in 2009
· Watch out for hidden cookies
· Microsoft downplays Windows Media Player bug

Site Map | Recent News | Related Sites

Other stories on this topic

IDG Related content

Community