Slashdot Mirror

← Back to Stories (view on slashdot.org)

Missing Open Source Security Tools?

Posted by simoniker on from the swiss-army-knife dept.

Kinetic writes "There are many great open source security tools out there, Nmap, Nessus, and DSniff, just to name a few. However, with the world of security constantly changing, this begs the question, what open source security tools are missing? What commercial security tools have no viable open source alternatives? When securing/testing/exploring networks (home or enterprise), what security tools/applications/functionality are lacking (or non-existent) in the open source world?"

10 of 362 comments (clear)

  1. Sniffer Pro by Nonesuch · · Score: 5, Informative
    Sniffer Pro has features which neither "ntop" nor "ethereal" come anywhere near, both in the realtime monitoring of traffic and also in some of the "expert" functionality.

    I've yet to find an open source tool that can show a "matrix" graph of source and destination talkers by MAC/IP/IPX name in realtime as found in Sniffer. Other tools show some of this information, but do not render the same graphical display (chords of a circle) as Sniffer.

    With ethereal there's to do this with snapshots using graphviz, but not realtime...

    --

    I do not deploy Linux. Ever.
    1. Re:Sniffer Pro by pkey · · Score: 5, Informative

      If I'm understanding what you're looking for (I've never seen Sniffer Pro in action), I think EtherApe might do it. It hasn't been updated since January of 2003, but the current version works fine for me.

  2. There are open security methodologies and tools! by bandrzej · · Score: 5, Informative
    Sheez, post something of importance, and get a bunch of smart ass flack.

    If you are looking for a proven open standard methodology for performing security tests, then Open Source Security Testing Methodology Manual (OSSTMM) is the way to go.

    In addition, there is the linux distro of Trinux, which includes most of the common linux open source security auditing tools.

    --

    LainTheWired = isgod( int Lain, int denial, float truth)

  3. Re:Your favorite tools by Lancer · · Score: 5, Informative
    My favorite tool?

    knoppix-std

    Most every security tool a network admin (or script kiddie) could want in a convenient iso package.

    --
    Outside of a dog, a book is man's best friend. Inside a dog it's too dark to read. - Groucho Marx
  4. Re:Open source virus scanners by Mc+Fly · · Score: 5, Informative

    Duh.
    Dude, you should see clamav, a full opensource antivirus for Linux, FreeBSD and even Windows, which integrates nicely with virtually every mailer out there.

    --
    He is the Path, the Truth and the Life
  5. Re:Open source virus scanners by gmuslera · · Score: 5, Informative
    What about ClamAV or OpenAntivirus or a lot in the same league?

    There are also a lot of integrity checkings tools, that if well don't count as "antivirus", at least they report changes that could mean something nasty running, and not to forget things like chkrootkit.

  6. Re:Security by bgeer · · Score: 4, Informative

    Um no. Ethereal was running about 1 remote-shell vuln a week for a long time. Snort has had a couple too. I guess you could argue that they're all fixed now, but you certainly can't be sure of that.

  7. Password auditing by siliconjunkie · · Score: 4, Informative

    I am unaware of open source software that meets the functionality of PWSEX or LC5.

  8. Re:user by DaveAtFraud · · Score: 4, Informative

    find already does most of what you're looking for:

    find . -perm u=xrw,g=xrw,o=xrw -print

    finds all mode 777 files under the current directory (the initial ".", substitute a path like /var/www if that's where you want to look). If you run it as root (probably required for what you want to do), you can use -user or -uid to find all of the files owned by a particular user name or UID.

    Play with the -perm or +perm flags if need be to refine the result.

    --
    They that can give up essential liberty to obtain a little temporary safety deserve neither safety nor liberty.
    Ben
  9. Re:Your favorite tools by alecthomas · · Score: 5, Informative

    A more appropriate tool might be linux-vserver, which lets you assign each virtual server its own disk quota, process space and IP addresses.