In its Best of Open Source Software (BOSSIE) 2010 awards, InfoWorld has recognized a number of tools for building a network, running a network, and ensuring that the network is secure. Nominees include:

• DD-WRT: Built for the Broadcom and Atheros chip sets, DD-WRT firmware includes most of the functionality you'd expect from a router: wireless encryption, QoS, IPv6, port forwarding, UPNP, and so on; also features functionalities like OpenVPN support, a hotspot portal, and AnchorFree anonymization

• HTTPS-Everywhere: An extension for Mozilla Firefox and Google Chrome from the Electronic Frontier Foundation, HTTPS Everywhere creates a secure, encrypted tunnel between the Web browser and websites that support HTTPS but don't reliably establish HTTPS sessions

• True Crypt: Offers plug-and-play full-disk encryption that lets you scramble the contents of whole drives and entire operating systems, although the latter is for Windows only at the moment

• FreeOTFE: Provides many of the same features as True Crypt -- encryption for whole drives or files that serve as virtual volume containers, security token and smart card support, and even obfuscated (nested) volumes but with a broader range of encryption and hash options than TrueCrypt; also able to run in a portable mode that's more genuinely portable than TrueCrypt's portable version

• Eraser: one of the best known and most widely used tools for data erasure within Windows, according to InfoWorld. Point it at a file or directory, and it will completely remove all traces; not just the file contents but directory entries and metadata as well

• Darik's Boot and Nuke: (AKA DBAN) a self-contained solution for system wide data destruction in a computer being retired from service that needs assured erasure of all sensitive data on its disks

• Vyatta: A Linux-based router and firewall system designed to replace existing proprietary network devices -- such as Cisco's routers, for which the creators have even supplied detailed migration instructions -- with industry-standard x86/x64 hardware

• Open vSwitch: A distributed virtual switch with advanced flow monitoring, vprobes, spans, QoS, and the ability to deploy as a virtual or physical appliance that rivals vSphere 5 and Hyper-V 2012; Open vSwitch is used in Citrix XenServer and the Xen Cloud Platform, and it supports Xen, KVM, and VirtualBox

• Elastix: A full-featured Asterisk PBX server, Elastix provides basic UC capabilities, such as support for LDAP, follow-me, an integrated calendar, Web conferencing, a click-to-dial phone book, integration with CRM services (SugarCRM and vTiger), and the Openfire IM server

• Anti-Spam SMTP Proxy Server: An antispam firewall that includes implementations of such popular spam prevention methods as whitelisting, graylisting, SPF, DNS blacklists, and integration with ClamAV and FileScan. ASSP also adds weighted regular expression filtering, damping, word stemming in the Bayesian filtering analysis, and support for SenderBase, transparent proxying, and plug-ins to tap OCR of attachments for filtering

• iSpy: A video camera monitoring system designed to work with smaller installations that is suitable for use in homes and remote offices. iSpy can perform motion detection to trigger alerts and save recordings for evidence. Conversely, iSpy can also detect a lack of motion useful in monitoring an automated piece of equipment in a factory or an electricity-generating windmill, sending an alert whenever the machine stops working

• OpenNMS: The network monitoring and management software to use if you have a lot of stuff and need something highly customizable. More flexible, more customizable, and more enterprise-ready than most of its competitors, InfoWorld says

• Cacti: The venerable front end to the RRDtool data logging system, Cacti can tell you whether your links are up or down, display your network's throughput, and alert on any problems

• Wireshark: A network traffic sniffer and analyzer that rivals even the best commercial analyzers, capturing, logging, filtering, and analyzing traffic down to the contents of individual packets, with detailed information about each protocol and network device

• Snort: The best open source intrusion detection and prevention system out there, says InfoWorld. Using rules to detect both signature and anomaly-based attacks, Snort is deployed worldwide as a first line of defense

• Sagan: A log monitoring system that can write back to a Snort database and correlate log events flagged by Sagan rules with Snort events. Sagan also works with other network and security devices that generate SNMP traps, output syslog, or other log formats

• Suricata: An IDS/IPS designed with modern threats and modern hardware in mind that features a multithreaded flow engine, high-speed IP address matching, Layer 7 protocol detection on any port, and the ability to detect file types in an HTTP stream regardless of extension. Developed by the Department of Homeland Security's Directorate for its Science and Technology HOST program

• Snorby: The Snorby charting interface for Snort, Suricata, and Sagan is a crisp and clean Ruby on Rails application that makes vast amounts of data clear and concise with an uncomplicated dashboard for monitoring, searching, and classifying security events on your network

• Nmap: A network security scanner that can run a number of different analyses on a remote host and produce detailed reports about open ports, running services, and even educated guesses about the OS in use. The command-line version of the program can be used as-is or in conjunction with a graphics front end. Nmap 6 brings an expanded scripting engine for automation, full IPv6 support, faster scanning performance, and a new ping-on-steroids Nping tool

• Metasploit: A tool for attack and penetration testing that provides a comprehensive environment for finding vulnerabilities on your network, creating attacks that exploit those vulnerabilities, and automating launches of those attacks against virtually any host and port on your network; useful for finding vulnerable machines to fix and shoring up your network against threats

• BackTrack: The best single toolkit in all of information security, InfoWorld proclaims; a Linux distro you can boot in its entirety from a Live DVD or thumb drive that includes a ton of security tools. Whether you need a wireless hacking toolkit, utilities for digital forensics, or an on-the-go pen-testing suite, you need look no further than BackTrack

• Burp Suite: A collection of tools for Web application security testing, that bundles a spider to crawl your site and identify dead links and submission forms, a proxy to facilitate man-in-the-middle attacks and watch traffic as it flows from your browser to the target site, and a penetration tool that can perform customized attacks based on vulnerabilities found with the spider and proxy

• dc3dd: Developed for the DoD Cyber Crime Center for use in forensics investigation, dc3dd is a straightforward disk imaging utility run from the command line; features include a job progress display and the ability to split output files into chunks; one slip when typing in commands could result in wiping out all the data on the original source disk, so caution is called for
• Ophcrack: Based on rainbow tables (precomputed hash tables), Ophcrack cracks Windows LM or NTLM hashes and spits out passwords 14 alphanumeric characters or smaller. (The company behind the project, Objectif Sécurité, sells Rainbow Tables for longer hashes.)

• John the Ripper: A password cracker supported by the venerable Rapid7 (of Metasploit fame), that has more recently been updated with a performance increase in cracking DES-based hashes. The "community enhanced" version can crack ZIP, RAR, PDF, and Microsoft Office passwords, among others

• GnuPG: Provides a whole suite of PGP tools for encryption, decryption, key management, and message signing. Support is included for a whole bevy of common and uncommon encryption algorithms, and a plug-in architecture allows future algorithms to be added transparently. The Windows build of the suite includes integration for Microsoft Outlook and even a tiny email client (Claws Mail) with native GnuPG support

• FindBugs: Uses static analysis (sans code execution) to check compiled Java (class or JAR) for bugs (patterns in bytecode that are consistent with coding errors), including bugs that can be used to exploit Java applications for malicious intent. FindBugs also has a nice plug-in architecture that can be used to extend bug detection and integrate with bug tracking systems
  
  Read More ... [...read more...]
  
  Keywords:

  • Bossie
  • Cisco
  • containers
  • encryption
  • Google
  • HotSpot
  • Hyper-V
  • infoworld
  • Java
  • key management
  • LDAP
  • Linux
  • Management
  • Monitoring
  • open source
  • Performance
  • PGP
  • security
  • Smart Card
  • SMTP
  • VirtualBox
  • Windows
  • xen
  
  

  		fullsource
  Print Email Current Profile Archive Blog Generate newsletter

  ---

  Other articles in the Free and Open Source S/W section of Volume 176, Issue 2: Bossie Awards 2012: The Best Open Source Networking and Security Software (this article) Bossie Awards 2012: Now for Something Completely Different See all archived articles in the Free and Open Source S/W section.

  Most Popular Articles in Current Issue (Vol 183, Issue 3) Sun Microsystems' stars: Where are they now? Making drawings with Oracle hardware components The Great Java Application Server Debate: GlassFish 10 Certifications that Actually Mean Something Evaluating Oracle Linux From Inside Oracle VM VirtualBox Java Spotlight Episode 132: Shing Wai Chan on JSR 340 Servlet 3.1 E-Book Oracle's SPARC Systems: What Customers Say Oracle Solaris 11 and PCI DSS Delivering Cloud Services to the State of Texas illumos and the 2013 Google Summer of Code