Hi Good Morning,
Toady I share one important article related to open source security tools. There are hundreds of open security tools are available.
The transition from closed networks enterprise-wide IT networks is gathering speed but naturally raising the alaram about threats like viruses, spyware, adware, malware, rootkits, etc..
These security threats can cause a wide range of disturbance, ranging from denial-o- service(DoS) attacks to identity theft, DNS poisoning,etc on the web
There are a lot of open source tools available to counter these threats so that your device is not at risk. Let’s look at ten open source tools that are widely used in the industry.
- Security Onion
- Google Rapid Response
- Scumblr and Sketchy
OSQuery is developed by Facebook and is a simple tool for your MAC OS X and Linux infrastructure. Some of the important features of this tool include file monitoring, hardware changes, network traffic and process creation. This tool allows easy access to data and also logs system information based upon your queries. ‘
It allows user to write automation scripts, apply actionable information security intelligence, and discover new ways in which your enterprise can change servers.
Security Onion is a network security monitoring distribution system. It is used for replace the expensive commercial grey boxes with blinking lights.
Security Onion is a Linux distro for IDS, log management and network security monitoring(NSM) . This is an intrusion detection system and is very simple to set up in your enterprise. Security Onion has three core functions:full packet Capture, network-based and host- based intrusion detection systems [The intrusion detection system like NIDS and HIDS respectively], and powerful analysis tools.
Skyline helps to detect the various anomalies in your infrastructure. It operates in realtime and is built to enable passive monitoring of hundreds of thousands of metrics. It is designed to be used wherever here is a large quantity of high- resolution time series, which needs constant monitoring . After Skyline detects an anomalous metric, it surfaces the entries time series to the web app, where the anomaly can be viewed and acted upon.
4.Google Rapid Response
Google Rapid Response(GRP)bas it is more commonly called, is Google’s remote live forensics for incident response. GRR consists of an agent( client) that can be deployed to a large system, and serve infrastructure that can manage and talk to the agent. It also has cross-platform support for Linux, Mac OS X and windows clients. One of the most important features includes live remote memory analysis using open source memory drivers for windows Mac OS X and Linux, and the Rekall memory analysis framework
The OSSEC is HIDS or hot based intrusion detection system. We can easy to setup and configure.
OSSEC is an open source host-based intrusion detection system which has good features like log analysis, file integrity checking, policy monitoring, rootkit detection, realtime alerting and active response.
It runs on most operating systems, including Linux, Mac OS, Solaris, HP-UX, AIX and windows
6.Scumblr and Sketchy
Scumblr is a web based application that allows users to perform periodic searches and take actions based on identified results. It also searches by using plugins called search providers or APIs, Each search provider knows how to perform a search via certain site or API( google, Bing, twitter etc). Searches can be configured from within Scumblr based on the options made available by the search provider.
RAPPOR is a novel privacy technology that allows broad demongraphic statistics about populations to be inferred while preserving the privacy of individual users. This is developed by Google.
OpenVAS is a framework of several services and tools offering a comprehensive and powerful vulnerability scanning and vulnerability management solutions.
OpenSSH is a free version of the SSH connectivity tools that technical users of the Internet rely on.
Users of telnet, rlogin and ftp may not realize that their password is transmitted across the Internet unencrypted, but it is. OpenSSH encrypts all traffic ( including passwords) to effectively eliminate eavesdropping, connection hijacking and other attacks. Additionally, OpenSSH provides secure tunneling capabilities and several authentication methods, and supports all SSH protocol versions.
MIDAS is a framework for developing a Mac Intrusion Detection Analysis System, based on work and collaborative discussions between the Etsy and Facebook security teams. This repository provides a modular framework and a number of helper utilities, as well as an example module for detecting modifications to common OS X persistence mechanisms.
As can be seen, there are a lot of tools available in the open source community that are driven in collaboration with many big innovators. In spite of this, the security considerations listed below need to be kept in mind as the world moves towards loT:
- Always use a firewall and make sure it is ‘Enabled’
- Always use an antivirus
- Always use the updated Software
- Be aware of spam/phishing scams
- Never reuse your password on the web