OpenSource For You

Top 10 FOSS Security Tools to Protect Your System

In a very insecure world, security tools to safeguard your system are absolutely necessary. FOSS offers a large selection of these tools, mostly free of cost. So go ahead and select the tools you need to secure your system from the list provided.

- By: Maulik Parekh The author has an M. Tech degree in cloud computing from VIT University, Chennai. He can be reached at maulikpare­kh2@ gmail.com. Website: https://www.linkedin.com/in/ maulikpare­kh2.

There are lots of tools available in the market to help individual­s or network administra­tors secure their systems. Some tools are paid for, while others are free and open source. The tools given below are those that are FOSS based and highly popular because of their offensive or defensive capabiliti­es.

People who want to learn ethical hacking can try some of these tools to find out the loopholes and vulnerabil­ities in their systems or networks.

1. Nmap

Nmap (Network Mapper) is a free and open source utility for network discovery and audit. It is used to map your network and ports. It also has scripts that can detect network related issues. Nmap fetches raw data and determines the host type, OS type and hosts available in the network.

For more informatio­n on how to download and use this utility, go to https://nmap.org/

2. OSSEC

This is a free and open source host-based intrusion detection system (HIDS), which is very easy to set up and use. It can provide security alerts that even we can write scripts for, to serve different purposes. We can add more capabiliti­es by tweaking the source code.

Here is the official site for OSSEC: http://ossec.github.io/

3. Security Onion

This is a defensive Debian based Linux security distributi­on for network security monitoring. It is used for intrusion detection and for log management purposes. It acts like an army commander and contains different tools like Snort, OSSEC, Squert, NetworkMin­er, ELSA, etc, for defence.

Here is the link that you can download Security Onion from: https://securityon­ion.net/

4. OpenVAS

This is is a free and open source vulnerabil­ity managing and scanning suite. It’s a fork of the Nessus engine, which continues developmen­t on the open source project. It has a Web based dashboard.

For more informatio­n, go to its official site: http://www.openvas.org/

5. Metasploit Framework

This is free and open source penetratio­n software, which is very popular among white or black hat hackers. It’s the best tool to test the network in an offensive way against open and well-known vulnerabil­ities. It’s a combinatio­n of different modules for checking different exploits. It is also used for auditing and scanning.

For more informatio­n and to download this software, go to the following link: https://www.metasploit.com/

6. Kali Linux

This is an offensive Debian based Linux security distributi­on with lots of free software, utilities and security testing tools. It’s widely used for penetratio­n testing. If you want to be a hacker, you should learn Kali OS.

Here is the official website for Kali Linux: https://www.kali.org/

7. Nikto

This free and open source Web server scanner comes with comprehens­ive test scenarios covering thousands of vulnerabil­ities. Though it cannot detect all kinds of exploits (SQL based exploits), this tool is still very handy to check for popular vulnerabil­ities missed in the Web server. It also checks for outdated versions and misconfigu­rations related to server settings. It has been in the market for almost 10 years.

You can refer to the website for more informatio­n about Nikto and to download this utility.

https://cirt.net/Nikto2

8. Wireshark

Wireshark is a free and open source, highly popular network protocol analysis tool. It is used by students, network administra­tors and hackers. It enables us to view the traffic, dump some packets, check the packet format and find where the problem lies. It is widely used by fresh network enthusiast­s to learn networking concepts. It’s available in all OS flavours.

The official site to download Wireshark is: https://www.wireshark.org/

9. VeraCrypt

VeraCrypt is the free encryption utility available to encrypt the file system.

Nowadays, we store our data in Dropbox, Google Drive and other cloud based software which guarantee privacy and security. But what if employees of those cloud services companies use that data for their own purposes? A better option is to encrypt those files/flash drives before dumping them into the cloud.

Here is the link to download this software: https://veracrypt.codeplex.com/

10. KeePass

KeePass is free and open source software to manage all your passwords in one place, securely. Sometimes we use the same passwords for different accounts on different websites, which could lead to a serious problem. If someone cracks that password and has your user ID, then they will have access to your different accounts. Sometimes we also store passwords in browsers, which is also not a safe habit, as anyone getting access to your computer can see them. KeePass provides the best solution. Different passwords can be managed in one place with just one master password with an encrypted layer. All the passwords are unlocked by this master key and, at the backend, all the passwords are stored in a highly encrypted format by using the most popular and uncrackabl­e algorithms. You can give it a try if you are tired of trying to remember passwords and want to store them securely.

Here is the website to download this utility: http://keepass.info/

 ??  ??

Newspapers in English

Newspapers from India