As viruses, malware, and hackers become more insidious in their efforts to evade detection and infiltrate systems, technology enthusiasts have adopted all kinds of useful measures to keep such threats off of their networks and personal computers. Ars is launching a new security resource and we want to know about your favorite security tools and techniques.
From desktop antivirus to server intrusion detection, there are an enormous number of commercial and open-source security applications that provide protection from the bad guys. A few of my favorite open-source security software solutions include AppArmor, Snort, and Wireshark.
AppArmor is a security framework that broadly institutes the principle of least privilege in order to limit the potential for exploitation of Linux security flaws. Novell released the source code for AppArmor under the GPL license several years ago after acquiring it from Immunix. AppArmor provides a big usability boost over SELinux and is also a bit less resource-intensive. AppArmor is tightly integrated into OpenSUSE and has been adapted for inclusion in Ubuntu and other Linux distributions.
Snort is an open-source intrusion prevention and detection system that is developed commercially by Sourcefire. It performs real-time traffic analysis and can automatically block and detect attacks from a variety of different vectors.
Wireshark, which was previously known as Ethereal, is a robust tool for packet sniffing and protocol analysis. Wireshark leverages PCAP to intercept packets that are being transmitted over a network and displays protocol data in a simple graphical user interface that supports display filtering a number of other useful features.
Do you have a favorite tool that you think everyone should know about? Share your security secrets with us in the discussion thread.
reader comments