Language Selection

English French German Italian Portuguese Spanish

Open-Source Security Tools Touted at InfoSec

Filed under
OSS
Security

A well-known security consultant on Tuesday urged cash-strapped businesses to consider using free, readily available open-source security tools and applications to help cope with the rising spate of malicious hacker attacks.

In what has become a recurring theme at this year's InfoSec World conference here, president and principal consultant at Sph3r3 LLC Matt Luallen said enterprises must embrace the same hacking tools used by the bad guys to find potential faults and vulnerabilities within critical information infrastructure.

"You can use open-source applications alongside commercial applications [to cut down on costs]," Luallen said during a show-and-tell with dozens of toolsets that can handle anything from fault identification to spam detection to incident response.

"There are some open-source utilities that blow away commercial products, and you should take advantage of them."

"Some of these tools work so well that, at the very least, you should start evaluating them for widespread use in your organization," Luallen said, seeking to dismiss fears that the absence of product support when using open-source utilities could be a deterrent.

"These open-source tools have better product support-it's called Google Groups. If you do a search on Google Groups, in most situations, you'll have an international community available with answers round-the-clock."

"I'm not here to tell you that you should get rid of commercial products. There are some fantastic commercial products out there. However, in many cases, it is practical, cheaper and even better to look for an open-source alternative," Luallen said.

"Remember, the attack utilities are open-source as well. It's important that you understand the tools the bad guys are using to find holes in your system. You have to use those tools, too, and find the same faults."

Full Story

More in Tux Machines

Optimize your Linux rig for top-notch writing

I'm a big fan of Scott Nesbitt's writing, which has a technological bent, but is usually more about working effectively, rather than how tools can make you effective, which is a key distinction. Scott's setup reflects his focus on production rather than tweaking. He has his work tools and everything else is pretty much white noise—which is why LXDE/Lubuntu probably makes a lot of sense for his workflow. It's simple and it stays out of his way. Scott also gets bonus points for moving his family to Linux. That's a tough move, but given that his wife stole his ZaReason laptop, the conversion seems to have taken. Read more

IBM meets demand for Linux with training resources

IBM HAS REAFFIRMED its commitment to Linux with the announcement of an extension to Power Systems Linux. Following on from the company's $1bn financial commitment to the Linux operating system last year, IBM will add Power Systems Linux to the Power Systems services already available for AIX and IBM iSeries servers at 54 IBM Innovation Centres and Client Centres. This will enable Linux systems to better use IBM's Power8 parallel processing and advanced virtualisation. Read more

How Red Hat can catch the developer train

Outside the operating system, according to AngelList data compiled by Leo Polovets, these developers go with MySQL, MongoDB, or PostgreSQL for their database; Chef or Puppet for configuration; and ElasticSearch or Solr for search. None of this technology is developed by Red Hat. Yet all of this technology is what the next generation of developers is using to build modern applications. Given that developers are the new kingmakers, Red Hat needs to get out in front of the developer freight train if it wants to remain relevant for the next 20 years, much less the next two. Read more

Shortlist of open source software used at NASA lab

The offer was too good to be true. Three whole weeks at the NASA Glenn Research Center and an invitation to come back. I could scarcely believe it when I read the email. I immediately forwarded it to my parents with an addition of around 200 exclamation points. They were all for it, so I responded to my contact, Herb Schilling, with a resounding “YES!” Read more