Language Selection

English French German Italian Portuguese Spanish

Open-Source Security Tools Touted at InfoSec

Filed under
OSS
Security

A well-known security consultant on Tuesday urged cash-strapped businesses to consider using free, readily available open-source security tools and applications to help cope with the rising spate of malicious hacker attacks.

In what has become a recurring theme at this year's InfoSec World conference here, president and principal consultant at Sph3r3 LLC Matt Luallen said enterprises must embrace the same hacking tools used by the bad guys to find potential faults and vulnerabilities within critical information infrastructure.

"You can use open-source applications alongside commercial applications [to cut down on costs]," Luallen said during a show-and-tell with dozens of toolsets that can handle anything from fault identification to spam detection to incident response.

"There are some open-source utilities that blow away commercial products, and you should take advantage of them."

"Some of these tools work so well that, at the very least, you should start evaluating them for widespread use in your organization," Luallen said, seeking to dismiss fears that the absence of product support when using open-source utilities could be a deterrent.

"These open-source tools have better product support-it's called Google Groups. If you do a search on Google Groups, in most situations, you'll have an international community available with answers round-the-clock."

"I'm not here to tell you that you should get rid of commercial products. There are some fantastic commercial products out there. However, in many cases, it is practical, cheaper and even better to look for an open-source alternative," Luallen said.

"Remember, the attack utilities are open-source as well. It's important that you understand the tools the bad guys are using to find holes in your system. You have to use those tools, too, and find the same faults."

Full Story

More in Tux Machines

LILO Boot-Loader Development To Cease At End Of Year

While most of you probably haven't used the LILO bootloader in years in place of GRUB(2), the developer of "LInux LOader" intends to cease development at the end of the year. This summer's intern, Eric Griffith, pointed out today an undated message on the LILO homepage about the bootloader project planning to end development at the end of 2015. Read more

Systemd Takes Over su, FCC Bans Open Source Firmware

Paul Carroty posted Friday of the news that Lennart Poettering merged an 'su' command replacement into systemd and Fedora Rawhide - coming to a Linux system near you next. Elsewhere, Hackaday.com's Brian Benchoff said new FCC regulations just killed Open Source firmware replacement and Phoronix.com today reported that LILO is being abandoned. Several polls caught my eye today as did the new Linux workstation security checklist. Read more

Accelerating Scientific Analysis with the SciDB Open Source Database System

Science is swimming in data. And, the already daunting task of managing and analyzing this information will only become more difficult as scientific instruments — especially those capable of delivering more than a petabyte (that’s a quadrillion bytes) of information per day — come online. Tackling these extreme data challenges will require a system that is easy enough for any scientist to use, that can effectively harness the power of ever-more-powerful supercomputers, and that is unified and extendable. This is where the Department of Energy’s (DOE) National Energy Research Scientific Computing Center’s (NERSC’s) implementation of SciDB comes in. Read more

Open Source GPU now out

Hoping that MIAOW is not a catastrophe An open saucy general-purpose graphics processor (GPGPU) has been unveiled at the Hot Chips event. The GPGPU is relatively crude and is part of another piece of an emerging open-source hardware platform called MIAOW. Read more Also: Nvidia Linux Video Driver 355.11 Adds Experimental OpenGL Support to EGL