Security

From SME Guide

Jump to: navigation, search

ClamAV

http://www.clamav.net FLOSSMETRICS link: http://melquiades.flossmetrics.org/projects/clamav

Clam AntiVirus is an open source (GPL) anti-virus toolkit for UNIX, designed especially for e-mail scanning on mail gateways. It provides a number of utilities including a flexible and scalable multi-threaded daemon, a command line scanner and advanced tool for automatic database updates. The core of the package is an anti-virus engine available in a form of shared library.


CLIP

http://oss.tresys.com/projects/clip

The Certifiable Linux Integration Platform (CLIP) project provides a security hardened operating system platform to host secure applications. CLIP defines a specific configuration of Security Enhanced Linux (SELinux) designed to provide the foundation for hosting secure applications. This configuration consist of a separation of roles, mandatory access control (MAC), discretionary access control (DAC), and data separation. With this foundation in place, the hosted application needs only to concern itself with the specific security details of its task and not necessarily those associated with these overhead functions. By using CLIP, implementors can provide evidence of compliance with established operating system security requirements. These established operating system security requirements are the Director of Central Intelligence Directive 6/3 “Protecting Sensitive Compartmented Information within Information Systems” (DCID 6/3) Protection Level 4 (PL4), National Security Systems (NSS) Instruction 1253 “Security Controls Catalog for National Security Systems” High Impact requirements, Department of Defense (DoD) Instruction Number 8500.2 “Information Assurance (IA) Implementation” MAC I Classified requirements, Defense Information System Agency (DISA) Information Assurance Support Environment (IASE) Security Technical Implementation Guides (STIG) Unix V5R1. The requirements identify the following four areas: Confidentiality, Integrity, Availability and Accountability.


COBIA

http://cobia.stillsecure.com/

The Cobia Unified Network Platform is free software containing routing, firewall, DHCP, and core network and security services. These services are offered as plug-n-play modules: antivirus, url filter, anti-spyware and VPN.

Screenshots


Endian

http://www.endian.com

Endian Firewall Community is a "turn-key" linux security distribution that turns every system into a full featured security appliance. The software has been designed with "usability in mind" and is very easy to install, use and manage, without losing its flexibility. The features include a stateful packet inspection firewall, application-level proxies for various protocols (HTTP, FTP, POP3, SMTP) with antivirus support, virus and spamfiltering for email traffic (POP and SMTP), content filtering of Web traffic and a "hassle free" VPN solution (based on OpenVPN). The main advantage of Endian Firewall is that it is a pure "Open Source" solution that is sponsored by Endian.

Screenshots Screenshots


Nessus

http://www.nessus.org/download/ FLOSSMETRICS link: http://melquiades.flossmetrics.org/projects/nessus

The Nessus vulnerability scanner, is the world-leader in active scanners, featuring high speed discovery, configuration auditing, asset profiling, sensitive data discovery and vulnerability analysis of your security posture. Nessus scanners can be distributed throughout an entire enterprise, inside DMZs, and across physically separate networks. While version 3 is distributed with a commercial license, version 2 is still available under the GPL.


OSSIM

http://www.ossim.net/

Ossim stands for Open Source Security Information Management. Its goal is to provide a comprehensive compilation of tools which, when working together, grant a network/security administrator with detailed view over each and every aspect of his networks/hosts/physical access devices/server/etc...

Besides getting the best out of well known open source tools, some of which are quickly described below these lines, ossim provides a strong correlation engine, detailed low, mid and high level visualization interfaces as well as reporting and incident managing tools, working on a set of defined assets such as hosts, networks, groups and services. All this information can be limited by network or sensor in order to provide just the needed information to specific users allowing for a fine grained multi-user security environment. Also, the ability to act as an IPS (Intrusion Prevention System) based on correlated information from virtually any source result in a useful addition to any security professional.

[Screenshots [Screenshots


PreludeIDS

http://prelude-ids.org/ FLOSSMETRICS link: http://melquiades.flossmetrics.org/projects/prelude

Prelude is an Hybrid IDS framework, that is, it is a product that enable all available security application, be it open source or proprietary, to report to a centralized system. In order to achieve this task, Prelude relies on the IDMEF (Intrusion Detection Message Exchange Format) IETF standard, that enables different kinds of sensors to generate events using an unified language. Prelude benefits from its ability to find traces of malicious activity from different sensors (Snort, honeyd, Nessus Vulnerability Scanner, Samhain, over 30 types of systems logs, and many others) in order to better verify an attack and in the end to perform automatic correlation between the various events.

Screenshots Screenshots


SmoothWall

http://www.smoothwall.org/ FLOSSMETRICS link: http://melquiades.flossmetrics.org/projects/smoothwall FLOSSMETRICS quality evaluation: http://melquiades.flossmetrics.org/projects/smoothwall/quality

SmoothWall Express is a network firewall produced by the SmoothWall Open Source Project Team. Designed with home and small business users in mind, Express is based upon a security-hardened subset of the GNU/Linux operating system and is completely Free to use, download and distribute.

Screenshots


SNORT

http://www.snort.org/

Snort is a free software / open source network intrusion detection and prevention system (IPS) capable of performing packet logging and real-time traffic analysis on IP networks. The large number of signatures available cover a wide range of attacks, fingerprint probes, web attacks and more.


Untangle

http://www.untangle.com FLOSSMETRICS link: http://melquiades.flossmetrics.org/projects/untangle FLOSSMETRICS quality evaluation: http://melquiades.flossmetrics.org/projects/untangle/quality

Untangle delivers an integrated family of applications that help you simplify and consolidate the network and security products you need, in one place at the network gateway. The most popular applications let businesses block spam, spyware, viruses, and phish, filter out inappropriate web content, control unwanted protocols like instant messaging, and provide remote access and support options to their employees. Every downloadable application is pre-configured and guaranteed to work together. It integrates:

  • Spam Blocker
  • Web Filter
  • Protocol Control
  • Virus Blocker
  • Spyware Blocker
  • Phish Blocker
  • Intrusion Prevention
  • Attack Blocker
  • Firewall
  • Remote Access Portal
  • OpenVPN
  • Untangle Reports
  • Router

Screenshots

Software Index Next

Retrieved from "http://smeguide.conecta.it/index.php/Security"
Personal tools