JP Vossen on 25 Oct 2008 11:35:33 -0700

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[PLUG] List of 30 Security Tools Available in Ubuntu

Great list of 30 security tools available in Ubuntu, with some 
what/why/how details.  See the article for much more.
1) Wireshark - network traffic analyzer
2) Nessus - Remote network security auditor
3) Nmap - The Network Mapper
4) Etherape - graphical network monitor modeled after etherman
5) Kismet - Wireless 802.11b monitoring tool
6) Chkrootkit - Checks for signs of rootkits on the local system
7) Rkhunter - rootkit, backdoor, sniffer and exploit scanner
8) tiger - Report system security vulnerabilities
9) GnuPG - GNU privacy guard
10) Nemesis - TCP/IP Packet Injection Suite
11) Tcpdump - A powerful tool for network monitoring and data acquisition
12) OpenSSH - secure shell server
13) Denyhosts - an utility to help sys admins thwart ssh hackers
14) Snort - Flexible Network Intrusion Detection System
15) Firestarter - gtk program for managing and observing your firewall
16) clamav - anti-virus utility for Unix - command-line interface
17) Ettercap - Multipurpose sniffer/interceptor/logger for switched LAN
18) Netcat - TCP/IP swiss army knife
19) MTR - mtr combines the functionality of the ‘traceroute’ and ‘ping’ 
programs in a single network diagnostic tool.
20) Hping3 - Active Network Smashing Tool
21) ngrep - grep for network traffic
22) john - active password cracking tool
23) tcptrace - Tool for analyzing tcpdump output
24) netdude - NETwork DUmp data Displayer and Editor for tcpdump trace files
25) tcpreplay - Tool to replay saved tcpdump files at arbitrary speeds
26) Dsniff - Various tools to sniff network traffic for cleartext 
27) scapy - Packet generator/sniffer and network scanner/discovery
28) Ntop - display network usage in top-like format
29) NBTscan - A program for scanning networks for NetBIOS name information
30) tripwire - file and directory integrity checker

You can argue the 30, since Wireshark, TCPDump and TCPTrace are all 
pretty similar.

And for quick and dirty, I prefer fcheck to Tripwire, since fcheck jsut 
mostly works out of the box and is *much* easier to use ongoing.  OTOH, 
it's not as secure as tripwire.  And TW is very old, there are better, 
more open source solutions now.

JP Vossen, CISSP            |:::======|        jp{at}jpsdomain{dot}org
My Account, My Opinions     |=========|
"Microsoft Tax" = the additional hardware & yearly fees for the add-on
software required to protect Windows from its own poorly designed and
implemented self, while the overhead incidentally flattens Moore's Law.
Philadelphia Linux Users Group         --
Announcements -
General Discussion  --