One of the big advantages of using Linux is that its security tends to be so much better than that of the competing alternatives. That’s due in large part to the way Linux assigns permissions, but it’s also certainly true that the open source operating system is targeted by malware writers far less frequently than Windows is, in particular, simply because it’s less widely used and so much more diverse.
The fact remains, however, that no operating system is perfectly secure. For business users, in particular, a little extra security assurance is always a good idea, at the very least for your own peace of mind.
Here, then, are a few of the best free tools you can use to help keep your Linux systems secure.
My favorite antivirus software for Linux is Sourcefire’s ClamAV, a free, open source package designed to detect Trojans, viruses, malware and other malicious threats. Included in the software, which now comes preinstalled in several Linux distributions, are a multithreaded scanning daemon, command line utilities for on-demand file scanning, and an intelligent tool for automatic signature updates. Of particular note for past or current Windows users is that the core ClamAV library is also used in Immunet 3.0, a sister solution for Microsoft’s operating system.
Also offered by Sourcefire is Snort, an open source network intrusion prevention and detection system that combines the benefits of signature, protocol and anomaly-based inspection. With millions of downloads and more than 300,000 registered users to its credit, Snort is the most widely deployed such technology worldwide, Sourcefire says.
Wireshark is a network protocol analyzer that lets you capture and interactively browse the traffic running on a computer network. The software runs not just on Linux but on Windows, OS X, Solaris, FreeBSD and NetBSD, as well. Captured network data can be browsed via GUI or via the TTY-mode TShark utility.
John the Ripper is a free and open source password cracker that can help you detect weak passwords. It’s distributed primarily in source code form, but native “pro” versions are available for both Linux and Macs as well; the prepackaged Linux version is priced starting at $39.95. Another similar tool, incidentally, is THC Hydra.
Short for “Network Mapper,” Nmap is a free and open source utility for network exploration or security auditing, but it can also be useful for network inventory, managing service upgrade schedules, and monitoring host or service uptime. Nmap runs on all major computer operating systems. Oddly, it has even been featured in movies including The Matrix Reloaded, The Bourne Ultimatum and The Girl with the Dragon Tattoo.
Chkrootkit is a free tool designed to check locally for signs of a rootkit infection on your Linux machine. The free software is a very popular choice, but Rootkit Hunter is another, like-minded alternative.
With more than five million downloads to date, Nessus is one of the most popular vulnerability scanners in the world, its makers say. The proprietary software features high-speed discovery, configuration auditing, asset profiling, sensitive data discovery and vulnerability analysis of your security posture. Personal use of Nessus is free, but enterprises must purchase a subscription costing $1,200 per year per Nessus scanner.
There are, of course, countless other security tools for Linux out there, many of them excellent as well. What are your favorites? Please share your thoughts in the comments.