Without much fanfare, the open source security area is growing rapidly. Here are top contenders from anti-virus, firewalls, forensics, intrusion detection, and more.
About a year ago, we took a look at the growing trend toward open-source security
and highlighted 10 of the best apps available. Since then, the area has continued to mature, and now we're back highlighting 75 of the most frequently downloaded open-source security applications.
1. ClamWin Free Antivirus
This Windows-only app uses the incredibly popular ClamAV engine to detect viruses and spyware. It includes a scanning scheduler, automatic downloads, and a Microsoft Outlook plug-in. However, it does not provide real-time scanning; you'll need to scan your files manually in order to be protected. Operating System: Windows.
Numerous commercial and open-source products are based on the Clam Antivirus engine. Designed for protecting e-mail gateways, Clam AV offers automatic updates, a command line scanner, and more. Operating System: Unix, Linux, BSD.
3. Moon Secure Antivirus
Moon Secure is currently based on ClamAV, but the developers are working on an antivirus engine of their own that will enable real-time scanning. Operating System: Windows.
4. Rootkit Hunter
As you might expect from its name, Rootkit Hunter searches your system for rootkits and other unwanted tools. It does not provide live or scheduled scanning, but the Web site contains instructions for setting up your system to run Rootkit Hunter daily. Operating System: Linux, Unix.
Short for "A Mail Virus Scanner," AMaVis acts as a go between for your anti-virus software and your mail transport agent so that incoming e-mails can be scanned for viruses. The site contains the complete--and very extensive--list of supported applications. Operating System: OS Independent.
ClamMail combines a POP3 e-mail proxy with the ClamAV engine. The result is free antivirus protection for messages accessed via Outlook, Thunderbird, Eudora, or other POP3 apps. Operating System: Windows.
This e-mail proxy server scans both incoming and outgoing messages for viruses, worms, trojans, spam, and other malware. Like most open-source anti-virus tools, it's based in part on the ClamAV engine. Operating System: Linux.
Still getting the occasional network virus even after you install anti-virus software? Viralator supplements the existing anti-virus software on your proxy server to block malware that might otherwise slip in when users access free webmail accounts. Operating System: Linux, Unix.
This tiny program (less than 60KB), improves security, improves performance, and closes some of the flaws which opens up Windows to spyware. It disables the Windows "calling home" features, disarms Internet Explorer, disables Windows Media Player, and more. Operating System: Windows.
Nixory is designed to protect Firefox users from unwanted cookies and spyware. And unlike most similar programs, you won't need to delete your previously installed anti-spyware or anti-malware programs in order to use it. Operating System: OS Independent.
Communication and File Sharing
Using routing mechanisms inspired by ants (yes, the insects), Mute provides completely anonymous file transfer and file sharing that is virtually impossible to trace. In addition, messages passed on the network are protected by military grade encryption. Operating System: OS Independent.
Waste allows small groups of users to chat and download files securely and anonymously. Transmissions are encrypted using RSA and Blowfish algorithms. Operating System: Windows, Linux, BSD, OS X.
13. ANts P2P
This third generation peer-to-peer network hides your identity and encrypts all transmissions for completely secure communication. And as you might expect, it's also inspired by the behavior of ants. Operating System: OS Independent.
Want to make sure that file you deleted can never be retrieved? Eraser writes over your files with random data so that no one can snoop into your private files. Operating System: Windows and DOS.
15. Darik's Boot and Nuke
Also known as "DBAN," Darik's Boot and Nuke completely eliminates all of the data on a hard drive. It's an ideal way to clean up an old computer before you donate or recycle it. Operating System: OS Independent.
Wipe erases all traces of deleted files from your hard drive so that they can't be retrieved. It relies heavily on the work of Peter Gutmann, one of the foremost experts in the field. Operating System: Linux.
Simply right-click on a file in Windows Explorer and you can encrypt it, and a double-click decrypts the data. AxCrypt also supports self-decrypting files so that you can protect files in transit while still allowing e-mail recipients to view the information easily. Operating System: Windows.
18. Mac GNU Privacy Guard
As you might expect, Mac GnuPG ports GnuPG so that it can be used on a Mac. It provides better privacy than PGP and supports multiple encryption standards and languages. Operating System: Mac OS X.
Short for "Windows Privacy Tools," WinPT collects a number of different encryption tools into a single application. It's based on GnuPG and is compatible with PGP. Operating System: Windows.
This archiving utility creates, opens, and encrypts zip files and dozens of other compression formats. Additional features include split/join files (file span), wipe files (secure deletion), compare, checksum and hash files, system benchmark, and more. Operating System: Windows, Linux.
Intended as a replacement for the Unix crypt, MCrypt lets developers add a wide range of encryption functions to their code without needing to be expert cryptographers. Note that this is a developer tool, not an encryption app for end-users. Operating System: Windows, Linux, Unix.
22. Keyring for PalmOS
Store secret data securely on your Palm-based handheld. Keyring provides secure triple-DES encryption and is available in a number of different languages. Operating System: PalmOS.
23. Hide in Picture
Conceal data within normal-looking bitmap images. A simple password decrypts the file. Operating System: Windows, DOS.
Steghide compresses, encrypts, and conceals messages inside pictures or audio files. It also embeds a checksum to verify data integrity once decrypted. Operating System: OS Independent.
This e-mail relaying server signs or encrypts e-mail communications using GnuPG (Gnu Privacy Guard) and your existing e-mail client. The developers are careful to note that this app only protects e-mail in transit--it is still stored in its decrypted state on your computer. Operating System: Windows.
MailCrypt allows you to encrypt, decrypt, and sign messages and usenet articles using either PGP or GnuPG. One warning: MailCrypt may not be secure when used on an NT workstation (site has details). Operating System: OS Independent.
27. Open Signature
This digital signature project supports all Open SC cards and aims to be the first single app that can be used with cards from multiple countries. Open Signature originally focused on cards used in Italy but has branched out. Operating System: Windows, Linux, Unix.
Ultra-fast and lightweight, Crypt can be used encrypt or decrypt just about anything on your Windows system, including regular files and directories, consoles, communication resources, disk devices, and more. Operating System: Windows.
WinSCP supports both SFTP and FTP file transfer. It also offers a basic file manager. Operating System: Windows.
Designed for small businesses, IPCop lets you turn an old PC into a network appliance that protects against threats and speeds Web access. It's easy to use, and it works with just about every type of connection from dial-up to leased lines. Operating System: Linux.
Notable for its SSH protection, ShellTer is an iptables-based firewall that supports port forwarding, blacklisting, whitelisting, and more. It's easy to configure, easy to install, and easy to customize. Operating System: Linux.
32. Endian Firewall Community
Like IPCop, Endian Firewall Community contains a complete Linux distribution that can be used to turn any PC into a firewall appliance. It includes antivirus, anti-spam, Web content filtering, and VPN capabilities. Operating System: Linux.
Untangle combines an open-source firewall, router, web filter, spam blocker, intrusion detection system, anti-virus, anti-spyware, anti-spam, VPN, and more into a package that rivals commercial network gateways. In order to use it, you'll need a separate PC that will function as a security appliance. Operating System: Linux.
Like many of the other apps in this category, Devil-Linux was originally intended to be used to turn an old PC into a firewall/router. Now the program has been updated so that it can also be used as an application server. Operating System: Linux.
35. Turtle Firewall
Turtle Firewall is fast and easy-to-use--if you know what you're doing. You define and select which zones, hosts, networks, and services you want to enable, which gives you a lot of control but requires a good understanding of network security. Operating System: Linux.
Shorewall (aka "Shoreline Firewall") makes it easy to configure Netfilter so that it can be used as a firewall on a standalone system or as part of a gateway appliance on a network. Once installed, it can also be used to monitor Netfileter actions. Operating System: Linux.
Like Shorewall, FireHOL isn't an actual firewall as much as a firewall configurator. It aims to make understanding and configuring firewalls easy, even for those with limited knowledge on the subject. Operating System: Linux.
38. Sentry Firewall
Sentry combines firewall, server, and intrusion detection capabilities onto a bootable CD. It relies on a number of well-known open source apps, including Open VPN, Snort IDS, NMap, and more. Operating System: Linux.
Designed to be easy to use, Vuurmuur is an iptables-based firewall that doesn't require any knowledge of iptables. It offers real-time log and connection viewing, filtering, traffic volume accounting, auditing, and more. Operating System: Linux.
Short for "Open Digital Evidence Search and Seizure Architecture," ODESSA contains a number of different tools for collecting and analyzing digital evidence. With more than seven years of development behind it, the project is fairly mature, and the site contains links to a number of other forensics-related projects. Operating System: Windows, Linux, OS X.
41. Live View
Live View creates a virtual machine from a raw disk image or physical disk. As a result, you can see and interact with a PC just as the user did, without changing the environment or endangering your own PC. Operating System: Windows.
Internet Security Suites
Calling itself "an opensource watchdog for Windows," Winpooch incorporates anti-spyware and anti-trojan capabilities with ClamWin Antivirus. It aims to give the user complete control over which programs are running on the system. Operating System: Windows.
The DemocraKey tagline says it all: "It's like a condom for your computer." Install it on a portable drive and plug it in to any computer. DemocraKey scans for viruses and protects your privacy while you surf. Operating System: Windows.
As the most widely deployed intrusion prevention technology in the world, Snort has earned the right to call itself "the de facto standard for intrusion prevention/detection." It performs real-time analysis to detect buffer overflows, stealth port scans, CGI attacks, SMB probes, OS fingerprinting attempts, and other attacks. Operating System: Linux, Unix, BSD, Mac OS X.
Short for "Another File Integrity Checker," AFICK monitors changes to your file systems in order to alert you to possible intrusion. If you're familiar with Tripwire, AFICK will look and feel very familiar. Operating System: Windows, Linux, Unix.
This modified version of Snort uses iptables instead of libpcap. Operating System: FreeBSD, Linux.
Log File Analyzers
AWStats generates graphs based on all kinds of log file information, including advanced web, streaming, ftp, or mail server statistics. Note: The site works best when viewed with Firefox. Operating System: Windows, Linux, Unix, BSD.
48. IPtables Log Analyzer
Wondering what your Netfilter-based firewall has been doing all day? This app helps you make sense of all the data tracked by your logs. Operating System: Linux.
49. Bastille Linux
With a dual goal of hardening systems and educating users about security, Bastille Linux provides information about various topics, asks users related questions, and then builds security policies based on the answers. In assessment mode, it provides a report showing how Bastille has helped improve the security of the system. Operating System: Linux, Unix, Mac OS X.
Motion is a software-based motion detector. It monitors video feeds from one or more cameras and sends an alert when the picture changes. Operating System: Linux.
Worried about your MacBook getting stolen? When iAlertU senses sudden motion, it sets off an alarm, and it even takes a picture of the thief and e-mails it to you. Operating System: Mac OS X.
52. Angry IP Scanner
This very fast IP address and port scanner pings IP addresses and provides a variety of optional data about each address. Numerous plug-ins are available to extend its capabilities, and if you can write Java code, it's easy to write extensions of your own to find exactly the information you need to monitor and manage your network. Operating System: Windows, Linux, Mac OS X.
This Windows-only network monitoring tool provides information on OS, users, groups, shares, SIDs, transports, sessions, services, service pack and hotfix level, date and time, disks, and open ports. Operating System: Windows.
Written in C, Knocker is a simple, easy-to-use TCP security port scanner. Operating System: Windows, Linux, Unix, FreeBSD.
55. AIM Sniff
Want to find out how much time employees are wasting with instant messaging? AIM monitors and archives AOL and MSN instant messages across your network. Operating System: Linux, FreeBSD, OS X.
Network Security Analysis Tool, or NSAT, scans your network for a host of security vulnerabilities. It's easy to configure NSAT to do just what you want, providing maximum flexibility. Operating System: Linux, Unix, FreeBSD, OS X.
The SniffDet remote sniffer detection tool and library monitors your network and alerts you to any machines running in promiscuous mode or with a sniffer. It includes the ICMP test, ARP test; DNS test; LATENCY test, and more. Operating System: Linux.
Short for "Simple Event Correlator," SEC applies rules to application data to determine if particular events have occurred and to take pre-determined actions as a result. It's particularly helpful for network management, system monitoring, data security, intrusion detection, and log file monitoring and analysis. Operating System: OS Independent.
This network infrastructure parser analyzes configuration data from network devices and creates an easy-to-understand report. Supported device manufacturers include Cisco, Nokia, Juniper, CheckPoint, and Nortel. Operating System: Windows, Linux, Unix, BSD, Mac OS X.
60. KeePass Password Safe
Too many passwords to remember? KeePass encrypts all of your passwords and stores them securely on your hard drive or a portable drive. You can choose to unlock them using either a master password or a key-disk. Operating System: Windows, Linux, Mac OS X, Blackberry, PalmOS, and multiple other platforms used by mobile devices.
Any network administrator will tell you that strong passwords are key to computer security, but creating difficult-to-crack passwords can be challenging. PWGen does the work for you, creating strong, randomly generated passwords. This app is particularly helpful when you use it with a password safe so that you don't have to remember all those random strings of characters. Operating System: Windows.
62. Figaro's Password Manager
This GNOME application encrypts passwords with the blowfish algorithm and stores them securely. FPM also includes a password generator to help you create hard-to-crack passwords. Operating System: Linux.
Based on Back Orifice, BO2K provides file-synchronization and remote operation capabilities for network administrators. Unlike most commercially available products, it's small, fast, free, and very extensible. Operating System: Linux
Systems Administration Tools
64. Inside Security Rescue Toolkit
This toolkit packs tons of useful apps and a full, bootable Linux system into a package that fits on a single CD-ROM. Among the more useful features are the included partition support, network analysis, disaster recovery, anti-virus, and forensics tools. Operating System: Linux.
Short for "System iNtrusion Analysis and Reporting Environment," SNARE collects log data from a number of different sources so that security threats can be analyzed. Commercial support and a more robust version of the software that includes analysis and reporting capabilities are also available at the site. Operating System: Windows, Linux, Unix, Solaris.
66. Network Security Toolkit (NST)
This bootable live ISO CD contains nearly 100 of the best open source security apps and should run on most x86 systems. It includes tools for network traffic analysis, intrusion detection, network packet generation, wireless network monitoring, a virtual system service server, or a sophisticated network/host scanner. It also provides assistance in troubleshooting crashed systems. Operating System: OS Independent.
BASE, short for "Basic Analysis and Security Engine," provides a front-end to analyze alerts from Snort IDS. It's easy to use and includes role-based user authentication. Operating System: OS Independent.
68. Startup Manager
Startup Manager gives you control over which applications start up when you boot your Windows PC. The result is better security, faster startup, and greater customization. Operating System: Windows.
69. Program Killer
Concerned that you might have unknown EXE files running on your Windows system? Program Killer detects processes being run by unauthorized program files and terminates them. Operating System: Windows.
70. Smart Sign
Smart Sign offers several different modules that help you use smart cards for user authentication and digital signatures. It supports a number of different card types and readers, as well as the Open CA certification authority. Operating System: Linux.
The WiKID community version provides open-source, two-factor authentication for VPN, online banking, extranet access, and more. The commercially available enterprise version adds support and some proprietary code that cannot be released under GPL. Operating System: OS Independent.
Virtual Private Network Tools
Utilizing PPTP (Point-to-Point Tunneling Protocol), Poptop allows remote users to establish a VPN and connect to their corporate network from any location. It allows both Windows and Linux clients to connect to Linux servers. Operating System: Windows, Linux
Winner of numerous awards, OpenVPN provides remote access, site-to-site VPNs, Wi-Fi security, and enterprise-scale remote access solutions. It geared primarily for medium- to large-scale enterprises. Operating System: Windows, Linux, Mac OS X, Solaris, BSD
74. SSL Explorer
SSL Explorer bills itself as "the world's first browser-based open source SSL VPN." While it is a true open-source product, the site primarily promotes the fee-based enterprise edition of the software which includes commercial support and additional features. Operating System: Windows, Linux, Unix, BSD
While it's not a true VPN tool, Zebedee does provide secure IP tunneling for TCP/IP or UDP data transfer between two systems. It not only provides security against snoopers, its compression capabilities save on network bandwidth. Operating System: Windows, Linux, Unix.
This article originally appeared in eSecurityPlanet, a JupiterOnlineMedia site.