Security App of the Year

Tinkster · 01-31-2006, 11:23 AM

Quote:

Originally Posted by anticapitalista

I don't use apache, samba and I never forward emails.

But you asked your question "Who needs AV on Linux?" as if
there was no need at all ... the fact that you believe you don't
is a whole different story; as far as I'm concerned your not
afraid enough.

Cheers,
Tink

anticapitalista · 02-01-2006, 04:33 AM

Quote:

Originally Posted by Tinkster

But you asked your question "Who needs AV on Linux?" as if
there was no need at all ... the fact that you believe you don't
is a whole different story; as far as I'm concerned your not
afraid enough.

Cheers,
Tink

My first post "who needs av anyway?" was tongue-in-cheek, the second one as a reply to KimVette's excellent post and why I don't need it.

riskable · 02-01-2006, 07:49 AM

This was a tough one! I'm a security professional so I use quite a number of these tools on a daily basis...

I chose snort because it is being used and integrated into a LOT of 3rd party products (mostly security appliances) via its "inline" mode. These cheap devices are selling well and will end up making Linux the edge security OS (device) of choice for enterprises and small businesses alike. This is an area previously dominated by proprietary players like Cisco and Check Point.

Of course, a lot of these appliances also use ClamAV, but it's primary purpose is to protect Windows machines so no vote =).

nmap and Nessus are essential tools for me, but nmap hasn't changed much over the course of the year and Nessus announced that they're moving away from the GPL. IMHO, that creates a hole in the FOSS security community that I KNOW there's geeks just dying to fill. It is one of those areas that FOSS excels at and in almost all cases, the FOSS tools are superior to their commercial counterparts.

kassle · 02-01-2006, 07:25 PM

duh ... how to judge this things
since it's complement each other

anyway ... i choose snort, because
it give more logs (the disk space eater)
than another

stupendo44 · 02-01-2006, 07:48 PM

I use KMyFirewall, which sets up iptables.

jaboua · 02-02-2006, 09:49 AM

It's a hard choice, but I'll put nmap as #1. JohnTheRipper makes a good #2.

n3wb13 · 02-02-2006, 09:55 AM

nmap, t0r, p0f

segin · 02-04-2006, 09:10 AM

nmap cause it just fork()ing works.

anti.corp · 02-04-2006, 03:14 PM

Firestarter. Easy to install (with a little help from Dead parrot

). And the wizard caught all those more or less odd services I got running.

Thetargos · 02-07-2006, 11:52 AM

My vote goes to Firewall Builder. I don't care it's based on KDE's QT toolkit, it simply rocks! You can not only configure your Linux firewall as strong as you want, but you can also do it for *BSD, MacOS, and even Windows®, very good application!

Fireball7 · 02-10-2006, 02:26 PM

WHAT?!?!?!?? No Paketto Keiretsu? How could they?

http://www.doxpara.com/paketto/

Seriously.

(And btw, nmap out of what they have, then snort (though I use airsnort)).

SkyEye · 02-12-2006, 02:08 PM

Really, these things can't be compared farely.

Nobody should have a matter with nmap. Even with the controvcy of closing the source Nessus still is a great application (again I do not agree with closing its source).

One thing which might not be highlighted much but might have a great future is SELinux. My guess is it can be the norm in Linux security with growing implementation. Althought it changes the Linux security model in to something I never knew, it looks really promising.

danex50 · 02-16-2006, 02:31 AM

nmap. But AppArmor should have it's place in this list.

glebovitz · 02-16-2006, 08:13 AM

While all of these apps serve different purposes, SELinux has done the most for me. Labeling and kernel based policy enforcement does a great job of partitioning security. I got tired of running "jails" for each service.

Mizzou_Engineer · 02-16-2006, 09:02 AM

Ethereal. It is very important if you have any sort of a LAN or are connected to the Internet.