Security issues continue to make the news at an alarming rate. It almost seems like a majority of companies have now been affected in some way. Data leaks, accounts hacked en masse, and fundamental security vulnerabilities are worryingly common.
To protect yourself against the ever-increasing online threat, you need to use a range of security apps. For a casual home user, it might be as simple as an antivirus suite and a malware tool. As the complexity of your network increases, so too does your need for more complex security apps.
In this article, we’re going to look at some of the best open source security apps out there. We’ll introduce you to a broad spectrum of tools that can perform a wide variety of functions.
The Network Security Toolkit is a bootable ISO that you can load onto either a CD or USB stick. It’s based on Linux distro Fedora, but will work on most x86 and x64 systems.
The download contains more than 100 open-source security apps aimed at network administrators. It includes tools for managing traffic, monitoring intrusions, checking for vulnerabilities, and a whole lot more.
Although you could theoretically install all the apps individually, Network Security Toolkit provides a single Web User Interface that you can use to configure many of the apps within the wider toolkit.
Metasploit Framework is a sub-project of The Metasploit Project.
The app is a penetration testing framework. Formed out of a collaboration between open source developers and software company Rapid7, the software has become one of the most used penetration testing apps in the world.
Metasploit Framework includes 900 known bugs for Windows, macOS, and Linux operating systems. You can load the code you want to test, then establish whether the OS is vulnerable. You can also add custom payloads.
Any payload can be combined with any exploit thanks to the app’s modular system.
If you’re not using a password manager (and you don’t have a photographic memory), you’re doing online security all wrong. Browser-based password managers are known for their flimsy security, while not using a password encourages people to use weaker passwords.
The most well-known password manager is arguably LastPass, but there are lots of alternatives.
One of the best alternatives is KeePass. It’s open source but has a thriving community. The app stores all your passwords in a single database which is then locked with a key. The database use AES and Twofish encryption methods.
Certbot is a project from the Electronic Frontier Foundation (EFF).
To explain why it’s useful, we need to take a step back. The EFF wants to help to create a web where all the traffic is encrypted by default. Originally, the foundation helped create the HTTPS Everywhere browser extension, then the company followed it up with Let’s Encrypt (a free certificate authority).
The EFF’s latest release is Certbot. The app automatically connects to Let’s Encrypt to fetch and deploy SSL/TLS certificates on a web server.
It uses the Automated Certificate Management Environment (ACME) protocol, so can easily work with other certificate authorities.
Wireshark is a network protocol analyzer. It’s so popular that it has become the standard protocol analyzer for thousands of institutions, including government agencies, schools, and commercial businesses.
Using the app, you can examine data from a live network or a capture file on disk. You can explore your data on a granular level, right down to a near-microscopic level of packet detail.
Additional features include a rich display filter language, reconstructed streams of TCP sessions, and support for hundreds of protocols and media types.
OSSIM (Open Source Security Information Management) is a compilation of open source apps which together form a security information and event management system (SIEM). SIEM systems typically provide real-time analysis of security alerts from both other apps and network hardware.
OSSIM includes all the features you would expect from SIEM system, including event collection, normalization, and correlation.
It uses the AlienVault Open Threat Exchange to allow users to send and receive real-time information about malicious hosts.
Unfortunately, the basic app does not offer log management, AWS and Azure cloud monitoring, or integration with third-party ticketing apps. For those features, you will need to pay for a subscription.
CipherShed started life as a fork of the now-defunct TrueCrypt Project. Available for Windows, Mac, and Linux, the app can either create single encrypted files or encrypt entire drives. It also with external storage media such as USB sticks and external hard drives.
The app mounts your drive once it’s encrypted. While mounted, the encryption is transparent to your operating system and installed apps. You can use the drive to read and write as usual. When you unmount the drive, the contents of the drive become hidden.
You can move encrypted drives between operating systems without compatibility issues.
Why Are Open Source Apps Important?
If an app is open source, its source code is available for other users to see, modify, and distribute.
From a security standpoint, it means you can be sure an app isn’t surreptitiously spying on you or installing malware onto your machine. And even if you don’t have the technical ability to study the code yourself, you can be confident the community would have uncovered any bugs if they existed.
Open source apps are also attractive because they’re generally free. Why spend hundreds of dollars on security software when open source content can almost always fill the void?
Which Open Source Security Apps Do You Recommend?
In this article, we’ve introduced you to seven of the best open source security apps. Each specializes in a different part of network or computer security.
Unfortunately, the nature of open source software means there are hundreds of great apps out there that we couldn’t cover. And that’s where you come in.
What are some of your favorite open source security apps? What makes them so impressive?