Posts Tagged opensource
Open-source All in one Security Solutions (Part 1)
Posted by Mourad Ben Lakhoua in Network security on April 3, 2010
Today we can find a different Linux distribution for protecting the network infrastructure. Most of them are based on the opensource software and provide a solid protection against viruses, network attacks and even spam filtering. But selecting perfect solution can take more time than to implement it. so this post comes to provide a clear vision about different solutions.
The first multifunctional firewall in the list is Untangle , Untangle protect network users from malicious incoming Internet threats such as viruses, spyware, hackers, identity thieves and more. This solution can be used for small and medium size network (up to 300 hosts). Untangle is based on Debian and the Administration web dashboard is written in Java which requires a high system performance.
On the firewall you can install 23 applications 14 of them are free which provides: Antivirus/ Anti-phishing, routing, spyware protection, protocol analyzing for seven layers, web content filtering, VPN connection and many other features. These functionalities are provided over some popular opensource solutions like Snort, ClamAV, SpamAssasin, Squid etc. for preventing DoS low level attack there is a module called “Attack Blocker” which is integrated in the Firewall. Protocol analyzer module gives Administrators the ability to stop any application layer protocol like peer2peer and IM even if they use non standard ports.
Free report Module gives Admin the visibility and data necessary to investigate security incidents and enforce acceptable network usage policies , monitor behavior at the user, host, email and incident level, Understand traffic flows and network usage patterns, Fully exportable incident information in CSV, PDF or HTML formats.
The current version is Untangle 7.0.2 and the implementation is pretty easy and fast.
Next we can try Endian Firewall which is based on CentOS and includes a full set of protection measures against external threats. Endian 2.3 UTM (Unified Threat Management) includes a stateful packet inspection firewall Netfilter, IDS/IPS (snort), HTTP/FTP/POP3/SMTP AV scanner, spam protection and anti-phishing anti-spoofing Model. Endian allows making a filtering policy and routing as the admin wishes, by groups, users, Ip addresses, time with a 20 categories ready to use.
Endian supports Active Directory, LDAP, RADUIS and it allows to manage VLAN, support SNMP. You can find two applications for creating VPN OpenVPN and Openswan for IPsec Implementation on Linux.
After the installation you can get an encrypted backup of the complete configuration directly from the system and save it on your desired way (USB/DVD..).
This is the first part while selecting the right solution depends on the network need and architecture.Secure Computing is very important and defending your network start from here.
make sure you subscribe to my RSS feed!
BackTrack 4 Final Edition
Posted by Mourad Ben Lakhoua in Pentesting on January 11, 2010
After approximately one year since the first beta version of BackTrack 4 has been released, today the Team has made the BackTrack 4 Final Release available for download. The Beta version was firstly introduced on February 2009 and we already listed the new features on SecTechno.
BackTrack is an excellent collection of security tools for penetration testing it includes more than 300 most recent pentesting tools the system is based on Debian distribution and gives all what security testing needs.
make sure you subscribe to my RSS feed!
Bugspy.net: Opensource Bug Tracking Website
Posted by Mourad Ben Lakhoua in Search Engine, Software Security, Vulnerabilities on October 4, 2009
Bug is a word that means an error in a certain program, usually Bugs are located and removed in the program testing or debugging phase.
Globally there is a big number of testing labs that are on a daily bases looking for discovering new Bugs and alerting on them, here I wanted to mention this site http://www.bugspy.net this site is dedicated to alert of the latest vulnerabilities in the open source applications.
Bugspy is a search engine that crawls the web looking for bugs from different sources. There are thousands of open source software projects but the site objective is to make it easy for security professional to identify the bugs in a quick way and to provide details on the severity of this vulnerability, this is very important to protect the open source resources.
The vulnerability description provided on text and statistically deciding whether this bug might pose a security threat and the level of this threat so if it’s critical a fix should be applied to mitigate the risk.
Here you can find some technical details about the site:
Crawler development language: Python
Web site development language: Python + Django framework
Database: PostgreSQL
Number of open bugs indexed: ~225,000 bugs and going up
Number of products indexed: ~ 7500 products and going up
Exploitable Bugs Detector: Developed with the aid genetic algorithms (pyevelove http://pyevolve.sourceforge.net)
The targeted visitors: IT Security experts, developers, sw project managers, and anyone who wants to be regularly updated about new bugs in OSS.
make sure you subscribe to my RSS feed!
New Service to Boot Operating System over Internet
Posted by Mourad Ben Lakhoua in Internet, Operating System, Webcasts on September 1, 2009
New service allows users to download and install any Linux operating system directly from Internet. Netboot.me is a website that provides a bootable image and burns it to a CD, USB memory stick, or floppy disk that displays a menu with the distribution list and some useful tools for system diagnostics, partition and recovery.
Basically Netboot.me uses open source loader gPXE. Which is significantly enhanced by expending new protocols including NFS, FTP and HTTP. You can find in the OS List: Tiny Core Linux 2.2, Micro Core Linux 2.2, Debian Lenny, Debian Testing, Fedora 11, openSUSE 11.1, Ubuntu 9.04 and 9.10, and FreeBSD 7.2.
Here you can find a screenshot demonstrating how to use it as a universal bootdisk and installer.
make sure you subscribe to my RSS feed!
SUBSCRIBE
Latest Comments