Language Selection

English French German Italian Portuguese Spanish

Open-Source Security Tools Touted at InfoSec

Filed under
OSS
Security

A well-known security consultant on Tuesday urged cash-strapped businesses to consider using free, readily available open-source security tools and applications to help cope with the rising spate of malicious hacker attacks.

In what has become a recurring theme at this year's InfoSec World conference here, president and principal consultant at Sph3r3 LLC Matt Luallen said enterprises must embrace the same hacking tools used by the bad guys to find potential faults and vulnerabilities within critical information infrastructure.

"You can use open-source applications alongside commercial applications [to cut down on costs]," Luallen said during a show-and-tell with dozens of toolsets that can handle anything from fault identification to spam detection to incident response.

"There are some open-source utilities that blow away commercial products, and you should take advantage of them."

"Some of these tools work so well that, at the very least, you should start evaluating them for widespread use in your organization," Luallen said, seeking to dismiss fears that the absence of product support when using open-source utilities could be a deterrent.

"These open-source tools have better product support-it's called Google Groups. If you do a search on Google Groups, in most situations, you'll have an international community available with answers round-the-clock."

"I'm not here to tell you that you should get rid of commercial products. There are some fantastic commercial products out there. However, in many cases, it is practical, cheaper and even better to look for an open-source alternative," Luallen said.

"Remember, the attack utilities are open-source as well. It's important that you understand the tools the bad guys are using to find holes in your system. You have to use those tools, too, and find the same faults."

Full Story

More in Tux Machines

Ubuntu Snappy Core Runs on Banana Pi BPI-M2 with Linux Kernel 4.1.6, Download Now

After reporting last week news about the Ubuntu MATE 15.04 (Vivid Vervet) operating system running on the Banana Pi BPI-M1 SBC (Single-board computer) device, we're informing you today that Snappy Ubuntu Core runs on Banana Pi BPI-M2. Read more

Linux 4.3

Using Linux Mint: Common tasks, features and to-dos for the first-timer

Linux-based operating systems are like those friends you make in high school--you know the type: reserved, quirky and not quite like the rest of the pack. But intelligent and the kind that, once you get to know them, will stand by you through thick and thin. Ok, that may be a stretch, but you get the idea. Linux comprises but a fraction of a percent of operating systems deployed, and with reason--it’s traditionally been difficult to set up and use. Which is why it used to appeal only to users with a higher level of computer proficiency: basically geeks. But while this was the case back in the day, plenty has changed--today installing and using it is very comparable to the Windows experience. Read more

Google, Microsoft Create Alliance for Open Media

The founding members are Amazon, Cisco, Google, Intel Corporation, Microsoft, Mozilla and Netflix. The goal is to "create a new, open royalty-free video codec specification based on the contributions of members, along with binding specifications for media format, content encryption and adaptive streaming." The word open is used many times in the announcement, but only once with source. Is "open" the same thing as "open source?" Roy Schestowitz at Tuxmachines.org doesn't think so. He organized the news of the AOM under the title "OpenWashing (Fake FOSS)." Read more Also: Comments on the Alliance for Open Media, or, "Oh Man, What a Day" Mozilla's mobile misstep puts the Web at risk