Language Selection

English French German Italian Portuguese Spanish

Open-Source Security Tools Touted at InfoSec

Filed under
OSS
Security

A well-known security consultant on Tuesday urged cash-strapped businesses to consider using free, readily available open-source security tools and applications to help cope with the rising spate of malicious hacker attacks.

In what has become a recurring theme at this year's InfoSec World conference here, president and principal consultant at Sph3r3 LLC Matt Luallen said enterprises must embrace the same hacking tools used by the bad guys to find potential faults and vulnerabilities within critical information infrastructure.

"You can use open-source applications alongside commercial applications [to cut down on costs]," Luallen said during a show-and-tell with dozens of toolsets that can handle anything from fault identification to spam detection to incident response.

"There are some open-source utilities that blow away commercial products, and you should take advantage of them."

"Some of these tools work so well that, at the very least, you should start evaluating them for widespread use in your organization," Luallen said, seeking to dismiss fears that the absence of product support when using open-source utilities could be a deterrent.

"These open-source tools have better product support-it's called Google Groups. If you do a search on Google Groups, in most situations, you'll have an international community available with answers round-the-clock."

"I'm not here to tell you that you should get rid of commercial products. There are some fantastic commercial products out there. However, in many cases, it is practical, cheaper and even better to look for an open-source alternative," Luallen said.

"Remember, the attack utilities are open-source as well. It's important that you understand the tools the bad guys are using to find holes in your system. You have to use those tools, too, and find the same faults."

Full Story

More in Tux Machines

FOSS in 3D Printing

  • Open source wifi enabled 3D printer controller Franklin speeds up with new release
    3D printing hit the mainstream a few years ago thanks in part to the open-source 3D printer market. The origins of this transition had to do with expiring patents held by the traditionally held commercial 3D printing companies. Since then, several small businesses have sprung up around the emerging low-cost 3D printer market. Some of these companies embraced the open-source mentality, while others are seeking shelter with patents.
  • Hackaday Prize Entry: Open-Source Myoelectric Hand Prosthesis
    Hands can grab things, build things, communicate, and we control them intuitively with nothing more than a thought. To those who miss a hand, a prosthesis can be a life-changing tool for carrying out daily tasks. We are delighted to see that [Alvaro Villoslada] joined the Hackaday Prize with his contribution to advanced prosthesis technology: Dextra, the open-source myoelectric hand prosthesis.
  • BCN3D Technologies releases open source files for BCN3D Sigma 3D printer
    As our readers will know, an important part of the 3D printing community is the idea of accessibility. Of course, it is more than just an idea, as everyday makers around the world share their 3D designs and models for free, and even 3D printing companies exercise an open-source philosophy with DIY 3D printers and accessible models. Recently, Barcelona based 3D printer developer BCN3D Technologies decided to further embrace the additive manufacturing open-source philosophy with their latest initiative, Open Source 360º. As part of the initiative, the company has announced that it will share all of its engineering, design, and fabrication information used in the manufacturing of their flagship product, the BCN3D Sigma 3D printer.
  • Shellmo: Aquatic 3D printed robot for fun and education
    Recently I came across a very interesting open hardware project called Shellmo. What caught my eye was that it's a 3D printed crustacean that seems to have no apparent real world use, though with a little creativity I can see educational implications. Shellmo is a unique, almost cartoon-like creatures that could captivate the imagination of children while at the same time affording them an opportunity to 3D print their own robot. With the current emphasis on STEM in education, Shellmo appears to be the kind of project that would stimulate student interest.

LibreOffice Liberation

  • Sun, sea, and open source: How Spain's Balearic islands are trying to turn into a tech paradise
    However, work remains to be done, especially on civil servants' desktops. "We started by replacing MSN Office", explains Villoslada. "Thanks to free office suite LibreOffice 5, we may overcome compatibility problems with documents coming in from different versions of MSN Office. We already have 1,000 Office licenses which are not necessary anymore, and we plan not to renew over 5,500 licenses purchased in 2007", he adds.
  • The Document Liberation Project: What we do
    While The Document Foundation is best known for LibreOffice, it also backs the Document Liberation Project. But what exactly is that? We’ve made a short video to explain all…

Kali Linux Alternative: BackBox Linux 4.6 Released With Updated Hacking Tools

BackBox Linux, a Kali Linux alternative, is here with its latest version i.e. BackBox Linux 4.6. Based on Ubuntu Linux, this hacking operating system is now available for download with updated hacking tools and Ruby 2.2. Read more

Chromebook and GNU/Linux

  • Turn Your Old Laptop into a Chromebook
    Once the drive is ready with bootable CloudReady, plug it into the target PC and boot the system. It may take a while for the system to boot into Chromium OS. Once booted, you will see the screen shown in Figure 3.
  • Running Linux and Chrome OS Together Using Crouton
    Leo Laporte is a longtime technology commentator and also the host of the show “The Screen Savers,” on the TWiT Netcast Network. In this video he explains how to install Linux on a Chromebook using Crouton, an open source tool developed by Google employee David Schneider.