Language Selection

English French German Italian Portuguese Spanish

Open-Source Security Tools Touted at InfoSec

Filed under
OSS
Security

A well-known security consultant on Tuesday urged cash-strapped businesses to consider using free, readily available open-source security tools and applications to help cope with the rising spate of malicious hacker attacks.

In what has become a recurring theme at this year's InfoSec World conference here, president and principal consultant at Sph3r3 LLC Matt Luallen said enterprises must embrace the same hacking tools used by the bad guys to find potential faults and vulnerabilities within critical information infrastructure.

"You can use open-source applications alongside commercial applications [to cut down on costs]," Luallen said during a show-and-tell with dozens of toolsets that can handle anything from fault identification to spam detection to incident response.

"There are some open-source utilities that blow away commercial products, and you should take advantage of them."

"Some of these tools work so well that, at the very least, you should start evaluating them for widespread use in your organization," Luallen said, seeking to dismiss fears that the absence of product support when using open-source utilities could be a deterrent.

"These open-source tools have better product support-it's called Google Groups. If you do a search on Google Groups, in most situations, you'll have an international community available with answers round-the-clock."

"I'm not here to tell you that you should get rid of commercial products. There are some fantastic commercial products out there. However, in many cases, it is practical, cheaper and even better to look for an open-source alternative," Luallen said.

"Remember, the attack utilities are open-source as well. It's important that you understand the tools the bad guys are using to find holes in your system. You have to use those tools, too, and find the same faults."

Full Story

More in Tux Machines

Exclusive: Elephone P1000, Snapdragon 801, 2K and CyanogenMod!

Elephone, most known for their every expanding range of Mediatek phones and as being one of the first manufacturers in China to offer an Android 4.4 Kitkat update, are preparing a 2014 Flagship killer of their own. The Elephone P1000 will be the most exciting Elephone smartphone to date with features we have not seen from the company so far. The P1000 will boast a 2.5Ghz Snapdragon 801 processor, Adreno 330 GPU, 3GB RAM and 32GB of on board memory. This compared to their current phones is an amazing achievement! Read more

Ken Starks to Keynote At Ohio LinuxFest

As most FOSS Force readers probably already know, Ken’s articles here and on his own Blog of Helios are only a small part of what he does. He’s one of those too rare people who works to make a difference in this world and he does so by leveraging the power of Linux and free and open source software for the greater good. As the founder of the Reglue project (originally called Helios), he’s responsible for putting refurbished computers in the hands of financially challenged students in and around the Austin, Texas area where he resides. Over the years there have been thousands of these students and many of them, given Reglue computers while in middle or high school, have gone on to not only earn undergraduate degrees, but to attend graduate school as well — often studying computer science. Read more

Mesa 10.3 release candidate 1

Mesa 10.3 release candidate 1 is now available for testing. The current plan is to have an additional release candidate each Friday until the eventual 10.3 release, (Ian can follow up to state what the planned date is for that). The tag in the git repository for Mesa 10.3-rc1 is 'mesa-10.3-rc1'. I have also pushed a tag '10.3-branchpoint' to mark the point where master and 10.3 diverge. This should make git-describe a bit more useful. As a reminder, with the 10.3 branch now created, patches nominated with: CC: will now be candidates only for the new 10.3 branch. To nominate patches for the older 10.2 branch as well, please use: CC: "10.2 10.3" The expectation is that the 10.2 branch will remain alive with bi-weekly releases until after 10.3.1 release. Mesa 10.3 release candidate 1 is available for download from ftp://freedesktop.org/pub/mesa/10.3 Read more

Canonical Joined The Khronos Group To Help Mir/Wayland Drivers

Canonical's specific involvement with the Khronos Group isn't listed and we haven't seen Canonical names closely associated with any major specs out of the different working groups to date. However, Oliver Ries, the Head of Engineering Product Strategy at Canonical, wrote into Phoronix that they joined the group for pushing their display server agenda with trying to work towards an underlying driver standard for Mir/Wayland. Oli noted in his email, "Canonical has joined Khronos in order to help establish the necessary driver standard that is required for Mir (and Wayland) to succeed. We have specifically contributed to the current standard proposal/draft." Read more