The Enterprise Security Supersite
NewsFactor Network Sites:   NewsFactor.com Security CRM Business Sci-Tech Newsletters XML/RSS Feed  
   
Home Network Security Viruses & Malware Spam & Hackers Security Products More Topics...
Network Security
Average Rating:
Rate this article:  
Top Open-Source Security Applications Top Open-Source Security Applications
By Mark Long
June 14, 2005 4:40PM

Bookmark and Share
According to most security professionals, a top-tier, open-source security tool must have sufficient history to allow a practitioner to use it with confidence. And it must have a sufficiently large developer base to ensure that fixes will be available in light of discovered vulnerabilities.
 

Related Topics

network
security

Latest News

China Busted Hacker-Training Site
FBI Tackles Scams From Haiti Relief
China Cyberattacks: Pervasive Threat
Patch Tuesday Will Tie MS Record
Cybersecurity Appears Hot for 2010

Those responsible for enterprise Relevant Products/Services security are increasingly turning to open-source applications in lieu of security products based on proprietary code -- and for many good reasons.

"Where open-source tools have an advantage in an enterprise is in their timeliness," said cryptography guru Ed Moyle of Security Curve. "Since no budget has to be allocated to deploy an open-source tool, it can often hit the ground faster than a commercial counterpart."

On the other hand, there is the question of accountability, Moyle noted. "Since there is no commercial entity overseeing a tool, on whom can the enterprise place pressure for added features or support?"

According to most security professionals, a top-tier, open-source security tool must have sufficient history to allow a practitioner to use it with confidence. And it must have a sufficiently large developer base to ensure that fixes will be available in light of discovered vulnerabilities.

Also, it must have a reasonably large user base so that support questions will already have been answered in a public forum. But there are many tools that meet these requirements and are in fact deployed at many large companies.

Tackling Basic Security Issues

Anthony Nadalin, Chief Security Architect for IBM's software group, recommends Bouncy Castle crypto interfaces and OpenSSL -- an open-source implementation of the secure sockets layer (SSL) and transport layer security (TLS) protocols.

"What most customers are looking for are secure, reliable transactions," Nadalin said. Bouncy Castle and OpenSSL form the basis for crypto and transport-level security, Nadalin said, which is one of the base requirements every customer Relevant Products/Services has.

Indeed, OpenSSL is at the top of nearly everyone's list. "I don't think the impact of OpenSSL can be overstated," said Yankee Group senior analyst Andrew Jaquith. "It single-handedly democratized encryption by making a very high-quality implementation available for everyone to use -- and all for free."

OpenSSL is commercial-grade and interoperates with digital certificates issued by public certificate authorities like VeriSign, Thawte and GoDaddy. "Equally important, it includes the ability to generate your own private certificates for testing purposes," he said.

OpenSSL also includes a library of basic crypto functions essential for validating the integrity of downloads from third-party sites via checksum algorithms.

Remote Connectivity

OpenSSH is another software package that comes highly recommended. This open-source implementation of the Secure SHell (SSH) session technology is designed to let administrators and users open a command shell on a remote host. (continued...)

1  |  2  |  3  |  4  |  5  |  Next Page >

 

Tell Us What You Think
Your Comment:

Also Visit:


Advertisement


 Network Security
1.   China Cyberattacks: Pervasive Threat
2.   Cybersecurity Appears Hot for 2010
3.   EPIC Objects To Google-NSA Ties
4.   Torrent Traps Used To Harvest Logins
5.   For Good Passwords, Think Sentence


advertisement
EPIC Objects To Google-NSA TiesEPIC Objects To Google-NSA Ties
Cyberattack meant to rattle Google?
Average Rating:
Torrent Traps Used To Harvest LoginsTorrent Traps Used To Harvest Logins
Web sites sold with backdoor access.
Average Rating:
Social Networks: A Hacker's DelightSocial Networks: A Hacker's Delight
Workers urged to be 'trained skeptics.'
Average Rating:


advertisement
Product Information and Resources for Technology You Can Use To Boost Your Business

CRM Systems

  Experience CRM—and Business—Success today with Salesforce.com.

Data Storage

  AT&T Synaptic Storage as a Service. Learn more.

Enterprise Hardware

  Trade in your old printer and save up to $400.
  Find out why now is the best time to buy a new APC Smart-UPS!
  HP ProLiant G6 Servers. Perform like a superstar, Save like an accountant.

Enterprise I.T.

  Tell us what you think. Take a survey.
  AT&T Synaptic Storage as a Service. Learn more.
  Find out why now is the best time to buy a new APC Smart-UPS!
  Stand out from other IS Professionals and increase your earning potential.

Enterprise Software

  Read the Top 10 Reasons to Upgrade to Windows Server 2008 R2.

Microsoft/Windows

  Read the Top 10 Reasons to Upgrade to Windows Server 2008 R2.

Mobile Enterprise Spotlight
Bar Codes Go Mobile, Get Hip Again
For decades, retailers have used patterns of black dots and lines to encode data onto products. Now, bar codes are gaining favor as an easy way for cell-phone users to view ads and other data instantly.
 
'Dead Simple, Dirt Cheap' JooJoo Tablet Shipping Soon
The JooJoo, a web-browsing tablet device that is the subject of a high-profile legal dispute, appears on track to reach buyers at the end of February, but the tablet scene has dramatically changed.
 
Review: Palm's Pre Plus Is Losing Pace
There's a lot to like about the Pre Plus and its underlying webOS. The 3-D graphics capability is great. Regrettably, the Pre Plus doesn't do justice to the potential and impressive capabilities of Palm's webOS.
 

Navigation
Enterprise Security Today
Home/Top News | Network Security | Viruses & Malware | Spam & Hackers | Security Products | Mobile Security | Windows Security | Data Security
EST Press Releases
NewsFactor Network Enterprise I.T. Sites
NewsFactor Technology News | Enterprise Security Today | CRM Daily

NewsFactor Business and Innovation Sites
Sci-Tech Today | NewsFactor Business Report

NewsFactor Services
FreeNewsFeed | Free Newsletters | Free Whitepapers | XML/RSS Feed

About NewsFactor Network | How To Contact Us | Article Reprints | Careers @ NewsFactor | Services for PR Pros | Top Tech Wire | How To Advertise

Privacy Policy | Terms of Service
© Copyright 2000-2010 NewsFactor Network. All rights reserved. Article rating technology by Blogowogo.