Security Applications

One of David's pet peeves is security, or rather the lack of it.

One of my pet peeves is security or, should I say, the lack of it. It's a near-universal phenomena. Out of the box, most Linux distributions are about as wide open and easy to subvert as the standard Windows box. And this shouldn't be (though fortunately, it is changing). Anyone who connects to a public network (the Internet) should be responsible for that system and its use. We hold gun owners accountable for how their guns are used. The same should hold true for computer owners. But distribution makers should also help their customers in this regard, and a poorly secured system is child's play to break into. As evidence, a large number of script kiddies are teenagers. These children commit DDoS (distributed denial of service) attacks using IRC bots. They won't be punished even as minors, but they can put an internet commerce site out of business on a whim. All it would take is a properly configured Linux firewall in most homes to prevent this problem. And with the new Netfilter, it would be easy to put something together. The biggest roadblock seems to be educating users that they need this, lest their system be used for nefarious purposes.

Free Practice Management:

http://www.freepm.org/

I must say, up front, I am not a fan of Zope, and I was unable to get FreePM running via Apache with the provided instructions. Personally, I would have used Perl, PostgreSQL and Apache. But people tend to program using tools they know, I guess. That said, FreePM is more than worth a look for a medical practice. It is extremely well done even if Zope overly complicates its setup. It has support for everything a medical practice needs, including a prescription database, accounting, patient records and more, all well-tied together. Requires: Zope, Python.

Bugtrack:

www.agstools.com/products/bt.html

Extremely easy to install and administer, this utility is very lightweight. If you need a simple bug-tracking solution for Linux or just about any platform, you might want to take a look at this one. It is simple and easily customizable, and I always choose simplicity. Who wants to read documents for days to get something running? For that much effort, I could write the program myself. Requires: a database (MySQL, PostgreSQL, others with ODBC), Perl, DBI module for the database, web server, web browser.

nPULSE:

http://www.horsburgh.com/

Another easy-to-install and use utility, this one allows you to monitor your network through a web browser. nPULSE relies on nmap to scan your network for open ports to tell you if services are still running. This means nPULSE doesn't rely on SNMP, but it also means you'll have to adjust PortSentry or similar programs to account for the “scanning” activity. However, you may want to modify the HTML sources on this slightly. I find the black background with white writing a bit difficult to read (but that may just be my monitor resolution: 1280 × 1024, 16-bit color on a 19" screen). Requires: nmap, Perl, Perl modules Net::SSLeay and Mail::Mailer, OpenSSL (optional), Java (optional).

SendIP:

www.earth.li/projectpurple/progs/sendip.html

This tool is a must-have for all firewall administrators. Until the new iptables includes a check function, you'll need some way to test your firewall. The SendIP utility will allow you to do exactly that. You can send an IP packet (TCP, UDP) or an ICMP packet spoofing the source address to see what happens on your firewall. Works with IPv4 and IPv6, so you can test the iptables IPv6 rules as well. Requires: glibc.

Sentry Firewall CD:

http://www.sentryfirewall.com/

Now this is some CD. You boot from this CD, and with a few preconfigured files on a floppy (on which you've flipped the write-protect switch to read-only) you have a running firewall. Everything is either burned onto the CD or is in memory. If by some quirk, someone actually does manage to break in to this firewall, all you need is a reboot. All files deposited by the attacker are gone when the RAM re-initializes. This particular CD is based on Slackware. So if you have an old system with two NICs that will boot from the CD-ROM, you've got a firewall. Requires: system capable of booting from a CD-ROM, a way to burn a CD-ROM ISO image.

______________________

Webinar
One Click, Universal Protection: Implementing Centralized Security Policies on Linux Systems

As Linux continues to play an ever increasing role in corporate data centers and institutions, ensuring the integrity and protection of these systems must be a priority. With 60% of the world's websites and an increasing share of organization's mission-critical workloads running on Linux, failing to stop malware and other advanced threats on Linux can increasingly impact an organization's reputation and bottom line.

Learn More

Sponsored by Bit9

Webinar
Linux Backup and Recovery Webinar

Most companies incorporate backup procedures for critical data, which can be restored quickly if a loss occurs. However, fewer companies are prepared for catastrophic system failures, in which they lose all data, the entire operating system, applications, settings, patches and more, reducing their system(s) to “bare metal.” After all, before data can be restored to a system, there must be a system to restore it to.

In this one hour webinar, learn how to enhance your existing backup strategies for better disaster recovery preparedness using Storix System Backup Administrator (SBAdmin), a highly flexible bare-metal recovery solution for UNIX and Linux systems.

Learn More

Sponsored by Storix