Security Applications

One of David's pet peeves is security, or rather the lack of it.

One of my pet peeves is security or, should I say, the lack of it. It's a near-universal phenomena. Out of the box, most Linux distributions are about as wide open and easy to subvert as the standard Windows box. And this shouldn't be (though fortunately, it is changing). Anyone who connects to a public network (the Internet) should be responsible for that system and its use. We hold gun owners accountable for how their guns are used. The same should hold true for computer owners. But distribution makers should also help their customers in this regard, and a poorly secured system is child's play to break into. As evidence, a large number of script kiddies are teenagers. These children commit DDoS (distributed denial of service) attacks using IRC bots. They won't be punished even as minors, but they can put an internet commerce site out of business on a whim. All it would take is a properly configured Linux firewall in most homes to prevent this problem. And with the new Netfilter, it would be easy to put something together. The biggest roadblock seems to be educating users that they need this, lest their system be used for nefarious purposes.

Free Practice Management:

http://www.freepm.org/

I must say, up front, I am not a fan of Zope, and I was unable to get FreePM running via Apache with the provided instructions. Personally, I would have used Perl, PostgreSQL and Apache. But people tend to program using tools they know, I guess. That said, FreePM is more than worth a look for a medical practice. It is extremely well done even if Zope overly complicates its setup. It has support for everything a medical practice needs, including a prescription database, accounting, patient records and more, all well-tied together. Requires: Zope, Python.

Bugtrack:

www.agstools.com/products/bt.html

Extremely easy to install and administer, this utility is very lightweight. If you need a simple bug-tracking solution for Linux or just about any platform, you might want to take a look at this one. It is simple and easily customizable, and I always choose simplicity. Who wants to read documents for days to get something running? For that much effort, I could write the program myself. Requires: a database (MySQL, PostgreSQL, others with ODBC), Perl, DBI module for the database, web server, web browser.

nPULSE:

http://www.horsburgh.com/

Another easy-to-install and use utility, this one allows you to monitor your network through a web browser. nPULSE relies on nmap to scan your network for open ports to tell you if services are still running. This means nPULSE doesn't rely on SNMP, but it also means you'll have to adjust PortSentry or similar programs to account for the “scanning” activity. However, you may want to modify the HTML sources on this slightly. I find the black background with white writing a bit difficult to read (but that may just be my monitor resolution: 1280 × 1024, 16-bit color on a 19" screen). Requires: nmap, Perl, Perl modules Net::SSLeay and Mail::Mailer, OpenSSL (optional), Java (optional).

SendIP:

www.earth.li/projectpurple/progs/sendip.html

This tool is a must-have for all firewall administrators. Until the new iptables includes a check function, you'll need some way to test your firewall. The SendIP utility will allow you to do exactly that. You can send an IP packet (TCP, UDP) or an ICMP packet spoofing the source address to see what happens on your firewall. Works with IPv4 and IPv6, so you can test the iptables IPv6 rules as well. Requires: glibc.

Sentry Firewall CD:

http://www.sentryfirewall.com/

Now this is some CD. You boot from this CD, and with a few preconfigured files on a floppy (on which you've flipped the write-protect switch to read-only) you have a running firewall. Everything is either burned onto the CD or is in memory. If by some quirk, someone actually does manage to break in to this firewall, all you need is a reboot. All files deposited by the attacker are gone when the RAM re-initializes. This particular CD is based on Slackware. So if you have an old system with two NICs that will boot from the CD-ROM, you've got a firewall. Requires: system capable of booting from a CD-ROM, a way to burn a CD-ROM ISO image.

______________________

Geek Guide
The DevOps Toolbox

Tools and Technologies for Scale and Reliability
by Linux Journal Editor Bill Childers

Get your free copy today

Sponsored by IBM

Webcast
8 Signs You're Beyond Cron

Scheduling Crontabs With an Enterprise Scheduler
On Demand
Moderated by Linux Journal Contributor Mike Diehl

Sign up and watch now

Sponsored by Skybot