80 of the Best Linux Security Applications

Artikel ini sudah lama tahn 2008, tetapi terkadang saya masih membutuhkannya. Untuk dokumentasi coba masukan di blogger ini.

80 of the Best Linux Security Applications

Anti-Virus
AMaViS	Mail virus scanner
Avast!	Virus protection, with anti-spyware and anti-rootkit software
AVG Free	Anti-virus and Anti-spyware software
ClamAV	Anti-virus toolkit, designed especially for e-mail scanning on mail gateways
P3Scan	Scans email messages
Anti-Malware
chkrootkit	Check for signs of a rootkit
OSSEC	Rootkit detection
Nixory	Anti Spyware program open source for Mozilla Firefox
rkhunter	Scans for rootkits, backdoors and possible local exploits
Encryption
GnuPG	Encrypt and sign data and communication
MailCrypt	Simple interface to public key cryptography with PGP
MCrypt	Developer tool for adding a wide range of encryption functions
OpenSignature	Digital signature of documents
PeaZip	Portable, open source archiving, encryption and file split tool
Seahorse	GNOME application for managing encryption keys
Steghide	Hide data in various kinds of image- and audio-files
Stunnel	Encrypt arbitrary TCP connections inside SSL (Secure Sockets Layer)
TrueCrypt	Disk encryption software
Firewalls / Network Gateways
ClarkConnect	Dedicated firewall and Internet server/gateway
FireHOL	Stateful iptables packet filtering firewall configurator
Firestarter	Visual firewall program
Netfilter	Packet filtering framework
IPCop	Linux firewall distribution
ShellTer	Iptables-based firewall supporting port forwarding, blacklisting, whitelisting
Shorewall	High-level tool for configuring Netfilter
Untangle	Commercial-grade open source alternative to SonicWALL and WatchGuard
Turtle Firewall	Firewall configuration project based on Linux 2.4.x/2.6.x and iptables
Vuumuur	Powerful firewall manager built on top of iptables
Intrustion Detection
AFICK	Monitor the changes on your filesystems
BASE	Web front-end to query and analyze the alerts from a SNORT IDS system
Bro	Passively monitors network traffic and looks for suspicious activity
Kismet	Wireless network detector, sniffer, and intrusion detection system
OSSEC	Open Source Host-based Intrusion Detection System
Sguil	Analyst Console for Network Security Monitoring
SNARE	System iNtrusion Analysis and Reporting Environment
Snort	Network intrusion prevention and detection
Snort_inline	Modified version of Snort
Tripwire	Provides configuration audit and control features
Network Monitoring
AIM Sniff	Monitoring and archiving AOL Instant Messenger and MSN messages
Argus	Fixed-model Real Time Flow Monitor
Nagios	Host and network monitoring tool
Nipper	Network Infrastructure Configuration Parser
NSAT	Network Security Analysis Tool
ntop	Network traffic probe that shows the network usage
SEC	Simple Event Correlator
SniffDet	Remote Sniffer Detection Tool/Library
tcpdump	Network debugging tool
Network Traffic Analyzer
dsniff	Collection of tools for network auditing and penetration testing
Ettercap	Multipurpose sniffer/interceptor/logger for switched LAN
ngrep	Network grep
Kismet	Wireless network detector, sniffer, and intrusion detection system
Wireshark	Network protocol analyzer
Packet Crafting
Hping3	TCP/IP packet assembler/analyzer
Nemesis	Packet crafting and injection utility
Scapy	Interactive packet manipulation program
Yersinia	Network tool to take advantage of weaknesses in network protocols
Portscanner
Angry IP Scanner	Fast and friendly network scanner
Knocker	TCP security port scanner
Unicornscan	User-land Distributed TCP/IP stack for information gathering and correlation
Vulnerability Scanner
Nessus	Comprehensive vulnerability scanning software
SARA	Third generation security analysis tool that is based on the SATAN model
Tiger	Perform a security audit of UNIX systems
Log File Analyzers
AWStats	Advanced web, streaming, ftp or mail server statistics, graphically
IPtables Log Analyzer	Analyzes the log output from an iptables firewall
tcpreplay	Use previously captured traffic in libpcap format to test network devices
tcptrace	Analyze TCP dump files
The Webalizer	Web server log file analysis
Data Removal
Darik's Boot and Nuke	Self-contained boot floppy that securely wipes hard disks
Wipe	Secure file wiping utility
Password Management
Figaro's Password Manager	GNOME application that allows password to be securely stored
KeePassX	Lightweight and easy-to-use password manager
VPN Tools
Poptop	PPTP server solution
OpenVPN	Full-featured SSL VPN solution
SSL Explorer	Fully-featured, web-based SSL VPN server
Forensics
ODESSA	Open Digital Evidence Search and Seizure Architecture
Other Tools
Denyhosts	SSH attack prevention
iptables	Configure the Netfilter tables, chains, and rules
mtr	Network diagnostic tool
Netcat	Reads and writes data across network connections
Nikto	Web server scanner performing comprehensive tests against web servers
OpenSSH	SSH connectivity tools
Smart Sign	Smartcard based digital signature

PRTG Traffic Grapher

Beberapa waktu lalu ada permintaan dari user yaitu berapa kali jaringan di site Banjarmasin putus.
Awalnya di site Banjamasin dibuat infrastucture untuk VPN VSAT melalu vendor LA.
Jaringan tersebut lalu masuk ke HO Pusat Cakung Jakarta menggunakan PCRouter Ubuntu (artikel : http://antonprasetyo.blogspot.com/2009/02/auto-restart-network.html).

Pada artikel tersebut ternyata hal yang sudah dioperasikan masih kurang stabil. Dan ini sangat mengganggu aktifitas apalagi setiap hari dan setiap saat selalu ditanyakan...mas jaringannya putus lagi...kita gak bisa email.
Hal tersebut dikarenakan Ethernet Card di PCRouter (artikel : http://antonprasetyo.blogspot.com/2009/02/ethernet-gigabit-4-port-dari-via.html) port-nya sering down.
Jika port dari Vsat dilangsungkan ke ethernet yang lain tidak ada masalah. Yang menjadi masalah port tersebut sudah penuh.

Akhirnya saya mengorbankan salah satu PC Server test sebagai router ke-2 yang dijadikan penghubung antara VSAT Banjarmasin ke LAN Jakarta.

Saya sangat yakin sekali bahwasannya tidak ada lagi masalah jaringan dari kantor Pusat.
Tetapi masih saja ada keluhan dengan putus nyambungnya jaringan (yang oasti frekuensinya tidak spt sebelumnya), saya yakin itu bukan dari PCRouter HO. Benar saja setelah ditanyakan ternyata di Site Banjarmasin kadang mati listrik.

Akhirnya saya memtuskan untuk mencari tools untuk mengetahui kondisi jaringan tersebut.
Mr. Google menemukan jawaban yaitu PRTG Traffic Graphic Tools tersebut terdiri dari versi Bayar dan Free (dengan keterbatasan sensor) 10 sensor.

Setelah saya install, tools ini sangat membantu saya, dan menemukan jawaban kembali yaitu jaringan yang kadang putus ternyata terjadi karena modem vendor LA yang kurang setingan. Dan akhirnya saya menghubungi LA (disambut baik) dan mencoba men-seting ulang parameter di modem tersebut.


Dari PRTG juga bisa diaktifkan mode sniffer, untuk melihat protokol data apa saja yang lewat dijaringan. Dan saya coba untuk trap jaringan di cabang yang lain.