Performance Computing: Top Open-Source Security Tools For UNIXJun 01, 1999, 14:44 (0 Talkback[s])
(Other stories by Nalneesh Gaur)
"The price of protection is always less than the cost of lax security. Especially now." (Recommended reading. -- lt ed.)
"... open-source software (née freeware) has carved a niche for itself. UNIX systems out of the box may not be secure on their own. The use of open-source host-security software can make them more secure. Today, many choices are available to assist in strengthening the host security of UNIX servers. This article identifies and summarizes some popular and useful UNIX host-security-related open-source software, but will not list or discuss intrusion detection or other network security-related tools. The tools and utilities discussed here are complex."
"The Tripwire tool is used to detect unauthorized changes at a file/directory level. It can manage and track changes to key system files by maintaining an information database for the specified files..."
"The Sudo (superuser do) utility lets the administrator delegate root authority to users without sharing the root password. Sudo gives authorized users access to a subset of commands, files, and hosts on the network."
"Secure shell is the preferred tool for remote access to system resources by many system administrators today. ssh uses public-key cryptography to establish a secure channel of communication over public networks such as the Internet."
"Tiger scripts are part of the Texas A&M University Security Package (TAMU). The scripts analyze the system and report elements that could pose a security threat to it."
"The TCP Wrapper utility monitors and filters incoming requests for network services that are usually offered under the inetd configuration file such as telnet and ftp. The wrapper simply intercepts all incoming requestsThe TCP Wrapper utility monitors and filters incoming requests for network services that are usually offered under the inetd configuration file such as telnet and ftp. The wrapper simply intercepts all incoming requests..."
"Swatch [--] The purpose of this program is to scan the system log files to report security-related events or other events of interest."
"npasswd is a complete replacement for the UNIX passwd(1M) command."
"Many security issues have been identified in Sendmail over the years. The current release of Sendmail, v. 8.9.x, fixes most of the previously discovered vulnerabilities. In addition, Sendmail has many configuration options that provide protection against spamming."
"BIND version 8 has many new features, including an updated file-configuration file syntax and tighter access control based on port number and IP address. The current version of BIND fixes many security problems found in the previous releases."
"The utilities listed above are not intended to be a substitute for commercial products. The criteria used to select a security utility must be based on many issues such as ease of use, support level, local knowledge base, and ease of implementation. The choice of the security utilities must be based with the overall security architecture of the enterprise in mind."