Best Open Source Security Software
Security is paramount for any business. Security involves defence in depth. Approaching security one step at a time, with consistency and rigour, you can mitigate multiple threats, and provide protection against unauthorized access.
Security software is such a broad field that it’s almost impossible to make only 3 recommendations. We’ve limited this article to an anti-virus recommendation, a firewall recommendation, and an indispensable utility for network discovery and security auditing. It’s not glamorous software, but it’s essential.
 | ClamAV is an open source antivirus engine for detecting trojans, viruses, malware, and other malicious threats. It's a good all-round performer. http://www.clamav.net/ License: GNU General Public License v2 |
 | ClearOS is a simple, open, and affordable operating system with an intuitive graphical web-based user interface. It's designed with security at the forefont, with firewall, networking and security, combined with a popular intrusion detection and prevention system. ClearOS is targeted at homes, small to medium businesses, and distributed environments. It's based on CentOS and Red Hat Enterprise Linux. https://www.clearos.com/ License: GNU General Public License v2 and others |
 | Nmap is a high quality, award winning, and very mature network discovery and security auditing tool which issues specially crafted IP packets to the target host(s) and then analyzes the responses. https://nmap.org/ License: GNU General Public License v2 |
About Security
It’s embarrassing how many people have the misconception that Linux is a completely secure operating system. No operating system can possibly be totally secure regardless of the due diligence undertaken by developers, system administrators, and end users. Security issues can lie anywhere, as witnessed by the recent Meltdown and Spectre furore – vulnerabilities in modern chip design that enable attackers to bypass system protections on almost all recent PC, server and smartphone, allowing access to sensitive information, such as passwords, from memory.
Even disregarding the possibility of lurking hardware vulnerabilities, it’s a painstaking task to harden a system. Intruders use a variety of different techniques in an attempt to compromise a system. For example, systems can be attacked by denial of service, cracking, intrusion, snooping (intercepting the data of another user), or viruses/worms/Trojan horses. To have a secure box, a system therefore needs a variety of defences.
Most Linux distributions come with some advanced security tools (although some are difficult to configure properly). And there are many security-focused Linux distributions besides ClearOS.
Back to Linux Means Business Homepage