2010년 4월 18일 일요일
wget.exe
disk encryption software
Free open-source disk encryption software for Windows 7/Vista/XP, Mac OS X, and Linux
2010년 4월 15일 목요일
UnxUtils.zip괜츈한 공개/오픈소스 프로그램
2. Snort : IDS. 대부분의 상용 IDS 도 snort 기반이라죠.
3. Nagios : 모니터링 툴. 네트워크와 시스템의 상태를 그래프로 보여줍니다.
4. SpamAssassin : Spam 차단. 학습을 시켜서 똑똑하게 만들면 SPAM 95% 이상 없앨수 있습니다.
5. ClamAV : 우리말로 백신인 안티바이러스(Anti-virus). 하루에서 몇 번씩 pattern 이 업데이트 됩니다.
6. OpenSSL : Secure 전송해주는 고마운 툴킷과 암호화 library.
7. OpenSSH : Secure Shell. Telnet/FTP 말고 SSH/SFTP 사용합시다.
8. Nmap : 포트 스캐너 라고 만 하기엔 기능이 너무 다양한 스캐너. 옵션이 너무 많아서 걱정.
9. Ossec HIDS : 자칭, 타칭 Host 기반 IDS 의 최고.
10. Wireshirk : ethereal 의 새 이름. 패킷 캡처(pcap) 분석기
On the one hand, open source developers want to find a way to make money from their projects. On the other hand, many application users, particularly enterprise users, are looking for applications with fee-based support. Rightly or wrongly, they feel that paying a fee brings greater accountability, and often these users lack the skills to manage open source apps on their own and would rather pay someone else to do it.
With pressure from both sides, it's no wonder that so many open source security applications now have commercial components. In all, we’ve covered 26 open source applications that have fee-based support available in some form.
It's also worth noting that the revenue models for that fee-based support vary substantially from project to project. Our list includes subscription-based services where users pay a yearly or monthly fee for access to e-mail or telephone assistance, as well as "open core" products, which are based on open source projects but incorporate additional features.
Other projects on the list provide links to third parties, often "mom-and-pop" style shops, who can provide support and consulting on a small scale. And one enterprising developer simply offers his own services as an independent contractor as his project's "commercial support.
"No matter which revenue model they use, the apps on this list offer users the best of both worlds—the flexibility, security, and cost savings of open-source combined with the peace of mind that comes with commercial support.
Anti-Spam
1. SpamAssassin
SpamAssassin is not only one of the best open-source anti-spam solutions available, it's also one of the best anti-spam solutions period. The project developers do not provide commercial support directly, but they do offer a list of third-party vendors who offer supported products or services based on SpamAssassin. Operating System: OS Independent.
2. Mailwasher
Mailwasher comes in two flavors: Mailwasher Server is the free, open-source version and Mailwasher Pro is the commercially supported version. A new Enterprise Server edition is due to be released soon. Operating System: Windows, Linux, Unix, Solaris
Anti-Virus
3. ClamAV
One of the best-known open-source security applications available, ClamAV is often embedded in commercial applications. You can also buy commercial support (sold as "Certified ClamAV") from Sourcefire, the project's owner. Operating System: Unix, Linux, BSD.
Data Removal
4. Eban
Eban is the enterprise version of Darik's Boot and Nuke (also known as Dban). In additional to professional support, the enterprise version adds a couple of notable features: network booting (so you can erase a lot of hard drives at once) and advanced reporting. Operating System: OS Independent.
Firewall
5. IPCop
Designed for small businesses, IPCop turns any PC into a Linux-based network firewall appliance. Support is not available directly from the project owners, but the site does list a number of consultants located around the world who provide fee-based support. Operating System: Linux.
6. Smoothwall
This commercial version is based on "the world's favorite" open-source firewall, Smoothwall Express. In addition to the firewall software, Smoothwall also offers gateway appliances and web security/content filtering, email security/anti-spam, and bandwidth management (QoS) software. Operating System: Linux, Unix.
7. Vuurmuur
Vuurmuur acts as a firewall manager for iptables on Linux. This is a smaller project than some of the more well-known open-source firewalls, and as such it takes a pretty unique approach to fee-based support. If you click the "commercial support" link, you'll find that the project owner is willing to contract himself out as a consultant. Operating System: Linux.
8. Vyatta
We've classified it with the firewalls, but Vyatta (vee-AH-ta, sanskrit for "Open") also includes a router, intrusion prevention, and VPN. Various levels of support are available by subscription and pre-configured appliances are also available. Operating System: OS Independent.
9. AppArmor
While most of the firewalls on our list are network firewalls, AppArmor is an application-level firewall that makes sure programs only do what they're supposed to do. You can download it as a standalone program, but it's also included in Novell's openSUSE and SUSE Linux Enterprise. Operating System: Linux.
10. ModSecurity
Another Web application firewall, ModSecurity provides real-time monitoring and anlysis of attacks. Hardened appliances and commercial support are available from project developer Breach Security. Operating System: OS Independent.
Intrusion Detection and Prevention (IDS/IPS)
11. Snort
Sourcefire, developer behind ClamAV, also manages Snort, "the de facto standard for intrusion prevention." On the Sourcefire web site, you'll find a number of commercially supported products based on Snort, as well as training and support. Operating System: Linux, Unix, BSD, Mac OS X.
12. OSSEC
With more than 5,000 downloads a month, this IDS is among the world's most popular. Commercial support is available through Third Brigade. Operating System: Windows, Mac, Linux, Unix, BSD, Solaris.
Inventory Management
13. OCS Inventory NG
Having an up-to-date list of the hardware and software on your network can be invaluable for security planning. This handy app simplifies inventory management and deployment of new technology. Commercial support is available through the sservice partners listed on the site. Operating System: OS Independent.
14. Zimbra
As a messaging and collaboration suite, Zimbra isn't exactly a security solution. However, because it includes built-in anti-virus (provided by ClamAV) and anti-spam capabilities, we felt it was worth inclusion. In addition to the open-source version, Zimbra comes in a multitude of commercially supported flavors that each offer a different feature set. Operating System: Linux, Unix, OS X.
Network Monitoring
15. SNARE
Intersect Alliance offers a number of open-source SNARE (System iNtrusion Analysis and Reporting) agents which provide log analysis for a variety of platforms. If you want commercial support, you can purchase their SNARE server, which is a Linux-based appliance. Operating System: Windows, Linux, Unix, Solaris.
16. Tripwire
Tripwire audit and control software lets you know when changes have been made to your IT configuration. The Enterprise and Server editions are based on the open-source version and offer additional features and commercial support. Operating System: Linux, Unix
17. Nagios
Nagios offers enterprise-class monitoring for systems, applications, or networks. The Nagios Enterprises group offers commercial support and consulting. Operating System: Linux, Unix.
18. Wireshark
"The de facto standard" network protocol analyzer, Wireshark offers deep inspection of hundreds of protocols, live capture for offiline analysis, VOIP analysis, and much more. Support and training are both available through Cace Technologies. Operating System: Windows, Mac, Linux, Unix, BSD, Solaris.
19. ntop network monitoring app. Nmon offers both software and hardware for packet capture and analysis. Operating System: Windows, Linux, Unix.
Passwords and Authentication
20. WiKID
On this site you'll find both the free, open-source community edition of WiKID two-factor authentication software and the proprietary commercial version. In addition to support, the commercial edition adds a few features that aren't available for free. Operating System: OS Independent.
Unified Threat Management (UTM)
21. Endian Firewall
Endian sells a variety of UTM appliances built on the successful, open-source Endian Firewall Community Edition. If you prefer to create your own appliance using an old PC but still want support, Endian will also sell you a supported version of the software. Operating System: Linux.
22. Untangle
Untangle combines 18 separate applications (anti-virus, anti-spam, web filtering, firewall, etc.) into a single package that can be downloaded for free (Open Source Package) or purchased with subscription-based support (Professional Package). Either way, you will need one or more dedicated PCs to run the software, because Untangle does not sell pre-configured appliances. Operating System: Linux.
Virtual Private Network (VPN)
23. OpenVPN
Winner of numerous awards, OpenVPN provides medium and large enterprises with remote access, site-to-site VPNs, Wi-Fi security, and more. Although commercial support isn't available yet, this ap snuck onto the list because the Web site promises that commercial support will be available soon. Operating System: Windows, Linux, Mac OS X, Solaris, BSD
Vulnerability Assessment
24. Nessus
The newest versions of the Nessus network vulnerability scanner are closed-source (though still largely available for free). However, we included Nessus on our list because it's based on the older open-source version, which is still available on the site, and it offers enterprise-grade commercial products for network monitoring. Operating System: Windows, Linux, Mac OS X, Solaris, BSD.
25. Milescan Web Security Auditor
Milescan is the commercial version of Paros. Java-based, this scanner intercepts all http and https data transmitted between server and client to help evaluate the security of Web applications. Operating System: OS Independent.
Web Filtering
26. iSAK
Short for "Internet Secure Access Kit," iSAK controls access to Web sites based on user-defined rules and provides a variety of reports. Commercial support is available through Savoir-Faire Linux. Operating System: Linux, Unix.
VoIP-Monitoring.pdf
