Upcoming Events

Cloud Connect
Santa Clara
Feb 13-16, 2012

Cloud Connect brings together the entire cloud eco-system to better understand the transformation we're experiencing and promises to be the defining event of the cloud computing industry. Learn about the latest cloud technologies and platforms from thought leaders in Cloud Connect’s comprehensive conference.

Register Now!

More Events »

Subscribe to Newsletter

  • Keep up with all of the latest news and analysis on the fast-moving IT industry with Network Computing newsletters.
Sign Up

Vendor NewsFeed

More Vendor NewsFeed »

Business Applications
F E A T U R E  
Special Report: Are We There Yet?

  November 26, 2001
  By Kevin Novak and Patrick Mueller

Tux's Security Blanket

Printer Print Full Article
Printer Print This Page
Printer Download the PDF
E-Mail E-Mail This URL

Besides legendary uptime and low price, Linux's biggest draw may be its ability to be securely locked down and the scores of tools that can help IT managers enhance that security. Here are some of those tools.

Vulnerability Assessment

Nessus has quickly risen to the top of the heap of vulnerability-assessment tools, or scanners (see a comparison). Nessus is open source and under active development. The API lets new plug-ins be quickly developed by users; these plug-ins may then be included in the next revision of the scanner. Unique among open-source and commercial scanners, Nessus has a client/server architecture that allows for some useful applications. For example, the Nessus client can remotely control a Nessus server over a slow WAN link. Thus the intensive bandwidth required by normal scanning is limited to the local network and is not forced over skinny WAN links.

Intrusion Detection

Anyone researching the IDS (intrusion-detection system) market for a network-based product will come across the name Snort. Snort, which is an NIDS (network-based IDS), works by analyzing all traffic on a network. It then compares the captured network traffic with a database of known attack signatures and issues an alert when an attack is detected. Snort leads the pack in open-source IDSes and was ranked third out of 10 NIDS products in a recent review we conducted at the Neohapsis lab, in Chicago -- not bad considering the two solutions that beat it cost tens of thousands of dollars (see "Dragon Claws Its Way to the Top").

Port Scanning

These days, the term nmap is synonymous with port scanning. Still under active development, nmap is an essential part of any network or security administrator's toolkit. Scanning hosts for listening network services is the first step in assessing the security posture of a remote host, and nmap supports a variety of scanning techniques, each designed to achieve a particular result.

Network Monitoring and Analyzing

Ethereal is quickly becoming the network monitor of choice for many, even when pitted against its commercial counterparts. The number of protocols supported is mind-boggling, and the roster is still growing (click here for a complete list).

Most of these tools can be compiled or are already available in compiled or packaged format for many Unix platforms, but the inclusion of most of these tools in the standard installs (or at least in RPM format on the CDs) of several mainstream Linux distributions, such as SuSE and Mandrake, creates an unmatched level of convenience.

   Page: 1 | 2 | 3 | 4 | 5 | 6 | 7 | Next Page

Research and Reports

Hypervisor Derby
August 2011
Network Computing: August 2011

Video


WATCH: Box.net CEO Aaron Levie Takes On Microsoft

WATCH: HP Chairman Ray Lane: Focus On Innovation

WATCH: How OpenFlow Changes Networking


View All Videos
Previous Page First Page Second Page Third Page Next Page

Most Popular

Stories Blogs

More Stories »

Featured Whitepapers

Featured Reports

BlogRoll

TechWeb Careers