Click here to receive your FREE subscription to Campus Technology
Spotlight
A Cheapskate's Guide to Free Security Software
8/8/2008
NMAP is supported on the Linux, Microsoft Windows, FreeBSD, OpenBSD, Solaris, IRIX, Mac OS X, HP-UX, NetBSD, Sun OS, and Amiga operating systems. Support for NMAP comes from the user community, which maintains the Nmap-hackers mailing list and the nmap-dev list.
3. SNORT
SNORT, an intrusion detection system, is a perennial favorite. (If nothing else, you have to love their logo.) SNORT is an open source intrusion prevention and detection system that uses a rule-driven language that combines signature-, protocol-, and anomaly-based inspection methods. SNORT is commonly used in three ways:
- A packet sniffer similar to tcpdump;
- A packet logger; or
- A full rea-time network intrusion detection and prevention system that can detect a variety of attacks and probes, such as buffer overflows, stealth port scans, CGI attacks, SMB probes, and OS fingerprinting attempts.
The availability of plugins is important, since the software uses a modular rule-based architecture. SNORT's parent company, SourceFire, offers a free rules feed, which are delayed five days from their commercial release. Additional sources of rules include BleedingEdge Threats.
SNORT wasn't the only free package identified by respondents. OSSEC is an open source host-based intrusion detection that runs on Linux, OpenBSD, FreeBSD, Mac OS X, Solaris, and Windows, among others. BRO is an open source, Unix-based package that runs on commodity PC hardware and was designed for use by Unix experts to be a research platform for intrusion detection and traffic analysis. It is not for someone looking for an "out of the box" solution. But, if you're looking for a product that is flexible and highly customizable, this is worth a look. Some sites run another IDS as their front-line defense and use BRO to verify the results and experiment with new strategies.
Worthy of a Closer Look
After the first three, picks varied widely, with no clear-cut leaders. So here are some of the packages that were in the running.
Antivirus/Malware
Recommended Reading
- Moodle Gets SCORM Improvements, Security Fixes
New versions of Moodle have been released, bringing the most recent stable build to 1.9.3. The latest round of updates includes a number of bug fixes and security enhancements, as well as improvements to the SCORM module.
- Free 'Morro' Antivirus To Replace Microsoft OneCare
Microsoft is rolling out a free antivirus software program for consumers that will compete with products made by Symantec and McAfee. Code-named "Morro," the AV app is expected to be available by the end of 2009.
- Microsoft Demos New SQL Server Features at PASS
Microsoft Wednesday previewed the ability to centrally manage applications and resources in the planned upgrade of SQL Server, code-named "Kilimanjaro."
- Microsoft Unveils Exchange and SharePoint as Services
Microsoft exec Stephen Elop on Monday announced two hosted solutions from Microsoft--Exchange Online and SharePoint Online--which are now available to organizations of all sizes in the United States. The software, paid for by annual subscriptions, is hosted on Microsoft's servers and supported by Microsoft's channel partners.
- 6 Ways Not To Become Rote Using Instructional Technology
There are, in my experience, six strategies to consider with any use of technology that will guard against rote use of technology and facilitate critical analysis of teaching and learning effectiveness. In this article, I'll share with you the checklist I work with and encourage others to work with in learning about and using new technology.
- Bringing Student Web "Stuff" to Campus Enterprise Systems
How can an institution incorporate Web 2.0 learning opportunities for students, and evidence of learning from those opportunities, into existing campus technologies and processes? PlugJam is providing part of the answer.
