Open Source Corner 40 FREE AND OPEN SOURCE SECURITY TOOLS There are thousands of open source security tools with both defensive and offensive security capabilities. The following are essential security tools that will help you to secure your systems and networks - Compiled by Sonam Yadav NMAP OPENVAS OSSEC Nmap helps your network and ports OpenVAS is an open source OSSEC is a free, open-source host- with the number one port scanning vulnerability scanning suite that grew based intrusion detection system tool. Nmap now features powerful NSE from a fork of the Nessus engine (HIDS). It performs log analysis, integrity scripts that can detect vulnerabilities, when it went commercial. It manages checking, Windows registry monitoring, misconfiguration and security related all aspects of a security vulnerability Toolkit detection, time-based alerting, information around network services. management system from web-based and active response. It provides intrusion After you have nmap installed, be sure dashboards. detection for most operating systems, to look at the features of the included Download: http://www.openvas.org/ including Linux, OpenBSD, FreeBSD, OS ncat - its netcat on steroids. vm.html X, Solaris and Windows. OSSEC has a Download: http://filehippo.com/ centralized, cross-platform architecture download_nmap/ allowing multiple systems to be easily monitored and managed. Download: http://ossec.github.io/ downloads.html SECURITY ONION METASPLOIT FRAMEWORK OPENSSH Security Onion is a network security The Metasploit Project is a It secures all your traffic between two monitoring distribution that can computer security project that points by tunneling insecure protocols replace expensive commercial gray provides information about through an SSH tunnel. It includes boxes with blinking lights. Security security vulnerabilities and aids easy access to copy files securely. It Onion is easy to setup and configure. in penetration testing and IDS can be used as poor man’s VPN for With minimal effort, you will start to signature development. Metasploit Open Wireless Access points (airports, detect security-related events on your Framework, a tool for developing coffee shops). Tunnel back through network. Detect everything from brute and executing exploit code against your home computer and the traffic is force scanning kids to those nasty a remote target machine. Other then secured in transit. Access internal APT’s. important sub-projects include the network services through SSH tunnels Download: https://sourceforge.net/ Opcode Database, shellcode archive, using only one point of access. From projects/security-onion/ and related research. Windows, you will probably want to Download: http://download.cnet. have putty as a client and WinSCP for com/Metasploit/3000-2653_4- copying files. Under Linux just use the 75289381.html command line ssh and scp. Download: https://sourceforge.net/ projects/sshwindows/ pcquest.com twitter.com/pcquest facebook.com/pcquest linkd.in/pcquest [email protected] DECEMBER 2016 PCQUEST 45 Open Source Corner WIRESHARK NETSurveyor Truecrypt Wireshark helps to view traffic NetSurveyor is a free but closed It encrypts all the things. Truecrypt in as much detail as you want. source Wi-Fi stumbler and basic is a strong encryption utility that Use Wireshark to follow network analyzer. It displays the basic AP can encrypt entire volumes or streams and find problems. TCP details but doesn’t specify the create an encrypted container dump and Tshark are command exact authentication or encryption within a file system. Use Truecrypt line alternatives. Wireshark runs on method. It can also record data to protect your flash drives. If it gets Windows, Linux, FreeBSD or OSX for extended periods and played- lost, even the NSA will have trouble based systems. back in the future. You can also reading the data. Download: http://filehippo.com/ create useful reports in Adobe PDF Download: http://filehippo.com/ download_wireshark/ format, which includes a snapshot download_truecrypt/ of the AP details and all the graphs. NetSurveyor Pro adds the ability to view and record actual performance stats of APs you’re connected to instead of using just its broadcast beacons.. Download: http://download.cnet. com/NetSurveyor/3000-2085_4- 10882471.html. NETSTUMBLER VISTUMBLER INSSIDER NetStumbler is one of the oldest and Vistumbler is a newer open source InSSIDer is a relatively new open most known Wi-Fi stumblers and runs that displays the basic AP details, source Wi-Fi stumbler which shows on Windows and Windows CE/Mobile. including the exact authentication the usual list of AP details but doesn’t It lists nearby APs and displays their and encryption methods, and can show the exact authentication basic details: SSID, channel, speed, even speak the SSID and RSSI of method. You can see the encryption MAC address, vendor, and encryption. APs. Similar to NetStumbler, you can method used but can’t distinguish, for Unlike most other stumblers, it also view a list of all APs or drill down to example, between WPA-PSK and WPA- shows the signal, noise, and signal-to- those categorized by authentication, Enterprise networks. Like most other noise ratio (SNR) levels. Additionally, it encryption, channel, network type, and stumblers, inSSIDer doesn’t include has GPS support to record AP locations SSID. You can also view graphs of the the noise or signal-to-noise (SNR) when war driving. AP signals in addition to viewing text values; just gives you the RSSI values. Download: http://netstumbler. readouts. It’s highly customizable and Download: http://inssider.en.softonic. en.softonic.com/ offers flexible configuration options. com/ For example, you can define and save AP names to better distinguish them in the future. In addition to basic GPS support to record AP locations, it supports live tracking within the application using Google Earth. Download: https://sourceforge.net/ projects/vistumbler/ 46 PCQUEST DECEMBER 2016 pcquest.com twitter.com/pcquest facebook.com/pcquest linkd.in/pcquest [email protected] MERAKI WIFI STUMBLER KISMET NIKTO This is a simple web-based Kismet is a free and open Wi- Nikto is great for firing at a web stumble, runs in most browsers Fi stumbler, packet sniffer and server to find known vulnerable on Macs and PCs and even works intrusion detection system for scripts, configuration mistakes, when offline. It displays most of Windows, Mac OS X, Linux, and and related security problems. It the basic wireless details (with BSD.It shows the AP details, won’t find your XSS and SQL web signal levels in percentages) including the SSID of “hidden” application bugs, but it does find and offers a bar graph of APs networks. Plus it reports the noise many things that other tools miss. per channel. It doesn’t allow levels and gives you the signal- Download: http://webscripts. any customization and doesn’t to-noise (SNR) values. It can also softpedia.com/script/Security- offer any additional functionality capture the raw wireless packets Systems/Nikto-70370.html beyond displaying the network to a PCAP file, so you can import basics and letting you perform into Wireshark, TCP dump, and searches of the data. However, other tools. this stumbler is still useful if you Download: https://www. want to check wireless signals kismetwireless.net/download. from a computer that doesn’t shtml already have a stumbler installed. Download: http://xirrus-wi-fi- inspector.en.softonic.com/ ICINGA 2 ZENOSS CORE OPENNMS Icinga began life as a fork of system Another open source stalwart, An extremely flexible network monitoring application. It was Zenoss Core gives network management solution, OpenNMS can completely rewritten to give users a administrators a complete, one-stop handle any network management modern interface, support for multiple solution for tracking and managing task, whether it’s device management, databases, and an API to integrate all of the applications, servers, application performance monitoring, numerous extensions. With out-of- storage, networking components, inventory control, or events the-box load balancing, notifications, virtualization tools and other elements management. With IPv6 support, a and configuration, Icinga 2 shortens of an enterprise infrastructure. robust alerts system, and the ability the time to installation for complex Administrators can make sure the to record user scripts to test Web environments. Icinga 2 supports hardware is running efficiently and applications, OpenNMS has everything Graphite natively, giving administrators take advantage of the modular design network administrators and testers real-time performance graphing to plug in ZenPacks for extended need. OpenNMS has become, as now without any fuss. functionality. a mobile dashboard, called OpenNMS Download: http://meraki-wifi- Download: https://sourceforge.net/ Compass, lets networking pros keep stumbler.soft112.com/ projects/zenoss/ an eye on their network even when they’re out and about. Download: https://sourceforge.net/ projects/opennms/ pcquest.com twitter.com/pcquest facebook.com/pcquest linkd.in/pcquest [email protected] DECEMBER 2016 PCQUEST 47 Open Source Corner 8 LATEST LINUX DISTROS the best Linux distro for you may not be the best Linux distro for another user. Many Linux users are distro- hoppers, regularly moving from distribution to distribution. Some may be looking for the perfect distro, while others are simply curious about the latest Linux developments. here are the eight latest ones. 1 BODhi LiNux 2. DEBIAN 3. UBUNTU Bodhi Linux is a lightweight Linux Debian is a Unix-like computer Ubuntu is often said to be the most distribution based on Ubuntu that uses operating system that is composed popular Linux distribution. The default the Moksha Desktop Environment. entirely of free software, most of installation features the Unity desktop, The philosophy for the distribution which is under the GNU General Public which was designed to answer Ubuntu is to provide a minimal base system License, and packaged by a group of founder Mark Shuttleworth’s challenge so that users can populate it with individuals called the Debian Project. to free software to build a desktop to the software they want.