Posted: 15 Jun 2007 12:51 PM CDT

Baby Bodyguard It never ceases to amaze me how much quality freeware/open source software (FOSS) there is out there. In honor of Security Week, I have decided to compile a list of security related FOSS.

I have broken the security software into the following categories:

All descriptions of the software are copied straight from the website.

This is by no means an exhaustive list and I can guarantee that there are several applications that I have missed but I see this list as a starting point. If you know of an excellent security tool that should be included in this post, please feel free to add it into the comments for all to see.

Anti-Phishing

Verification Engine -VerificationEngine gives you the ability to verify that the site you are visiting (or directed to via a e-mail) can be trusted - essential in the current environment of fraudulent sites and faked emails. Just mouse over the logo brand or image you want to verify and VerificationEngine will authenticate the different trust credentials of the site you are on. For example VerificationEngine will check logos such as credit card icons (for online purchasing) web site endorsements such as BBB online or TRUSTe or trade associations are legitimate. In addition simply mouse over a logo and a green border will indicate that the site is legitimately the company it claims to be.
TrendProtect - TrendProtect is a FREE browser plug-in that helps you avoid Web pages with unwanted content and hidden threats. TrendProtect rates the current page and pages listed in Google, MSN, and Yahoo search results. You can use the rating to decide if you want to visit or avoid a given Web page.
PhishTank - PhishTank is a collaborative clearing house for data and information about phishing on the Internet. Also, PhishTank provides an open API for developers and researchers to integrate anti-phishing data into their applications at no charge.

Anti-Spyware/Anti-Malware

BOClean - Our BOClean version 4.23 software protects you against a full spectrum of malware, automatically removing these programs from memory, your hard disk and your registry without the need to reboot or drop your internet connection. BOClean safely neutralizes these threats instantly without any risk of damage to your files or computer. Updates are FREE, and the update download and installation process is (or, in the case of network deployment, can be) completely automated.
Spybot - Search & Destroy - Spybot - Search & Destroy detects and removes spyware, a relatively new kind of threat not yet covered by common anti-virus applications. Spyware silently tracks your surfing behaviour to create a marketing profile for you that is transmitted without your knowledge to the compilers and sold to advertising companies. If you see new toolbars in your Internet Explorer that you haven’t intentionally installed, if your browser crashes inexplicably, or if your home page has been “hijacked” (or changed without your knowledge), your computer is most probably infected with spyware. Even if you don’t see the symptoms, your computer may be infected, because more and more spyware is emerging. Spybot-S&D is free, so there’s no harm giving it a try to see if something has invaded your computer.
AVG Anti-Spyware - The efficient solution against the new generation of threats spreading over the internet. Secure your data and protect your privacy against sypware, adware, trojans, dialer, keylogger and worms. We offer you advanced scanning and detection methods and state-of-the-art technology behind an easy to use interface.
Windows Defender - Windows Defender is a free program that helps you stay productive by protecting your computer against pop-ups, slow performance and security threats caused by spyware and other potentially unwanted software.
Ad-Aware SE Personal - It is our vision at Lavasoft that all individual, regardless of economic status or geographic location, should have the power to protect their privacy and security. Our free anti-spyware product, Ad-Aware SE Personal, gives you that security, providing advanced protection against harmful spyware that secretly attaches itself and takes control of your home computer. After using Ad-Aware, annoying pop-up ads, hijacked homepages and sluggish computer performance will be things of the past.And you can rest easy knowing that your personal information like bank details, passwords and credit card account numbers will be safe from sneaky spyware and hackers.
Spyware Terminator - Free 100% Real-Time Protection is included in Spyware Terminator basic version - an essential function most other applications charge you extra for. Effectively remove spyware, adware, trojans, keyloggers, home page hijackers and other malware threats.
SpywareBlaster - Prevent the installation of ActiveX-based spyware, adware, browser hijackers, dialers, and other potentially unwanted software. Block spyware/tracking cookies in Internet Explorer and Mozilla/Firefox. Restrict the actions of potentially unwanted sites in Internet Explorer.
<SpywareGuard - An anti-virus program scans files before you open them and prevents execution if a virus is detected - SpywareGuard does the same thing, but for spyware! And you can easily have an anti-virus program running alongside SpywareGuard.
Sandboxie - When you run a program on your computer, data flows from the hard disk to the program via read operations. The data is then processed and displayed, and finally flows back from the progam to the hard disk via write operations. Sandboxie changes the rules such that write operations do not make it back to your hard disk. Sandboxie intercepts changes to both your files and registry settings, making it virtually impossible for any software to reach outside the sandbox. Sandboxie traps cached browser items into the sandbox as a by-product of normal operation, so when you throw away the sandbox, all the history records and other side-effects of your browsing disappear as well.
a-squared Free - Security must not be a privilege. Under this motto, Emsi Software provides the Malware scanner a-squared Free completely free of charge for private use. But it is not a very limited version, it is a full tool to clean your computer from Malware. Not only Spywares, as detected by classic Anti-Spyware programs, but also especially Trojans, Backdoors, Worms, Dialers, Keyloggers and a lot of other destructive pests, which makes it dangerous to surf the web.

Antivirus

AVG Anti-Virus Free - AVG Anti-Virus Free Edition is one of the most popular solutions to provide basic security protection on home and non-commercial PCs.
avast! 4 Home Edition - avast! 4 Home Edition is a full-featured antivirus package designed exclusively for home users and non-commercial use. Both of these conditions should be met! Our company offers the Home Edition free of charge, since, in our opinion, it is possible to avoid global virus spreading by efficient prevention; however, many users are not able to or do not want to pay for antivirus software.
AOL Active Virus Shield - Advanced detection technology to help stop known and new viruses, spyware and other malware before they attack you. Always-on, automatically checks for updates every hour- providing real-time scanning and protection against virus threats.
Avira AntiVir PersonalEdition Classic - Protection and security against viruses, worms, Trojans, dialers & more
BitDefender 8 Free Edition - BitDefender 8 Free Edition is your chance to use one of the world’s most effective antivirus engines for free! BitDefender 8 uses the same ICSA Labs certified scanning engines found in other BitDefender products, allowing you to enjoy basic virus protection for no cost at all. BitDefender 8 Free Edition is an on-demand virus scanner, which is best used in a system recovery or forensics role.
BitDefender Removal Tools - virus specific removal tools.
Comodo AntiVirus 2.0 beta - Detects and eliminates viruses from desktops and networks, constantly protects with real-time On Access scanning, proactive Heuristic analysis intercepts unknown threats, host Intrusion Detection blocks malware before it can run, daily, automatic updates of virus definitions, simple to use: install and forget
ClamWin - ClamWin is a Free Antivirus for Microsoft Windows 98/Me/2000/XP and 2003. ClamWin Free Antivirus comes with an easy installer and open source code. You may download and use it absolutely free of charge. It features: High detection rates for viruses and spyware; Scanning Scheduler; Automatic downloads of regularly updated Virus Database; Standalone virus scanner and right-click menu integration to Microsoft Windows Explorer; Addin to Microsoft Outlook to remove virus-infected attachments automatically.
Cyberhawk - Cyberhawk is different. It does not rely on signatures, but instead constantly analyzes your computer’s behavior to detect and block any malicious activity. Cyberhawk protects immediately so you know your PC and your valuable data is always secure.

Encryption

Truecrypt - TrueCrypt is a software system for establishing and maintaining an on-the-fly-encrypted volume (data storage device). On-the-fly encryption means that data are automatically encrypted or decrypted right before they are loaded or saved, without any user intervention. No data stored on an encrypted volume can be read (decrypted) without using the correct password/keyfile(s) or correct encryption keys. Entire file system is encrypted (e.g.., file names, folder names, contents of every file, free space, meta data, etc).

Firewalls (Software)

Comodo Firewall Pro - With its built-in application database, Comodo Firewall Pro classifies more than 10.000 applications according to their risk level such as SAFE, SPYWARE, ADWARE etc. It is the only firewall which has such a big application database and which uses such a database to analyze the security risks.
Jetico Personal Firewall - The software offers detailed, configurable event logs, reports, plus the option to view and edit the firewall configuration. The modular architecture is as open as possible to assist with easier evaluation of the security.
Safety.Net - Safety.Net 3.61 offers Internet security, content security and advanced Internet firewall protection for all your LAN computers, and trust controls to block unwanted or harmful applications from accessing the network. You can define granular user or computer specific access controls based on site, content, PICS ratings and time of day. You can monitor connection level network activity round-the-clock and view detailed reports to analyze traffic and usage patterns.
ZoneAlarm Internet Security Suite - Network and Program Firewall, Operating System Firewall, Antivirus Protection, Anti-Spyware Protection, Identity Theft, Wireless PC Protection

Firewalls (Operating Systems)

SmoothWall Express - SmoothWall Express is an open source firewall distribution based on the GNU/Linux operating system. Linux is the ideal choice for security systems; it is well proven, secure, highly configurable and freely available as open source code. SmoothWall includes a hardened subset of the GNU/Linux operating system, so there is no separate OS to install. Designed for ease of use, SmoothWall is configured via a web-based GUI, and requires absolutely no knowledge of Linux to install or use.
IPCop - IPCop Firewall is a Linux firewall distribution geared towards home and SOHO (Small Office/Home Office) users. The IPCop interface is very user-friendly and task-based. IPCop offers the critical functionality of an expensive network appliance using stock, or even obsolete, hardware and OpenSource Software.
Freesco - FREESCO was developed in the open source tradition as an alternative to routing products offered by Cisco, 3-Com, Accend, Nortel etc. While all of these companies offer products that are well made, the overhead and overall costs can be expensive.FREESCO is open source, stable, inexpensive, easy to use, extremely versatile and flexible … and best of all, FREESCO is FREE. FREESCO is based on the Linux operating system. And incorporates many of the features of other Linux distributions into software that fits onto a single 1.44 meg floppy diskette.

Monitoring

Snort - Snort is an open source network intrusion prevention and detection system utilizing a rule-driven language, which combines the benefits of signature, protocol and anomaly based inspection methods. With millions of downloads to date, Snort is the most widely deployed intrusion detection and prevention technology worldwide and has become the de facto standard for the industry.
Wireshark - Wireshark is the world’s most popular network protocol analyzer. It has a rich and powerful feature set and runs on most computing platforms including Windows, OS X, and Linux. Network professionals, security experts, developers, and educators around the world use it regularly. It is freely available as open source, and is released under the GNU General Public License.
NetStumbler -NetStumbler is a tool for Windows that allows you to detect Wireless Local Area Networks (WLANs) using 802.11b, 802.11a and 802.11g. It has many uses: Verify that your network is set up the way you intended. Find locations with poor coverage in your WLAN. Detect other networks that may be causing interference on your network. Detect unauthorized “rogue” access points in your workplace. Help aim directional antennas for long-haul WLAN links.
Nagios - Nagios is a host and service monitor designed to inform you of network problems before your clients, end-users or managers do. It has been designed to run under the Linux operating system, but works fine under most *NIX variants as well. The monitoring daemon runs intermittent checks on hosts and services you specify using external “plugins” which return status information to Nagios. When problems are encountered, the daemon can send notifications out to administrative contacts in a variety of different ways (email, instant message, SMS, etc.). Current status information, historical logs, and reports can all be accessed via a web browser.

Passwords

Password Chart - create a complex password that is easy to remember using a unique password chart.
KeePass Password Safe - KeePass is a free/open-source password manager or safe which helps you to manage your passwords in a secure way. You can put all your passwords in one database, which is locked with one master key or a key-disk. So you only have to remember one single master password or insert the key-disk to unlock the whole database. The databases are encrypted using the best and most secure encryption algorithms currently known (AES and Twofish).
PINS - PINs is a free feature-rich Windows program for safe and comfortable storing of any secure information like passwords, accounts, PINs etc. PINs uses a secure 448 bit Blowfish algorithm to ensure the data are not crackable. The password used for securing access to stored data is not saved anywhere. PINs does not require installation and does not need any special dlls, drivers or system files which can mess up your system. This means that PINs can run directly from floppy - including data files - without installing anything. This is extremely useful if you wish to easily access your data on other computers as well.
Cain and Abel - Cain & Abel is a password recovery tool for Microsoft Operating Systems. It allows easy recovery of various kind of passwords by sniffing the network, cracking encrypted passwords using Dictionary, Brute-Force and Cryptanalysis attacks, recording VoIP conversations, decoding scrambled passwords, recovering wireless network keys, revealing password boxes, uncovering cached passwords and analyzing routing protocols. The program does not exploit any software vulnerabilities or bugs that could not be fixed with little effort. It covers some security aspects/weakness present in protocol’s standards, authentication methods and caching mechanisms; its main purpose is the simplified recovery of passwords and credentials from various sources, however it also ships some “non standard” utilities for Microsoft Windows users.

Patching

Microsoft Baseline Security Analyzer - Microsoft Baseline Security Analyzer (MBSA) is an easy-to-use tool designed for the IT professional that helps small- and medium-sized businesses determine their security state in accordance with Microsoft security recommendations and offers specific remediation guidance. Improve your security management process by using MBSA to detect common security misconfigurations and missing security updates on your computer systems.

Penetration Testing

Nessus - Nessus is the world’s most popular vulnerability scanner used in over 75,000 organizations world-wide. Many of the world’s largest organizations are realizing significant cost savings by using Nessus to audit business-critical enterprise devices and applications.

Privacy

Tor - Tor is a toolset for a wide range of organizations and people that want to improve their safety and security on the Internet. Using Tor can help you anonymize web browsing and publishing, instant messaging, IRC, SSH, and other applications that use the TCP protocol. Tor also provides a platform on which software developers can build new applications with built-in anonymity, safety, and privacy features.

Rootkits

RootkitRevealer - RootkitRevealer is an advanced rootkit detection utility. It runs on Windows NT 4 and higher and its output lists Registry and file system API discrepancies that may indicate the presence of a user-mode or kernel-mode rootkit. RootkitRevealer successfully detects all persistent rootkits published at www.rootkit.com, including AFX, Vanquish and HackerDefender (note: RootkitRevealer is not intended to detect rootkits like Fu that don’t attempt to hide their files or registry keys).
GMER - GMER is an application that detects and removes rootkits. It scans for: hidden processes, hidden threads, hidden modules, hidden services, hidden files, hidden Alternate Data Streams, hidden registry keys, drivers hooking SSDT, drivers hooking IDT, drivers hooking IRP calls, inline hooks.
DarkSpy Anti-Rootkit - DarkSpy Anti-Rookit is a multiway-based detection tool for rootkit detection. It internally combines many effective detection techniques, including DarkSpy’s own handlers and also methods used by other famous tools.

VPN

Hamachi - LogMeIn Hamachi is a VPN service that easily sets up in 10 minutes, and enables secure remote access to your business network, anywhere there’s an Internet connection. It works with your existing firewall, and requires no additional configuration. Hamachi is the first networking application to deliver an unprecedented level of direct peer-to-peer connectivity. It is simple, secure, and cost-effective
OpenVPN - OpenVPN is a full-featured SSL VPN solution which can accomodate a wide range of configurations, including remote access, site-to-site VPNs, WiFi security, and enterprise-scale remote access solutions with load balancing, failover, and fine-grained access-controls
SSL Explorer - SSL-Explorer is the world’s first open-source, browser-based SSL VPN solution. This unique remote access control solution provides you with a means of securely accessing intranet applications and resources using a standard web browser.
iPig - iPIG shields your data from even the most sophisticated methods of online spying and snooping like the “Evil twin attacks”. In addition, your sensitive information is not only protected between your computer and the wireless access point you’re using, but all the way to iOpus’ secure connection servers deep in the Internet. This ensures that your data can’t be easily hijacked through the air and at the point it transitions to a “wired” Ethernet connection.
FreeS/WAN -Linux FreeS/WAN is an implementation of IPSEC & IKE for Linux. IPSEC is Internet Protocol SECurity. It uses strong cryptography to provide both authentication and encryption services. Authentication ensures that packets are from the right sender and have not been altered in transit. Encryption prevents unauthorised reading of packet contents. These services allow you to build secure tunnels through untrusted networks. Everything passing through the untrusted net is encrypted by the IPSEC gateway machine and decrypted by the gateway at the other end. The result is Virtual Private Network or VPN. This is a network which is effectively private even though it includes machines at several different sites connected by the insecure Internet.