Protecting Your Data without Breaching Your Wallet!

Who says securing you network has to break your budget.  Check out this list of Free Security software that you can start using today to secure your network.  This is by no way a complete list and I will add to it as time goes but it is a good starting point.  If you know any free security applications that you would like to share please post a comment.  I will also be posting a PDF version of this soon.

Anti-Spam

ASSP Replaces Barracuda Spam and Virus Firewall

ASSP (short for “Anti-Spam SMTP Proxy”) works with existing Exchange, Lotus Notes, or other SMTP servers to stop the delivery of spam. Note that this a product for organizations, not home users, so you will need to be fairly knowledgeable to use it. Unlike the commercial Barracuda product, it’s software, not a physical appliance, and it only stops spam, not viruses. Operating System: OS Independent.

SpamAssassin Replaces Barracuda Spam and Virus Firewall

SpamAssassin is a mail filter to identify spam. It is an intelligent email filter which uses a diverse range of tests to identify unsolicited bulk email, more commonly known as Spam. These tests are applied to email headers and content to classify email using advanced statistical methods. In addition, SpamAssassin has a modular architecture that allows other technologies to be quickly wielded against spam and is designed for easy integration into virtually any email system. Operating System: Mac OS X, Windows, Linux

Anti-Virus/Anti-Malware

ClamAV Replaces Avast! Linux Edition, Virus Scan Enterprise for Linux

One of the best-known open source security software, ClamAv’s anti-virus capabilities has earned it a stellar reputation. The version available at this site works on Linux/UNIX and is most suitable for larger organizations. Operating System: Linux.

ClamAV for Windows Replaces Panda Cloud Antivirus

Recently released, the official ClamAV for Windows is a partnership between SourceFire (the owner of ClamAV) and cloud-based security provider Immunet. Because it runs in the cloud, this anti-virus software doesn’t drain system resources, and it’s able to use community-based protection to improve security. And while both Panda Cloud Antivirus and ClamAV for Windows are free, only ClamAV has source code available. Operating System: Windows.

ClamWin Free Antivirus Replaces Kaspersky Anti-Virus, McAfee Antivirus, Norton Anti-Virus

Suitable for home users, this front-end for the ClamAV antivirus offers good protection from viruses and integrates into Windows Explorer and Microsoft Outlook. Unlike the commercial products, however, ClamWin doesn’t automatically scan files in real time as you download them—you’ll have to schedule a scan of your system or manually click on a file to scan it individually. Operating System: Windows.

AVG Free Replaces Kaspersky Anti-Virus, McAfee Antivirus, Norton Anti-Virus

AVG Anti-Virus Free Edition 2011 allows you to: Surf and search with confidence AVG LinkScanner’s real-time protection, Stay protected on social networks with AVG Social Networking Protection, Enjoy a faster running PC AVG Smart Scanning works while you’re away and runs in low-priority mode when you return, stay up-to-date with the latest threat information from the AVG Community Protection Network and AVG Protective Cloud Technology.  Operating System: Windows

Anti-Spyware

Nixory Replaces Webroot Spy Sweeper

Nixory works along with your existing firewall and anti-virus software to eliminate data-mining and spyware threats. While Spy Sweeper works with all browsers, Nixory is specifically designed for Firefox users. Operating System: OS Independent.

Application Firewall

AppArmor Replaces Barracuda Web Application Firewall, Citrix NetScaler Application Firewall.

Part of openSUSE and SUSE Linux Enterprise, Novell’s application firewall uses policy-based profiles to control who can access various applications. This is not an appliance like the Barracuda product, but it does perform many of the same functions. Operating System: Linux.

ModSecurity Replaces Barracuda Web Application Firewall, Citrix NetScaler Application Firewall.

ModSecurity provides a wide range of protection for Web applications. While this site offers software, not hardware, you can also purchase an appliance similar to the Barracuda product from Breach Security. Operating System: OS Independent.

Backup

Areca Backup Replaces NovaBackup

While not as robust as some commercial backup utilities, Areca Backup does make it easy to backup selected files and folders with compression and encryption. It’s not a disk-ghosting application, which would allow you to restore your system completely, but it does save important files so you can find them again. Operating System: Windows, Linux.

Partimage Replaces Norton Ghost, NovaBackup, McAfee Online Backup

Unlike Areca, Partimage does save files in a way that provides easy recovery after a crash. It’s also part of the System Rescue CD package that contains a number of other helpful tools to help get your system back up and running. However, it’s only available for Linux. Operating System: Linux.

Browser Add-Ons

Web of Trust (WOT) Replaces McAfee SiteAdvisor Plus.

Very similar to the SiteAdvisor, this add-on for Firefox, Internet Explorer, or Chrome rates sites on their trustworthiness. When you use one of the major search engines, WOT will show you a red, green, or yellow circle, so you know whether or not the site is safe to visit. Operating System: Windows, Linux, OS X.

PasswordMaker Replaces Kaspersky Password Manager Roboform

PasswordMaker solves the problem of needing to create and remember multiple passwords. Although it works differently than the password managers listed above, it essentially solves the same problem. Operating System: Windows, Linux, OS X.

Data Leakage Protection

OpenDLP

OpenDLP is a free and open source, agent-based, centrally-managed, massively distributable data loss prevention tool released under the GPL. Given appropriate Windows domain credentials, OpenDLP can simultaneously identify sensitive data at rest on hundreds or thousands of Microsoft Windows systems from a centralized web application. OpenDLP has two components: a web application and an agent.  Operating System: Web App: Linux Agent: Windows

MyDLP

With MyDLP, you will be able to block any data flow containing credit card numbers, social security numbers or IBAN account numbers.  MyDLP provides data security for web, mail, printers, removable devices and more. Your sensitive data will not leak out through network connections or endpoint devices.  You train MyDLP with your private files once, and MyDLP will protect them forever. Your employee or any other person would not be able to transfer them outside. Operating System: Linux

Data Removal

BleachBit Replaces Easy System Cleaner

BleachBit erases the traces of your actions on your computer and speeds up performance by cleaning up your cache, deleting your history, and more. It can also “shred” files or folders so they can’t be recovered from your hard drive. Operating System: Windows, Linux.

Eraser Replaces BCWipe Enterprise

Even though you’ve deleted a file, someone may be able to recover it from your hard drive using forensics tools. However, Eraser writes over your old files, completely eliminating all traces of sensitive or personal files. Operating System: Windows

Wipe Replaces BCWipe Enterprise

Like Eraser, Wipe overwrites deleted files in order to make them impossible to restore. Operating System: Linux.

Darik’s Boot and Nuke Replaces Kill Disk, BCWipe Total WipeOut

Sometimes you need to erase an entire hard drive—if you are recycling or donating an old system, for example. DBAN does the job for you quickly and easily. Operating System: OS Independent.

Encryption

Encryption Wizard

Quickly and easily protect your important data inside and outside your organization. Encryption Wizard provides a user-friendly, drag-and-drop, single window interface to encrypt any type of file on nearly any computer or media.  To encrypt files or directories, simply drag them into the EW window, press Encrypt, and enter a passphrase and/or use a PKI certificate. EW can also create encrypted (and optionally compressed) archives of files and directories.  Developed by the U.S. Air Force, this is a single Java application that is portable and does not require administrative access to the system. The 128-bit encryption/decryption algorithm used by Encryption Wizard is considered cryptographically strong and is routinely used in National Security Agency (NSA) and National Institute of Standards and Technology (NIST) certified products. Encryption Wizard is designed to protect data at rest and in transit (such as email attachments). Operating System:  OS Independant

AxCrypt Replaces McAfee Anti-Theft, CryptoForge

The self-proclaimed “leading open source file encryption software for Windows,” AxCrypt makes it easy to protect files and folders in Windows. From Window Explorer, you just right-click to encrypt, and double-click to decrypt data. Operating System: Windows.

Gnu Privacy Guard Replaces Cypherus.

Also known as “GPG,” this Gnu app for encrypting e-mail and other communication is based on the OpenPGP standard—just like the PGP product. On the down side, this is a command-line project, so it’s not particularly easy to use. Operating System: Windows, Linux, OS X.

Mac GNU Privacy Guard Replaces Cypherus

This version of GPG was designed specifically for the Mac. Again, like the standard version, it’s not particularly user-friendly, but it does get the job done. Operating System: OS X.

gpg4win Replaces Cypherus

And, as you probably guessed, this is a version of GPG for Windows. Unlike the other two versions of GPG listed here, this one includes extensive documentation, including a novice guide for beginners. Operating System: Windows.

PeaZip Replaces WinZip

Like WinZip, PeaZip’s primary purpose is compressing files for archiving or transmission, but also like WinZip, it offers built-in encryption capabilities as well. PeaZip’s interface isn’t quite as easy to use as WinZip’s, but it can create and read more file types. Operating System: Windows, Linux.

Crypt Replaces McAfee Anti-Theft, CryptoForge

This file and folder encryption app was designed for maximum speed. Thanks to its small size, it works incredibly quickly—and you don’t even have to install anything on your system in order to use it. Operating System: Windows.

NeoCrypt Replaces McAfee Anti-Theft, CryptoForge

Another file and folder encryption utility, NeoCrypt integrates with Windows Explorer much like AxCrypt. It’s easy to use and supports ten different encryption algorithms. Operating System: Windows.

TrueCrypt Replaces PGP Whole Disk Encryption

Like the PGP product, TrueCrypt can protect your entire hard drive or thumb drive. Incredibly popular, it’s been downloaded more than 14 million times. Operating System: Windows.

File Transfer

WinSCP Replaces CuteFTP, FTP Commander

This utility makes it easy to transfer files using SFTP or SCP. It also includes a fairly basic file manager and FTP transfer capabilities. However, this is a file transfer client only—you can download files, but not set up your own FTP server. Operating System: Windows.

FileZilla Replaces CuteFTP, FTP Commander

FileZilla transfers files via FTP, SFTP and FTPS. Unlike WinSCP, it also includes a (Windows-only) server version so you can set up your own secure file transfer server. Operating System: Windows, Linux, OS X.

Forensics

BreachProbe

BreachProbe is free software for Computer Forensic Investigators. It extracts credit card data and network session information from pcap files and parses the raw captured data for offline forensic analysis. BreachProbe will let you import pcap files captured from tcpdump, Wireshark or any other sniffer that supports the PCAP file format. BreachProbe can be used for investigating online identity theft or credit card leakage incidents. The program exports the parsed data to a log file and automatically generates a SHA256 hash of the exported data. Only the last four digits of the credit card number(s) are stored in the log file. BreachProbe can extract VISA, Master Card, American Express, JCB, Discover and Diners Club credit cards from pcap files. Operating System: Windows

LAN Search Pro

LAN Search PRO is a utility for fast file searching across your LAN. You can search for specific file names or for specific file types (e.g. all MP3 files). LAN Search PRO provides a lightning fast search engine and includes the ability to search hidden network resources, restricted access resources, and IP subnets. Additional features include result sorting, filtering, and search within results. Operating System: Windows

OSForensics

Discover relevant forensic evidence faster.  Search within files and emails, recover deleted data, collect system information, find misnamed files, and view Timeline of activity, case management, portable, and more.  Run from a USB flash drive for the ultimate in portability. Operating System: Windows

ODESSA Replaces EnCase Forensics, X-ways Forensics, AccessData Forensic Toolkit

Short for “Open Digital Evidence Search and Seizure Architecture,” ODESSA, incorporates a variety of tools for collecting and analyzing digital evidence. While the project hasn’t been updated in a while, the tools continue to be helpful for analyzing Internet Explorer cookies and Windows files. Operating System: Windows, Linux, OS X.

PhotoSeek

This application is useful for law enforcement personal since it can identify similar photos, without the need for cryptographic file hashes, which are very frequently inaccurate at detecting image files. Images are easy to change without visible detection to the human eye, yet completely defeat file hash detection mechanisms.  PhotoSeek can identify similar images, even when they’ve been resized, compressed, or changed to other formats like bmp, jpg, and gif. Operating System: Windows

The Sleuth Kit/Autopsy Browser Replaces EnCase Forensics, X-ways Forensics, AccessData Forensic Toolkit

This project offers a more robust set of forensic tools that run from the command line (The Sleuth Kit) or through a browser interface (Autopsy Browser). Both provide the user with detailed information about file systems, including deleted data. Operating System: Windows, Linux, OS X.

RTIR: RT for Incident Response

RTIR is the premiere open source incident handling system targeted for computer security teams. We worked with over a dozen CERT and CSIRT teams around the world to help you handle the ever-increasing volume of incident reports.  A typical workflow begins by triaging incoming incident reports and linking them to an existing incident or creating a new one. Each incident is designed to keep track of everything you need to know to solve the problem. From an incident, it’s easy to launch investigations to work with law enforcement, network providers, or other organizations. You can also set up blocks to keep track of what’s been done to mitigate the issue. Operating System: Linux

Gateway/Unified Threat Management Appliances

Endian Firewall Community Replaces Check Point Security Gateways, McAfee Unified Threat Management (UTM) Firewall, SonicWall, Symantec Web Gateway

The Community version of Endian Firewall transforms any PC (even a pretty old one) into a Unified Threat Management (UTM) appliance that protects your network with a firewall, anti-virus, spam filtering, application level protection, content filtering, a VPN, and more. If you prefer, you can also buy a pre-configured hardware appliance that is based on the same open-source software. Operating System: Linux.

Untangle Replaces Check Point Security Gateways, McAfee Unified Threat Management (UTM) Firewall, SonicWall, Symantec Web Gateway

Untangle combines threat protection, network monitoring, and Web filtering capabilities into a single package. You can choose the open source package, one of several paid packages that include support, or you can download the open source virus blocker, spam blocker, firewall, Web filter, and other pieces separately. The Untangle Server is a multi-function firewall. It simplifies and consolidates the many network and security products that businesses need at the gateway to the Internet.  Operating System: Linux.

ClearOS Replaces Check Point Security Gateways, McAfee Unified Threat Management (UTM) Firewall, SonicWall, Symantec Web Gateway

Developed by Clear Foundation, ClearOS’s goal is to “ensure that every small organization and distributed IT environment on the globe can have proper security, filtration, and management tools.” It includes anti-spam, anti-virus, VPN, and all the other features you’d expect, and it comes with an easy-to-use Web interface. Operating System: Linux.

NetCop UTM Replaces Check Point Security Gateways, McAfee Unified Threat Management (UTM) Firewall, SonicWall, Symantec Web Gateway

Available as either a free open source download for up to five concurrent users or in an enterprise version for unlimited users, NetCop offers the same functions as Endian and Untangle and the commercial UTMs. However, it is not available as a pre-configured appliance. Operating System: Linux.

Hash

Hashtab

HashTab provides OS extensions to calculate file hashes. HashTab supports many hash algorithms such as MD5, SHA1, SHA2, RipeMD, HAVAL and Whirlpool. Hashtab is supported as a Windows shell extension and a Mac Finder plugin. HashTab provides an easy way to verify file integrity and authenticity.  Once you have installed HashTab, just right click on any file to view the Hash.

Host-based Intrusion Detection

OSSEC

OSSEC is an Open Source Host-based Intrusion Detection System. It performs log analysis, file integrity checking, policy monitoring, rootkit detection, real-time alerting and active response.  OSSEC is a scalable, multi-platform, open source Host-based Intrusion Detection System (HIDS). It has a powerful correlation and analysis engine, integrating log analysis; file integrity checking, Windows registry monitoring, centralized policy enforcement, rootkit detection, real-time alerting and active response. Operating System: Linux, MacOS, Solaris, HP-UX, AIX and Windows

Intrusion Detection

Open Source Tripwire Replaces Tripwire

In 2000, the owners of the popular Tripwire intrusion detection and file integrity monitoring software released their source code. Although Tripwire has since become a commercial, closed source application, this app is based on the original Tripwire code. It alerts systems administrators when changes have been made to specific files on their networks. Operating System: Windows, Linux.

AFICK Replaces Tripwire

Specifically designed to provide similar functionality as Tripwire, AFICK (short for “Another File Integrity Checker”) also alerts administrators to changes on systems connected to the network. Operating System: Windows, Linux.

Snort

Snort® is an open source network intrusion prevention and detection system (IDS/IPS) developed by Sourcefire. Combining the benefits of signature, protocol, and anomaly-based inspection, Snort is the most widely deployed IDS/IPS technology worldwide. With millions of downloads and approximately 300,000 registered users, Snort has become the de facto standard for IPS.  Operating System: Linux, Windows

Live CD’s

Network Security Toolkit

The main intent of developing this toolkit was to provide the network security administrator with a comprehensive set of Open Source Network Security Tools. An advanced Web User Interface (WUI) is provided for system administration, navigation, automation, geolocation and configuration of many network and security applications found within the NST distribution. In the virtual world, NST can be used as a network security analysis, validation and monitoring tool on enterprise virtual servers hosting virtual machines.

Backtrack

BackTrack is intended for all audiences from the most savvy security professionals to early newcomers to the information security field. BackTrack promotes a quick and easy way to find and update the largest database of security tools collection to-date. Our community of users range from skilled penetration testers in the information security field, government entities, information technology, security enthusiasts, and individuals new to the security community. Whether you’re hacking wireless, exploiting servers, performing a web application assessment, learning, or social-engineering a client, BackTrack is the one-stop-shop for all of your security needs

BotHunter

BotHunter is the first, and still the best, network-based malware infection diagnosis system out there.  It tracks the two-way communication flows between your computer(s) and the Internet, comparing your network traffic against an abstract model of malware communication patterns.  Its goal is to catch bots and other coordination-centric malware infesting your network, and it is exceptionally effective.

Katana

Katana is a portable multi-boot security suite which brings together many of today’s best security distributions and portable applications to run off a single Flash Drive. It includes distributions which focus on Pen-Testing, Auditing, Forensics, System Recovery, Network Analysis, and Malware Removal. Katana also comes with over 100 portable Windows applications; such as Wireshark, Metasploit, NMAP, Cain & Abel, and many more.

Samurai

The Samurai Web Testing Framework is a live Linux environment that has been pre-configured to function as a web pen-testing environment. The CD contains the best of the open source and free tools that focus on testing and attacking websites. In developing this environment, we have based our tool selection on the tools we use in our security practice. We have included the tools used in all four steps of a web pen-test.

OSWA Assistant – Wireless Hacking & Auditing LiveCD Toolkit

The OSWA-Assistant is a no-Operating-System-required standalone toolkit which is solely focused on wireless auditing. As a result, in addition to the usual WiFi (802.11) auditing tools, it also covers Bluetooth and RFID auditing. Using the toolkit is as easy as popping it into your computer’s CDROM and making your computer boot from it!

Orion Live CD

Orion is a Live CD, based on Ubuntu LucidLynx (10.04), and intended to provide a self-contained, trusted platform for incident response team members to use for analysis, communication, and collaboration.

NirLauncher

Not really a Live CD but did not know where else to put it and is a very useful tool.  NirLauncher is a package of more than 100 portable freeware utilities for Windows, all of them developed for NirSoft Web site during the last few years. NirLauncher can be used from USB flash drive without need of any installation. NirLauncher package includes variety of tools that you may need for your daily computer use, including utilities to recover lost passwords, to monitor your network, to view and extract cookies, cache, and other information stored by your Web browser, to search files in your system, and more…  Allows you to add the SysInternals Suite as well into one dashboard. Operating System: Windows

Log/Security Monitoring (SIEM)

ESIS Executive Security Information System

ESIS brings integrated enterprise security process management software. Just like SAP, or any ERP, has different module to handle the various processes of the enterprise, ESIS has independent but integrated modules to cover the IT Risks & Security processes. (http://esis.sourceforge.net/ESIS/Home.html)

OSSIM

OSSIM stands for Open Source Security Information Management. Its goal is to provide a comprehensive compilation of tools which, when working together, grant network/security administrators with a detailed view over each and every aspect of his or her networks, hosts, physical access devices, server, etc.  OSSIM provides a strong correlation engine, detailed low, medium and high level visualization interfaces, and reporting and incident management tools, based on a set of defined assets such as hosts, networks, groups and services. Operating System: Linux

iView

Cyberoam iView is an open source logging and reporting solution that helps organizations monitor their networks across multiple devices for high levels of security, data confidentiality while meeting the requirements of regulatory compliance. Operating System: Windows, Linux

Network Firewalls

IPCop Replaces Barracuda NG Firewall, Check Point Appliances

Instead of buying a firewall appliance, you can make your own with IPCop and an old PC. Note that while IPCop does provide a firewall for your network, it does not include anti-virus and some of the other features of the commercial product. Operating System: Linux.

Devil-Linux Replaces Barracuda NG Firewall, Check Point Appliances

Like IPCop, Devil-Linux also allows users to turn old hardware into a network firewall. It also lacks the anti-virus protection common in commercial appliances, but this project lets you use the system that is running the firewall as a secure server for a variety of applications. Operating System: Linux.

Turtle Firewall Replaces Barracuda NG Firewall, Check Point Appliances

Like the other tools in this category, Turtle Firewall makes it possible to create your own Linux-based network firewall. Based on Iptables, it offers a Web GUI that makes defining firewall elements and selecting services easy, or if you prefer, you can edit the XML files directly. Operating System: Linux.

Shorewall Replaces Barracuda NG Firewall, Check Point Appliances

Shorewall (a.k.a. “Shoreline Firewall”) can be used as a network firewall, as a gateway/router/server, or to protect a standalone Linux system. While it may not be the most intuitive tool for configuring Iptables to create your own firewall, it is very powerful and flexible. Operating System: Linux.

Sentry Firewall Replaces Barracuda NG Firewall

When installed on a PC attached to your network, Sentry Firewall acts as a network firewall, secure server, and/or intrusion detection system. Like Devil-Linux it also boots from a CD. Operating System: Linux.

Vuurmuur Replaces Barracuda NG Firewall

This is yet another Iptables-based Firewall, this time designed to be very easy to use. It also enables remote administration via SSH. Operating System: Linux.

Vyatta Replaces Cisco products

Vyatta offers router, firewall, and VPN products so similar to Cisco products, that the Web site even contains a handy comparison tool. In addition to the “core” open source software download, the company also sells software subscriptions and hardware based on the open source product. Operating System: Linux.

M0n0wall Replaces Barracuda NG Firewall, Check Point Appliances

m0n0wall is a project aimed at creating a complete, embedded firewall software package that, when used together with an embedded PC, provides all the important features of commercial firewall boxes (including ease of use) at a fraction of the price (free software). Operating System: Linux

pfSense Replaces Barracuda NG Firewall, Check Point Appliances

pfSense is a free, open source customized distribution of FreeBSD tailored for use as a firewall and router. In addition to being a powerful, flexible firewalling and routing platform, it includes a long list of related features and a package system allowing further expandability without adding bloat and potential security vulnerabilities to the base distribution. Operating System: Linux

Network Monitoring

Wireshark Replaces OmniPeek, CommView, PacketView Pro

Calling itself “the de facto (and often de jure) standard” for network protocol analysis, Wireshark has won numerous industry awards and boasts a very large user base. It performs deep inspection of hundreds of protocols and, unlike many of the similar commercial products, it works on multiple platforms. Operating System: Windows, Linux, OS X.

Tcpdump Replaces OmniPeek, CommView, PacketView Pro

This tool offers very similar functionality to Wireshark, but works from the command line instead of a GUI. Also, this version supports Linux systems only. Operating System: Linux.

WinDump Replaces OmniPeek, CommView, PacketView Pro

If you want to use tcpdump on a Windows system, this is the app you need. This site also provides a home to WinPcap, the packet capture and filtering engine used in a number of network monitoring tools, including some on this list. Operating System: Windows.

Zenoss

Zenoss assures IT service delivery to applications, business services and real-time physical, virtual, and cloud-based infrastructures.  Using the model as its foundation, Zenoss provides Awareness into IT operations with event notification, performance monitoring, and configuration management. Analytics, such as intuitive search and historical and predictive reports, enable accelerated root cause determination. Take the Action necessary to guarantee dynamic service assurance with alerts, scripts, and policy driven automation. Operating System: Linux

Nagios Replaces Solarwinds Orion

Nagios monitors your entire IT infrastructure to ensure systems, applications, services, and business processes are functioning properly. In the event of a failure, Nagios can alert technical staff of the problem, allowing them to begin remediation processes before outages affect business processes, end-users, or customers. With Nagios you’ll never be left having to explain why an unseen infrastructure outage hurt your organization’s bottom line. Operating System: Windows

Network Access Control

FreeNAC

FreeNAC provides a transparent solution for dynamic VLAN management while restricting LAN connectivity. From the security point of view, it detects ‘unknown’ devices that are trying to gain access through an open Ethernet LAN socket and denies access (and logs the event). Known, registered devices are switched to the LAN attributed to them. Operating System: Linux

PacketFence

PacketFence is a fully supported, trusted, Free and Open Source network access control (NAC) system. Boasting an impressive feature set including a captive-portal for registration and remediation, centralized wired and wireless management, 802.1X support, layer-2 isolation of problematic devices, integration with the Snort IDS and the Nessus vulnerability scanner; PacketFence can be used to effectively secure networks – from small to very large heterogeneous networks. Operating System: Linux

Password Crackers

Cain & Abel

Cain & Abel is a password recovery tool for Microsoft Operating Systems. It allows easy recovery of various kind of passwords by sniffing the network, cracking encrypted passwords using Dictionary, Brute-Force and Cryptanalysis attacks, recording VoIP conversations, decoding scrambled passwords, recovering wireless network keys, revealing password boxes, uncovering cached passwords and analyzing routing protocols. Operating System: Windows

Ophcrack Replaces Access Data Password Recovery Toolkit, Passware

Every enterprise network administrator needs a password cracker now and then. This one works fairly efficiently and runs from a CD or can be installed on your system. Operating System: Windows, Linux, OS X.

John the Ripper Replaces Access Data Password Recovery Toolkit, Passware

Especially good at finding weak passwords, John the Ripper searches lists of common passwords looking for a match. It’s not as good with strong passwords as the commercial apps or Ophcrack, but it works well in the many cases when users choose an easy-to-remember password. Operating System: Windows, Linux, OS X.

Password Management

Black Box Password Manger

The application stores your passwords in a highly encrypted local database. This database consists of only one file, so it can be easily transferred from one computer to another. Black Box Password Manager allows you to store your passwords grouped any way you like. You could sort the passwords by function (email, ftp) or by server, etc. The program can export the database to various formats (like TXT, XML, CSV …). It can also import data from various other formats (TXT files, CSV files …). Operating System: Windows

KeePass Password Safe Replaces Kaspersky Password Manager Roboform

KeePass stores your passwords in an encrypted database so that you only have to remember one master password. It doesn’t fill in forms for you (like Roboform), but it does have a strong password generator to help you pick good passwords. Operating System: Windows.

KeePassX Replaces Roboform

If you use Linux or a Mac, this is the version of KeePass for you. Operating System: Windows, Linux, OS X.

Password Safe Replaces Kaspersky Password Manager Roboform

With a very simple interface, Password Safe offers a bare-bones password management system. It also offers the option of storing different sets of passwords—for example, your work and home passwords—in different databases with different master passwords. Operating System: Windows.

Password Workbook Pro Replaces Roboform

Password WorkBook Pro is a professional but extremely controllable (even by novice users) software built to secure, store and manage passwords, sensitive data, access codes, crucial dates, figures, numbers, and not only. Basically, it is a database-type password protection software that works with your Internet browser to help you safely store all your password information. The program offers a huge functional range. You can use it to watch over: regular passwords, pin codes, database passwords, Advanced Web Server Passwords, FTP passwords, personal E-mail addresses, blog and forum passwords, cell phone logs, contacts, credit card info, diary entries, gadget pin codes and serials, license keys, network file share, personal notes, domain workgroup users. Operating System: Windows

Scanning

Nmap

Nmap is a free and open source utility for network exploration or security auditing.  It was designed to rapidly scan large networks, but works fine against single hosts. Nmap runs on all major computer operating systems, and official binary packages are available for Linux, Windows, and Mac OS X. In addition to the classic command-line Nmap executable, the Nmap suite includes an advanced GUI and results viewer (Zenmap), a flexible data transfer, redirection, and debugging tool (Ncat), and a utility for comparing scan results (Ndiff). Operating System: Windows, Linux

Angry IP Scanner

Angry IP scanner is fast and friendly network scanner for Windows, Linux, and Mac. It is very extensible, allowing it to be used for very wide range of purposes, with the primary goal of being useful to network administrators. Operating System: Windows, Linux

Sniffers

Ettercap

Ettercap is a suite for man in the middle attacks on LAN. It features sniffing of live connections, content filtering on the fly and many other interesting tricks.   It supports active and passive dissection of many protocols (even ciphered ones) and includes many features for network and host analysis.

Cain & Abel

Cain & Abel is a password recovery tool for Microsoft Operating Systems. It allows easy recovery of various kinds of passwords by sniffing the network, cracking encrypted passwords using Dictionary, Brute-Force and Cryptanalysis attacks, recording VoIP conversations, decoding scrambled passwords, recovering wireless network keys, revealing password boxes, uncovering cached passwords and analyzing routing protocols.  Operating System: Windows

Wireshark

Wireshark is the world’s foremost network protocol analyzer. It lets you capture and interactively browse the traffic running on a computer network. It is the de facto (and often de jure) standard across many industries and educational institutions. Operating System: Windows

User Authentication

WiKID Replaces Entrust IdentityGuard, Vasco Digipass

This two-factor authentication solution allows employees to access work servers remotely, customers to access online banking and other applications, and partners to access extranets. In addition to the free community edition, it’s available in a supported enterprise edition. Operating System: OS Independent.

Vulnerability Scanning

N-Stalker Web Application Security Scanner

N-Stalker Web Application Security Scanner 2009 Free Edition provides a restricted set of free Web Security Assessment checks to enhance the overall security of your web server infrastructure, using the most complete web attack signature database available in the market – “N-Stealth Web Attack Signature Database”. Operating System: Windows

NeXpose Community Edition

The NeXpose Community Edition is a free, single-user vulnerability management solution specifically designed for very small organization or individual use.  NeXpose Community Edition is powered by the same scan engine as award-winning NeXpose Enterprise and offers many of the same features. Support is available via the extensive online Community. Operating System: Windows

SQL Ninja

SQL ninja is a tool targeted to exploit SQL Injection vulnerabilities on a web application that uses Microsoft SQL Server as its back-end.  Its main goal is to provide a remote access on the vulnerable DB server, even in a very hostile environment. It should be used by penetration testers to help and automate the process of taking over a DB Server when a SQL Injection vulnerability has been discovered.

Web Filtering

DansGuardian Replaces McAfee Family Protection NetNanny

In addition to blocking known objectionable Web addresses, DansGuardian also uses phrase matching and PICS filtering to filter out undesirable content. The default settings filter content appropriately for young children, but they can be easily adjusted to provide any level of filtering desired. Operating System: Linux, OS X.

McGruff  SafeGuard

McGruff SafeGuard is a easy-to-use service designed to help parents manage their kids’ increasingly dangerous online activity. The service intelligently monitors ALL internet activity for potential danger.  The service allows parents to conveniently review their kids’ activities on a secure website, or to be notified of potentially dangerous situations via cell phone and email alerts.  McGruff SafeGuard alerts parents to dangerous behavior, such as Internet predators, sexual abuse, drug use, or criminal activity, and provides helpful advice to parents on how to deal with certain issues. Operating System: Windows

K9 Web Protection

K9 Web Protection is a free Internet filter and parental control software for your home Windows or Mac computer. K9 puts YOU in control of the Internet so you can protect your kids.  With Blue Coat K9 Web Protection, you don’t have to wait for the latest security patch or upgrade, which can leave your computer vulnerable to new and evolving Web threats. K9 delivers the comprehensive protection you need automatically. With K9, you get the same advanced Web filtering technology used by enterprise and government institutions worldwide — all with a user-friendly interface that allows you to control Internet use in your home. Operating System: Windows