Linux security software

complete implementation of the OpenPGP and S/MIME standards

Nmap (Network Mapper) is a network scanner created by Gordon Lyon (also known by his pseudonym Fyodor Vaskovich). Nmap is used to discover hosts and services on a computer network by sending packets and analyzing the responses.

computer protection software

Linux kernel security module

iptables is a user-space utility program that allows a system administrator to configure the IP packet filter rules of the Linux kernel firewall, implemented as different Netfilter modules. The filters are organized in a set of tables, which contain chains of rules for how to treat network traffic packets. Different kernel modules and programs are currently used for different protocols; iptables applies to IPv4, ip6tables to IPv6, arptables to ARP, and '''' to Ethernet frames.

antivirus program developed by Kaspersky Lab

Avira Operations GmbH & Co. KG is a German multinational computer security software company mainly known for its Avira Free Security antivirus software. Although founded in 2006, the Avira antivirus application has been under active development since 1986 through its predecessor company H+BEDV Datentechnik GmbH. Since 2021, Avira has been owned by American software company NortonLifeLock (now Gen Digital), which also operates Norton, Avast and AVG. It was previously owned by investment firm Investcorp.

free software intrusion prevention system

TrueCrypt is a discontinued source-available freeware utility used for on-the-fly encryption (OTFE). It can create a virtual encrypted disk within a file, encrypt a partition, or encrypt the whole storage device (pre-boot authentication).

Nagios () is an open-source network and infrastructure monitoring system. It monitors hosts, services, and network devices, sending alerts when components fail and again when they recover. Originally written by Ethan Galstad in 1999 as NetSaint, it was renamed Nagios in 2002 after a trademark dispute. The name is a recursive acronym: "Nagios Ain't Gonna Insist On Sainthood."

free network vulnerability scanning tool

AppArmor ("Application Armor") is a Linux kernel security module that allows the system administrator to restrict programs' capabilities with per-program profiles. Profiles can allow capabilities like network access, raw socket access, and the permission to read, write, or execute files on matching paths. AppArmor supplements the traditional Unix discretionary access control (DAC) model by providing mandatory access control (MAC). It has been partially included in the mainline Linux kernel since version 2.6.36 and its development has been supported by Canonical since 2009.

BlackArch is a penetration testing distribution based on Arch Linux that provides a large number of security tools. It is an open-source distro created specially for penetration testers and security researchers. The repository contains more than 2800 tools that can be installed individually or in groups. BlackArch Linux is compatible with existing Arch Linux installations.

VeraCrypt is a free and open-source utility for on-the-fly encryption (OTFE). The software can create a virtual encrypted disk that works just like a regular disk, but within a file. It can also encrypt a partition or (in Microsoft Windows) the entire storage device with pre-boot authentication.

disk encryption software

Pentoo is a Live CD and Live USB designed for penetration testing and security assessment. Based on Gentoo Linux, Pentoo is provided both as 32 and 64-bit installable live CD. Pentoo is also available as an overlay for an existing Gentoo installation. It features packet injection patched Wi-Fi drivers, GPGPU cracking software, and many tools for penetration testing and security assessment. The Pentoo kernel includes grsecurity and PAX hardening and extra patches - with binaries compiled from a hardened toolchain with the latest nightly versions of some tools available.

nftables is a subsystem of the Linux kernel providing filtering and classification of network packets/datagrams/frames. It has been available since Linux kernel 3.13 released on 19 January 2014.

computer protection software

personal firewall tool

simplified netfilter interface

BackBox is a penetration test and security assessment oriented Ubuntu-based Linux distribution providing a network and informatic systems analysis toolkit. It includes a complete set of tools required for ethical hacking and security testing.

Fail2Ban is an intrusion prevention software framework. Written in the Python programming language, it is designed to prevent brute-force attacks. It is able to run on POSIX systems that have an interface to a packet-control system or firewall installed locally, such as iptables or TCP Wrapper.

Linux IP Firewalling Chains, normally called ipchains, is free software to control the packet filter or firewall capabilities in the 2.2 series of Linux kernels. It superseded ipfirewall (managed by ipfwadm command), but was replaced by iptables in the 2.4 series. Unlike iptables, ipchains is stateless.

In computer networking, xinetd (Extended Internet Service Daemon) is an open-source super-server daemon which runs on many Unix-like systems, and manages Internet-based connectivity.

Linux security module

free software

ntop is computer software that probes a computer network to show network use in a way similar to what the program top does for processes. Not to be confused with the CAD/CAE software nTop (formerly nTopology).

Linux kernel security module

open source security software

computer security software

Linux-VServer is a virtual private server implementation that was created by adding operating system-level virtualization capabilities to the Linux kernel. It is developed and distributed as open-source software.

Project aiming to reduce the risk of attacks on Linux systems

OSSEC (Open Source HIDS SECurity) is a free, open-source host-based intrusion detection system (HIDS). It performs log analysis, integrity checking, Windows registry monitoring, rootkit detection, time-based alerting, and active response. It provides intrusion detection for most operating systems, including Linux, OpenBSD, FreeBSD, OS X, Solaris and Windows. OSSEC has a centralized, cross-platform architecture allowing multiple systems to be easily monitored and managed. OSSEC has a log analysis engine that is able to correlate and analyze logs from multiple devices and formats.

Linux distribution

Linux distribution

patch to the Linux kernel and associated administrative tools that enhances the kernel's security

OSSIM (Open Source Security Information Management) was formerly an open source security information and event management system, integrating a selection of tools designed to aid network administrators in computer security, intrusion detection and prevention.