80 of the Best Linux Security Applications

The aim of this article is to provide the user with a starting point for improving the security of a Linux machine. Basic system security (e.g. having a regular backup strategy, using hard-to-guess passwords, removing services that you don't need) is essential administration in protecting your data. But you need a more sophisticated approach to keep intruders out.

We have identified 80 of the best Linux security applications which help to protect the integrity of a system. For each application we have compiled its own portal page, providing a detailed description of the software, its features, with links to other relevant resources.

All of the software featured in this article is free to download, and almost all released under the GNU General Public License.

Anti-Virus
AMaViS	Mail virus scanner
Avast!	Virus protection, with anti-spyware and anti-rootkit software
AVG Free	Anti-virus and Anti-spyware software
ClamAV	Anti-virus toolkit for e-mail scanning on mail gateways
P3Scan	Scans email messages
Anti-Malware
chkrootkit	Check for signs of a rootkit
OSSEC	Rootkit detection
Nixory	Anti Spyware program open source for Mozilla Firefox
rkhunter	Scans for rootkits, backdoors and possible local exploits
Encryption
GnuPG	Encrypt and sign data and communication
MailCrypt	Simple interface to public key cryptography with PGP
MCrypt	Developer tool for adding a wide range of encryption functions
OpenSignature	Digital signature of documents
PeaZip	Portable, open source archiving, encryption and file split tool
Seahorse	GNOME application for managing encryption keys
Steghide	Hide data in various kinds of image- and audio-files
Stunnel	Encrypt arbitrary TCP connections inside SSL (Secure Sockets Layer)
TrueCrypt	Disk encryption software
Firewalls / Network Gateways
ClarkConnect	Dedicated firewall and Internet server/gateway
FireHOL	Stateful iptables packet filtering firewall configurator
Firestarter	Visual firewall program
Netfilter	Packet filtering framework
IPCop	Linux firewall distribution
ShellTer	Iptables-based firewall
Shorewall	High-level tool for configuring Netfilter
Untangle	Quality open source alternative to SonicWALL and WatchGuard
Turtle Firewall	Firewall configuration project based on Linux 2.4.x/2.6.x and iptables
Vuumuur	Powerful firewall manager built on top of iptables
Intrusion Detection
AFICK	Monitor the changes on your filesystems
BASE	Web front-end to query and analyze the alerts from a SNORT IDS system
Bro	Passively monitors network traffic and looks for suspicious activity
Kismet	Wireless network detector, sniffer, and intrusion detection system
OSSEC	Open Source Host-based Intrusion Detection System
Sguil	Analyst Console for Network Security Monitoring
SNARE	System iNtrusion Analysis and Reporting Environment
Snort	Network intrusion prevention and detection
Snort_inline	Modified version of Snort
Tripwire	Provides configuration audit and control features
Network Monitoring
AIM Sniff	Monitoring and archiving AOL Instant Messenger and MSN messages
Argus	Fixed-model Real Time Flow Monitor
Nagios	Host and network monitoring tool
Nipper	Network Infrastructure Configuration Parser
NSAT	Network Security Analysis Tool
ntop	Network traffic probe that shows the network usage
SEC	Simple Event Correlator
SniffDet	Remote Sniffer Detection Tool/Library
tcpdump	Network debugging tool
Network Traffic Analyzer
dsniff	Collection of tools for network auditing and penetration testing
Ettercap	Multipurpose sniffer/interceptor/logger for switched LAN
ngrep	Network grep
Kismet	Wireless network detector, sniffer, and intrusion detection system
Wireshark	Network protocol analyzer
Packet Crafting
Hping3	TCP/IP packet assembler/analyzer
Nemesis	Packet crafting and injection utility
Scapy	Interactive packet manipulation program
Yersinia	Network tool to take advantage of weaknesses in network protocols
Portscanner
Angry IP Scanner	Fast and friendly network scanner
Knocker	TCP security port scanner
Unicornscan	User-land Distributed TCP/IP stack
Vulnerability Scanner
Nessus	Comprehensive vulnerability scanning software
SARA	Third generation security analysis tool that is based on the SATAN model
Tiger	Perform a security audit of UNIX systems
Log File Analyzers
AWStats	Advanced web, streaming, ftp or mail server statistics, graphically
IPtables Log Analyzer	Analyzes the log output from an iptables firewall
tcpreplay	Use previously captured traffic in libpcap format to test network devices
tcptrace	Analyze TCP dump files
The Webalizer	Web server log file analysis
Data Removal
Darik's Boot and Nuke	Self-contained boot floppy that securely wipes hard disks
Wipe	Secure file wiping utility
Password Management
Figaro's PM	GNOME application that allows password to be securely stored
KeePassX	Lightweight and easy-to-use password manager
VPN Tools
Poptop	PPTP server solution
OpenVPN	Full-featured SSL VPN solution
SSL Explorer	Fully-featured, web-based SSL VPN server
Forensics
ODESSA	Open Digital Evidence Search and Seizure Architecture
Other Tools
Denyhosts	SSH attack prevention
iptables	Configure the Netfilter tables, chains, and rules
mtr	Network diagnostic tool
Netcat	Reads and writes data across network connections
Nikto	Web server scanner performing tests against web servers
OpenSSH	SSH connectivity tools
Smart Sign	Smartcard based digital signature