15 Best Security Tools you should have on Linux
When talking about security many terms come to mind. Hacking, viruses, malware, data loss, etc. Here is our list of the 15 security tools you should be using on your Linux system.
Firejail is a c-based community SUID project that minimizes security breaches by managing the access that applications using Linux namespaces and seccomp-bpf run.
Firejail can easily sandbox server, GUI apps, and login session processes and because it ships with several security profiles for different Linux programs including Mozilla Firefox, VLC, and transmission, it is simple to set up.
ClamAV antivirus is open-source and it is excellent at detecting Viruses and Trojans among other security and privacy threats. It is so reliable it is considered an open-source standard for mail gateway scanning software.
It features a multi-threaded scanner daemon, support for multiple file formats, multiple signature languages, and command line utilities.
3. John the Ripper
John the Ripper is among the fastest password crackers and it is available for multiple platforms including OpenVMS, Windows, DOS, and several Unix flavours.
It is open-source and right out of the box it supports Windows LM hashes and its community-enhanced version packs a lot more features like support for more hashes and ciphers.
Nessus is a proprietary software for scanning network vulnerability. It is free to use for personal tasks in non-enterprise environments.
Its free version allows you to scan up to 16 IP addresses per scanner at high speed complete with in-depth assessments. If you need more user options then you will need to purchase a subscription.
Wireshark is a popular open-source multi-platform utility for analyzing network protocols and packets.
It features rich VoIP analysis, a simple GUI, live capture and offline analysis, export to XML, PostScript, powerful display filters, and many more features that make it an excellent utility for education.
KeePass is a cross-platform open-source password manager that absolves you of the need to remember all your passwords. It stores all its passwords in encrypted databases which can be unlocked with a single master password or key file.
It features a simple UI with a tree view of its folder structure, password groups, export/import, multi-language support, etc.
Nmap is a flexible, portable, open-source tool for scanning networks and making security audits. It is well documented and you can use it to manage service upgrade schedules, network inventory, monitoring server uptime, etc.
Nikto is an open-source web scanner for detecting outdated server software, dangerous files, cookies, and performing both generic and server type specific checks.
It features a template engine for reports, full HTTP proxy support, subdomain guessing, logging to Metasploit, LibWhisker’s IDS encoding techniques, etc.
Snort is an open-source network intrusion detection software currently developed by Cisco. It features all the tools required to stay abreast of the latest security trends and a comprehensive documentation to jump start its usage.
OSQuery is an open-source and cross-platform framework for analyzing networks and security leaks. It is an industry standard for performing continuous tests to check thread safety, detect memory leaks, and binary reproducibility.
OSQuery enables you to query your devices like you would a relational database using SQL commands for security, compliance, and developer operations.
11. Metasploit Framework
Metasploit is mainly used for penetration testing but you can also use it for authenticating vulnerabilities, conducting security assessments, and improving your security awareness to stay ahead of potential attackers.
Gufw is an open-source firewall app that focuses on efficiency and ease-of-use. It features a user-friendly UI with the option to work with a simple or advanced options set. Either way, Gufw is among the easiest firewalls to set up.
Chkrootkit is an open-source utility for detecting local rootkits. A rootkit is any set of software tools used by a 3rd party to hide the changes made to a computer system after a successful security bridge.
14. Rsync Backup
Rsync is an open source bandwidth-friendly utility for making speedy incremental file transfers locally and remotely on Unix and Linux computers.
MTR is a network diagnostic tool containing a consolidated functionality of the trace-route and ping utilities. It is simple to use, command line-based and gives reports in real-time.