With security constantly in the news lately, you can’t help but feel ill at ease and vulnerable — vulnerable to teams of hackers whose only motivations are to expose and attack their victims. Perhaps you think you’ve done due diligence by keeping your patches updated, installing security fixes, and maintaining a corporate firewall. Those methods are effective about 50 percent of the time. For the other 50 percent, you need to do more. You need penetration testing, security audits, intrusion prevention and intrusion detection, and you need to plug security holes that only hackers know about by using the tools they use to compromise your systems.
Security is expensive no matter how you slice it but it doesn’t have to be a death knell for your business. This list of 10, in no particular order, security-enhanced Linux distributions can give you peace of mind by beating hackers on their turf.
1. Astaro Security Appliance
Formerly known as Astaro Security Linux, the Astaro Security Appliances come in three flavors: Hardware, software and virtual. In the virtual appliance category, Astaro offers appliances built specifically for network security, mail security, Web security and Web application security. Its virtual appliances hold the VMware Ready certfication.
The network security virtual appliance, for example, includes a configurable firewall, intrusion protection, DoS attack protection, NAT tools, VPN, IPSec Remote Access, LDAP authentication integration, and bandwidth control. Sophos recently acquired Astaro to create one of the world’s leading security companies. Sophos boasts over 100 million worldwide business users in more than 150 countries.
2. BackTrack Linux
BackTrack Linux is the highest rated and most acclaimed Linux security distribution. BackTrack is not a business desktop or server system but is a security-oriented system built solely for the purpose of network and computer penetration testing. BackTrack can be run from a bootable DVD, a thumbdrive or a hard disk. BackTrack Linux is a specialized distribution created to assist security professionals in performing security audits on target networks. But, with BackTrack Linux, you don’t have to be a seasoned security professional to use it — even security newcomers will find BackTrack easy to setup, use, and update. You can download BackTrack as an ISO image or as a VMware virtual machine.
IPFire is a firewall distribution that is small, highly secure and easy to use. IPFire developers and maintainers are experienced security professionals. Like BackTrack, IPFire enjoys widespread adoption and an active user community. IPFire has its own special packaging system called Pakfire. The Pakfire system is unique to IPFire and delivers all updates and new packages via encrypted transfer and digital signatures. IPFire also features easy addon installation. Addons include Samba, NFS, mail services, anti-virus, multimedia applications, VoIP applications, intrusion detection, network tools, security tools, backup tools and dozens of other applications.
4. Lightweight Portable Security
The Lightweight Portable Security (LPS) distribution boots a thin Linux system from a CD or USB flash drive. It isn’t meant to be run from a local hard disk. The intended use for LPS-Public version is to allow safe, public, general-purpose Web browsing and LPS-Remote Access is only for accessing internal networks. Since the system allows no traces of activity or browsing history, administrators must pay strict attention to limit where LPS users may browse by means of filtering through a proxy server. Users should reboot between sessions to clear any potential malware or browser hijacking that took place during previous sessions. LPS provides secure browsing during banking transactions or other security-sensitive sessions.
5. Live Hacking DVD
This live DVD distribution is exactly what it sounds like: An ethical hacker’s playground (workbench). There is also a CD version (Live Hacking CD). The DVD comes with a fully graphical desktop interface (GNOME) and the CD version is command line only. The CD version is as powerful as its graphical counterpart because most of the hacker tools are command line. The Live Hacking system requirements are minimal. You can use an old Pentium III or IV class system and as little as 512 MB RAM, although the developers recommend 1 GB RAM. To download and use the Live Hacking distribution, you must accept the Terms and Conditions which state that the tools are for ethical hacking only.
6. EnGarde Secure Linux
EnGarde Linux is a Linux server distribution that is secure and perfect for use as an Internet server. It features intrusion detection, simple administration, secure network services, built-in alerts, Web services, DNS services, firewall, mail services and access to the Guardian Digital Support Network (GDSN). The GDSN provides free access to all system and security updates. EnGarde Regularly scheduled updates the first Tuesday of every month. Try before you buy with a downloadable live CD version of EnGarde.
NetSecL is an OpenSUSE-based distribution that features GrSecurity, chroot hardening, auditing, and includes penetration testing software. It is versatile enough to be used as a desktop, server, or ethical hacking system. It is a live DVD but you can also install it to a hard disk. GrSecurity is an independent suite of security enhancements used by ISPs, hosting companies, and projects like NetSecL. Other tools included with NetSecL are Amap, Ettercap, Hydra, Kismet, Nessus, Nmap, Metasploit, and PADS.
8. SmoothWall Express
The SmoothWall Open Source project began in 2000 and continues to be an excellent business firewall solution. SmoothWall Express (SWX) is a security-hardened GNU/Linux operating system with a simple to use web interface. The primary goals of the SWX project are to create and maintain a simple firewall system, support a variety of hardware, work with multiple connection methods, run on inexpensive and commodity hardware, develop a supportive user community and support the project via the commercial venture SmoothWall Limited. SmoothWall Limited manufactures several different SmoothWall hardware security appliances suitable for networks of all sizes.
9. Openwall GNU/Linux
Openwall GNU/Linux (OWL) is a small, security-enhanced distribution suitable for virtual appliances, hardware appliances, and physical servers. OWL is binary compatible with Red Hat Enterprise Linux. OWL is also a distribution used by many security professionals for security penetration testing and password cracking. Openwall also develops other security products such as the famous John the Ripper password crack utility, phpass, passwdqc, and tcb.
Vyatta is a commercial security appliance vendor delivering appliances for every network class including cloud architectures. Included in Vyatta’s product line-up is the Vyatta virtual network appliance. Vyatta virtual appliances work in VMware, Xen, XenServer, and KVM environments. The virtual security appliance includes a stateful firewall, IPSec and SSL-based VPN, intrusion detection, filtering, dynamic routing and router-based services such as NAT, DHCP and is IPv6-ready.
Ken Hess is a freelance writer who writes on a variety of open source topics including Linux, databases, and virtualization. He is also the coauthor of Practical Virtualization Solutions, which was published in October 2009. You may reach him through his web site at http://www.kenhess.com.