Best of Class Tools- Open Source or Freeware

[tonybradley]

I am curious what the opinion is of AO members about what the best open-source and / or freeware tools are for the various categories of security software. I know that Fyodor has a Top 75 list on the NMap site, but I want to get a sampling of AO opinion.

What do you think is the best open-source or freeware tool for:

Firewall
Antivirus
Intrusion Detection
Vulnerability Scanner
Port Scanning
Packet Sniffing
Encryption
Spam Blocking
Spyware / Adware Blocking or Removal
Enumeration Tools
Other Miscellaneous Tools

It would be nice if you could also share WHY you feel that way- what about this product makes you nominate it for "best of class"?

[nihil]

Hi Tony,

I am not being "funny" but don't we need to split between *nix and Windows? being as how you mention "open source"?

Cheers

[tonybradley]

I see the point. I am looking for best of class overall- but it might work as well or better to talk about it in terms of best of class in Windows and best of class in *Nix.

A good percentage of the best tools require a *Nix backend even if they have a Windows GUI interface- like Nessus. I would still consider Nessus to be the best open-source vulnerability scanner for Windows even though you have to set up a *Nix machine somewhere to actually run it.

So- I would be happy to see responses either way. Either simply what you think is the best, or broken down by best for Windows and best for *Nix.

[cgkanchi]

Firewall -- Kerio Personal Firewall for Windows - Nice firewall, very configurable, extremely secure in my experience. IPTables for Linux - 'nuff said.

Antivirus -- H+BEDV Antivir - Very very good detection rates.

Intrusion Detection -- No experience in this area, sorry

Vulnerability Scanner -- Nessus - 'nuff said

Port Scanning -- NMap for both platforms - do you need to ask why?

Packet Sniffing -- Windump/TCPDump to capture - Ethereal to analyze

Encryption -- GPG - Most configurable one I've seen yet

Spam Blocking -- Don't use any

Spyware / Adware Blocking or Removal -- Spybot S&D - I like the immunization

Enumeration Tools -- Nessus

Other Miscellaneous Tools -- Nemesis packet builder. Very useful for resolving conflicts within the network (For example, you have an IP address conflict between two machines. You send an ARP broadcast and see which machines reply using windump/ethereal. Then resolve the MAC addresses and viola! you have the machines causing the conflict)

Cheers,
cgkanchi

[AxessTerminated]

I still don't have much experience in the lines of *nix yet. So my opinions are Windows based.

Firewall - Norton Personal Firewall 2003. I haven't had any conflicts with this, and it hasn't slowed my internet connenction

Antivirus - Panda Antivirus...it's the best, and you can do it free online.

Intrusion Detection - Hmm...Norton does this well, as well as Port Monster 2.0.

Vulnerability Scanner - I would like to have more info on this myself.

Port Scanning - I've only used one before, and it doesn't seem to be too great.

Packet Sniffing - Don't have enough experience to know how these work.

Encryption - ABI Encoder. Choose from several encryption schemes...up to 400-bit encryption. My friend, Lex Luthor, has "f_engima" that also works quite well.

Spam Blocking - Google Toolbar...in all seriousness

Spyware / Adware Blocking or Removal - Ad-Aware 6. That's freeware, correct?

Enumeration Tools - I wouldn't know

Other Miscellaneous Tools - 7zip. Best compression program I've ever seen. Fresh Device's Fresh Download. It's a very nice download manager, and very configurable.

[MrLinus]

Intrusion Detection - Snort. 'nuff said (Prelude Hybrid IDS has potential but it's not there yet)

Spam Blocking - any browser that has popups disabled and CSS page to get rid of flash

Enumeration Tools - nmap. The original and best IMHO

Packet Sniffing - tcpdump. Why mess? 'nuff said.

Vulnerability Scanners - nessus with SARA behind it. Nessus is pretty good but the configuration can be tricky. SARA is a nice decent of the original SATAN. Retina owns the Windows Vul Scanners, IMHO. It's just good.

[kr4y3]

Firewall-Kerio Personal Firewall
Antivirus-I like AVG
Intrusion Detection-Snort
Vulnerability Scanner-nessus is the only one I have any experience with
Port Scanning-nmap
Packet Sniffing-TCPDump
Encryption-dont really use any
Spam Blocking-dont use any
Spyware / Adware Blocking or Removal- AdAware and Spybot S & D
Enumeration Tools- Netcat
Other Miscellaneous Tools- There is a little suite of tools called Paketto and it has some really cool/interesting features. Paratrace is particularly neat IMO.

[dopeydadwarf]

Firewall.....smoothwall......Norton 2003

Antivirus.....Norton 2003

Intrusion Detection.....Norton 2003....never used on nix

Vulnerability Scanner.......Nessus.....Languard and Retina

Port Scanning...NMAP either way

Packet Sniffing......tcpdump..Iris for the lazy (like me)

Spam Blocking.....Spam Assassian

Spyware / Adware Blocking or Removal.....Adware, Spyhunter,

Other Miscellaneous Tools....Active ports is kinda cool



We've given some answers...What about you now Tony?

[HDD]

Firewall - Sygate for Windows and IPTables for Linux
Antivirus - McAfee
Intrusion Detection - Snort
Vulnerability Scanner - No experience
Port Scanning - NMap wins by a mile on both OS's!
Packet Sniffing - IPTraf for Linux, don't know any good ones that work on Windows
Encryption - GPG
Spam Blocking - Don't need one!
Spyware / Adware Blocking or Removal - Ad-Aware 6.0 for Windows has won
Enumeration Tools - NetCat
Other Miscellaneous Tools - The 'net' command in DOS

[VBraga]

Firewall - no_enter (made with Lisp) very stable
Antivirus - Vscan2.0.1-beta is stable but still beta? http://sourceforge.net
Intrusion Detection - Tripwire <---Nice
Vulnerability Scanner - Secure_look.pl <--- http://CPAN.org
Port Scanning - NMap (there a GUI for it out)
Packet Sniffing - IPTraf for Linux, don't know any good ones that work on Windows
Encryption - MD5_GTK++
Spam Blocking - Never used one I use FreeBSD I havent seen 1 popup
Spyware / Adware Blocking or Removal -
Enumeration Tools - NetCat