7 free security tools for Linux

Linux may need less security help than other operating systems do, but these tools can give you extra peace of mind.

One of the big advantages of using Linux is that its security tends to be so much better than that of the competing alternatives. That's due in large part to the way Linux assigns permissions, but it's also certainly true that the open source operating system is targeted by malware writers far less frequently than Windows is, in particular, simply because it's less widely used and so much more diverse.

The fact remains, however, that no operating system is perfectly secure. For business users, in particular, a little extra security assurance is always a good idea, at the very least for your own peace of mind.

Here, then, are a few of the best free tools you can use to help keep your Linux systems secure.

1. ClamAV

My favorite antivirus software for Linux is Sourcefire's ClamAV, a free, open source package designed to detect Trojans, viruses, malware and other malicious threats. Included in the software, which now comes preinstalled in several Linux distributions, are a multithreaded scanning daemon, command line utilities for on-demand file scanning, and an intelligent tool for automatic signature updates. Of particular note for past or current Windows users is that the core ClamAV library is also used in Immunet 3.0, a sister solution for Microsoft's operating system.

2. Snort

Also offered by Sourcefire is Snort, an open source network intrusion prevention and detection system that combines the benefits of signature, protocol and anomaly-based inspection. With millions of downloads and more than 300,000 registered users to its credit, Snort is the most widely deployed such technology worldwide, Sourcefire says.

3. Wireshark

Wireshark is a network protocol analyzer that lets you capture and interactively browse the traffic running on a computer network. The software runs not just on Linux but on Windows, OS X, Solaris, FreeBSD and NetBSD, as well. Captured network data can be browsed via GUI or via the TTY-mode TShark utility.

4. John the Ripper

John the Ripper is a free and open source password cracker that can help you detect weak passwords. It's distributed primarily in source code form, but native "pro" versions are available for both Linux and Macs as well; the prepackaged Linux version is priced starting at $39.95. Another similar tool, incidentally, is THC Hydra.

5. Nmap

Short for "Network Mapper," Nmap is a free and open source utility for network exploration or security auditing, but it can also be useful for network inventory, managing service upgrade schedules, and monitoring host or service uptime. Nmap runs on all major computer operating systems. Oddly, it has even been featured in movies including The Matrix Reloaded, The Bourne Ultimatum and The Girl with the Dragon Tattoo.

6. Chkrootkit

Chkrootkit is a free tool designed to check locally for signs of a rootkit infection on your Linux machine. The free software is a very popular choice, but Rootkit Hunter is another, like-minded alternative.

7. Nessus

With more than five million downloads to date, Nessus is one of the most popular vulnerability scanners in the world, its makers say. The proprietary software features high-speed discovery, configuration auditing, asset profiling, sensitive data discovery and vulnerability analysis of your security posture. Personal use of Nessus is free, but enterprises must purchase a subscription costing $1,200 per year per Nessus scanner.

There are, of course, countless other security tools for Linux out there, many of them excellent as well. What are your favorites?

Follow Katherine Noyes on Twitter: @Noyesk .

Join the CSO newsletter!

Error: Please check your email address.

Tags firewallsopen sourceLinuxsecuritysoftwareoperating systemsnon-Windowsnetwork securitysourcefire

More about Cisco SecurityCisco SecurityetworkLinuxMacsMicrosoft

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Katherine Noyes

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts