Small Office and Home Use

Astaro Security Gateway has a free (for home use) firewall. If you have a spare PC around, install this proprietary operating system on it, and insert the machine between your home machines and the Internet.

FireHOL and FireQOS FireHOL is a language (and a program to run it) which builds secure, stateful firewalls from easy to understand, human-readable configurations. The configurations stay readable even for very complex setups. FireQOS is a program which sets up traffic shaping from an easy-to-understand and flexible configuration file.

Both programs abstract away the differences between IPv4 and IPv6. so you can concentrate on the rules you want. You can apply rules for IPv4 or IPv6, or both, as you need.

Security Onion (blog) is a Linux distro for IDS (Intrusion Detection) and NSM (Network Security Monitoring). It’s based on Xubuntu 10.04 and contains Snort, Suricata, Sguil, Squert, Snorby, Bro, NetworkMiner, Xplico, and many other security tools. The easy-to-use Setup wizard allows you to build an army of distributed sensors for your enterprise in minutes! Set up at least one inside and one outside.

Nessus (get the one you pay for).

SpaceWalk is an open source (GPLv2) Linux systems management solution. It is the upstream community project from which the Red Hat Network Satellite product is derived.

cfengine automates large-scale IT computing infrastructure: ensuring the availability, security and compliance of mission-critical applications and services. Based on popular and flexible open source configuration management software, CFEngine configuration management products are highly scalable through decentralized, autonomous agents that can continuously monitor, self-repair, and update the IT infrastructure of a global multi-site enterprise – with negligible impact on system resources or performance.

Kismet, tcpdump, wireshark

IPCop Firewall is a Linux firewall distribution. It is geared towards home and SOHO users. The IPCop web-interface is very user-friendly and makes usage easy.

pfSense for a serious inexpensive firewall and router. pfSense is a free, open source customized distribution of FreeBSD tailored for use as a firewall and router. In addition to being a powerful, flexible firewalling and routing platform, it includes a long list of related features and a package system allowing further expandability without adding bloat and potential security vulnerabilities to the base distribution. pfSense is a popular project with more than 1 million downloads since its inception, and proven in countless installations ranging from small home networks protecting a PC and an Xbox to large corporations, universities and other organizations protecting thousands of network devices. See PaulDotCom episode 220 for an inexpensive hardware platform.

See Proactive Security Challenge for a review of client firewall products. If you test with SSTS, SSTS.zip may be detected as malware, see VirusTotal report.

Norton Safeweb Lite for an “outsourced blacklist (URL filter)” mechanism.

Yubico YubiRADIUS Server Software for secure remote access and VPN with YubiKey for two-factor authentication.

For Windows clients, Microsoft Security Essentials (for malware detection), Microsoft Firewall, Windows Update, Microsoft EMET, ThreatFire from PCTools (to add malware behavioral detection), Immunent Free (for additional malware detection), Personal Software Inspector (PSI) from Secunia (to add software update detection), Shavlik Security Advisor (to add software update detection), a password management mechanism (such as KeePass Password Safe or Password Safe), Firefox, and Norton Safeweb Lite for an “outsourced blacklist (URL filter)” mechanism.

These recommendations are appropriate for individual users and small offices, but lack the central administration (maintenance and event reporting) necessary for a medium to large environment.

Advertisements

Comments are closed.