April 12, 2011, 3:22 PM — One of the big advantages of using Linux is that its security tends to be so much better than that of the competing alternatives. That's due in large part to the way Linux assigns permissions, but it's also certainly true that the open source operating system is targeted by malware writers far less frequently than Windows is, in particular, simply because it's less widely used and so much more diverse.
The fact remains, however, that no operating system is perfectly secure. For business users, in particular, a little extra security assurance is always a good idea, at the very least for your own peace of mind.
Here, then, are a few of the best free tools you can use to help keep your Linux systems secure.
My favorite antivirus software for Linux is Sourcefire's ClamAV, a free, open source package designed to detect Trojans, viruses, malware and other malicious threats. Included in the software, which now comes preinstalled in several Linux distributions, are a multithreaded scanning daemon, command line utilities for on-demand file scanning, and an intelligent tool for automatic signature updates. Of particular note for past or current Windows users is that the core ClamAV library is also used in Immunet 3.0, a sister solution for Microsoft's operating system.
Also offered by Sourcefire is Snort, an open source network intrusion prevention and detection system that combines the benefits of signature, protocol and anomaly-based inspection. With millions of downloads and more than 300,000 registered users to its credit, Snort is the most widely deployed such technology worldwide, Sourcefire says.
Wireshark is a network protocol analyzer that lets you capture and interactively browse the traffic running on a computer network. The software runs not just on Linux but on Windows, OS X, Solaris, FreeBSD and NetBSD, as well. Captured network data can be browsed via GUI or via the TTY-mode TShark utility.