The InfoWorld Bossies are chosen annually by Test Center editors, analysts, and reviewers. The winners represent the best free and open source software we've used. Our choices for security were led by contributing editor Victor R. Garza, with a contribution from senior analyst Mario Apicella.
Got an open source favorite we missed? Please send us a note.
The choice here is between two strong contenders, AppArmor and SELinux. Last year we picked SELinux, included in Red Hat and a favorite with the security community. This year we’re going with AppArmor, due to its superior ease of use and, well, momentum. AppArmor continues to be bundled with Suse and has caught on with Ubuntu and Mandriva. AppArmor protects applications through the use of mandatory access controls: permissions set by the underlying system – not by users – that prevent coding flaws or bugs in applications from being manipulated for malicious purposes.
When we first saw Metasploit back in 2004 at the DefCon hacker conference, we knew it would become a staple for security professionals the world over. And sure enough, Metasploit has become the de facto standard attack and penetration toolkit. Extremely extensible, and constantly updated to home in on the latest server and host vulnerabilities, Metasploit has the right stuff to test the perimeter of your network for holes, or determine whether your SQL or Web server or Unix, Linux, or Windows host can be compromised. If you have important systems to protect, point Metasploit at them yourself before someone else does.
Windows Password Cracker
An admin shouldn’t be in the business of cracking passwords but this can be the only options when employees leave and take their password with them. Ophcrack is capable of loading passwords’ hash codes directly from a Windows (XP or Vista) machine or from a file. The application includes large rainbow tables to scan with those hash codes, promising to return a missing password with impressive accuracy. Ophcrack also installs on Linux/Unix and Max OS X; a LiveCD version runs directly from the medium, no install needed. Perhaps Ophcrack won’t be the most used tool in your drawer, but it is one that can save the day.