With the annual security extravaganza known as the RSA Conference starting this week, I felt it would be appropriate to highlight some of the best free security tools and services that my fellow editors and external security experts have found invaluable to help them do their jobs. The result is this baker's dozen-sized list of free security tools, utilities, and resources that every system administrator should find useful. (A big Twitter hat tip goes out to @The_Ajan, @jjx, @xcoppin, @MrsYisWhy, and @ironfog for offering up their security resource suggestions and favorites.)
1. Data Breach Investigations Report / Verizon RISK Team
Some of the best security resources aren't tools or software, but quality information and analysis. This annual Data Breach Investigations Report (DBIR) -- compiled by the Verizon RISK Team, with help from the U.S. Secret Service and the Dutch High Tech Crime Unit -- provides an expansive overview of data breaches and other security incidents. It's fascinating reading, and provides an inside look at the how, the why, and the when of data breaches.
Getting a glimpse at all of the processes, startup sequences, network connections, system details, and registry data of a Windows PC can be a difficult task without the right tools. That's when a system utility like ESET's SysInspector can come in handy. SysInspector features a slick user interface, a color-coded approach to highlighting potential vulnerabilities, and an active community of users that can help you get the most out of using it.
One of the more popular utilities for analyzing network protocols, EtterCap is a tool that allows you to analyze computers on a network and determine what information they're sending to each other. Like many security tools (and the Force), EtterCap can be used both for good (finding security vulnerabilities) or for evil (executing "man in the middle" attacks).
4. Fyodor's List
There are dozens of security tools and resources available to IT pros and security practitioners, and one of the best places for getting a good summary of all of them is Gordon Lyon's Fyodor's List. This expansive online resource provides information on 125 networking utilities, making it an invaluable ally in helping you find the right software tool for your specific security needs and requirements.
Keeping track of the plethora of online passwords we all use to access everything from banking information to our Facebook accounts can be a time-consuming chore at best, and a severe security vulnerability at worst. Aside from following a sound password selection strategy, having a utility like KeePass automatically mind your online passwords for you can be a handy solution to your password problems.
6. Microsoft Security Essentials
Years ago, many PC antivirus programs were resource-hogging parasites that seemed to slow a system to a crawl while they were trying to protect it. One of the antivirus programs leading the charge for lighter, faster, and more efficient system protection is Microsoft Security Essentials, a free, lightweight program that is ideal for personal use or for businesses with 10 PCs or less.
One of the more popular open-source applications for network exploration is the accurately (and concisely) named Network Mapper, or NMAP. It also does a fantastic job as a more general network analysis tool, helping you get information on all the services, hosts, OSes, firewalls, and other details of an analyzed network. It's also available for Mac, Linux, and most other major OSes.
8.National Vulnerability Database (NVD)
Good information is sometimes the best tool of all, and the information contained in the National Vulnerability Database (or NVD) can be a great resource to help you narrow your focus to the most important threats, or help you avoid purchasing or deploying a vendor application that is rife with security holes and vulnerabilities.
9. Qualys Browsercheck
Having an insecure, out-of-date, or critically vulnerable web browser or browser plug-in can be a big security risk. That's why the free Browsercheck web service from Qualys is a such a great resource. Simply head to the Browsercheck website and it let it do an analysis of your current browser and affiliated plug-ins. Qualys also offers a business edition that allows admins to get a comprehensive view of all the browsers, plug-ins, and associated vulnerabilities on a specific network.
10. Secunia Personal Software Inspector (PSI)
Most PCs are stuffed with dozens of programs and applications, and keeping all of those potential security vulnerabilities patched and updated can seem like an impossible task. That's where Secunia PSI comes in: It does a thorough search of your system, then alerts you to any programs that have available patches and need to be updated. There's also an online version of the app that offers somewhat reduced functionality, but lets you sample what the product can do without a download.
The Splunk marketing team uses the slogan "Finding your faults, just like Mom" to advertise Splunk, and it's an apt description. Splunk helps you comb through the mountains of computer-generated information that a modern IT infrastructure produces, and helps you examine what is happening where by what files. It's a valuable tool for any security professional's toolbox.
Keeping vital data secure on the motley menagerie of storage devices that many IT organizations have to support can be an arduous task under the best circumstances. Free open-source software disk encryption software like TrueCrypt can help: It supports on-the-fly encryption (OFTE), can be used to encrypt an entire volume (or partition), and can even create mountable virtual encrypted disks within files. TrueCrypt helps make it far more difficult for unwanted eavesdroppers to snoop on those highly confidential documents about the revolutionary new product your company is developing. (Or what you're buying your daughter for her birthday.)
Wireshark is a network protocol analyzer that you can use to examine and analyze all of the traffic flowing through a computer network. It's available for many different platforms, supports hundreds of networking protocols and file formats, and has been in continuous development since 1998.
Have any favorite security tools you can't live without? Share the wealth by adding a comment to this blog post or contribute to a discussion about free security tools on Twitter.