Germany's Federal Office for Security in Information Technology (BSI) has developed a free, open-source based tool that allows public and private sector organizations and companies to test the security of their networked systems, the agency announced Friday.
The tool, BSI Open Source Security Suite (Boss), is based on a remote security scanner system developed by the Nessus Open Source Vulnerability Scanner Project. Nessus software includes more than 7,000 plug-ins to test the security of all relevant networking products, according to BSI. The software's user interface has been modified to make the application easier to use, the agency said.
Boss also draws on other open-source software applications available via Knoppix, a GNU/Linux distribution that boots and runs completely from CD. Knoppix includes recent Linux software and desktop environments, with programs such as OpenOffice.org, Abiword, The Gimp, Konqueror, Mozilla, Apache and MySQL.
In addition, BSI has integrated a Security Local Auditing Daemon (SLAD), which manages a range of security software, such as Tiger, John-The-Ripper, Tripwire, LSOF, ClamAV Antivirus and Chkrootkit.
The new security tool developed by BSI can thoroughly check core systems for internal security weaknesses or recent attacks, helping organizations and companies track down security problems, according to the agency.
The free software can be downloaded from BSI's Web site at: http://www.bsi.bund.de/produkte/boss/index.htm#download.
The software will also be available on CD at the BSI booth during the LinuxTag 2005 conference from June 22 to June 25 in Karlsruhe, Germany.