'Wide open' means extra security

The vast majority of security appliance devices are not only built on open source platforms, but also actively use other open source products to accomplish their given tasks

There's a reason nearly every security appliance vendor uses open source tools, and it has little to do with licensing. The vast majority of these devices -- ranging from spam and spyware filters to network scanners to intrusion detection and prevention systems -- are not only built on an open source platform such as Linux or FreeBSD, but they also actively use other open source products to accomplish their given tasks.

On any platform, the most popular network port scanner and OS fingerprinting application is Nmap -- either on its own or integrated into dozens of other applications. Nmap, an open source tool, provides a quick and accurate method of determining open ports on any given IP address or subnet; it can also determine the OS of a particular device by examining the way IP packets are constructed.

Another example is Nessus, a popular open source vulnerability scanner. Nessus can use Nmap to scan a host, but goes much further by attempting to trigger potential exploits on the target system to verify its integrity. The plug-ins available for Nessus number in the thousands, and more are added on a regular basis as exploits are discovered -- thanks, again, to the fact that the source code is readily available.

Snort, the widely used IDS (intrusion detection system), is also notable. As is Nessus, Snort is available packaged as a commercial product, but the open source version is still going strong. Other open source tools, such as OpenSSH and OpenSSL, are industry standards, in use everywhere, by thousands of different products, on dozens of platforms.

And last, there's the operating system layer itself. Although no OS is truly secure, security tools offered on a Windows platform are immediately suspect, due to well-documented security issues of the underlying OS. Linux, FreeBSD, NetBSD, or OpenBSD-based products have a much better security track record (OpenBSD claims to have had only one remote hole in the default install in more than eight years).

To the uninitiated, the concept of open source may seem at odds with high security. The prevailing thought is that making the source code available makes it easier for hackers and virus writers to exploit bugs in the code. You only have to look at Microsoft, one of the most staunchly proprietary software vendors around, to see that this really isn't true; in fact, the opposite is true.

A commercial product may have a QA team of a few dozen people, but most significant open source projects -- those that are served by vibrant and growing communities -- effectively have QA teams numbering in the thousands. Many of those folks know the code intimately, as they've contributed to the project. This leads to a more secure product, as bugs are exposed quickly and the fixes are subject to review by many more pairs of eyes than are available in a commercial setting. As a result, a great many security professionals view open source as being more secure than proprietary code, and this impression is finally beginning to penetrate throughout the industry.

Join the newsletter!

Error: Please check your email address.

More about INSMicrosoftOpenBSD

Show Comments

Market Place