Not all the users are aware of existence of many GNU/Linux security tools but can use the SSH to install softwares, configure and run public website as an example usage. Here is a List of Essential Security Tools For GNU/Linux Servers Useful to New to Non System Administrator Users to Protect From Exploits. This list will help them to find the packages and guides all over the internet. We have a related guide – Security tools, which is probably helpful in addition to this list.
List of Essential Security Tools For GNU/Linux Servers
Nmap – Nmap is number one port scanning tool to map network and ports. Nmap has well known scripts which can detect known vulnerabilities around network the services.
Wireshark – Wireshark can follow network streams to trace issues. Tcpdump and Tshark are command line or SSH alternative for WireShark. With can view traffic with huge details. Here is Tsahark package for Ubuntu server :
Metasploit Framework – Metasploit is a penetration testing tool with has modules to extend functions to scanning and auditing.
OpenVAS – OpenVAS is a vulnerability scanning set of tools. With OpenVAS, we can manage security vulnerability management from web based dashboard in an easy way.
OSSEC – OSSEC is a host based intrusion detection system or HIDS. We talked OSSEC setup and configuration before in another guide.
Nikto2 – Nikto2 is a web server vulnerability tool to find known vulnerable scripts, configuration issues and security problems.
Lynis – Lynis is a security auditing tool to evaluate the security defences of their *nix systems.
ClamAV – ClamAV is an antivirus software program for GNU/Linux distro which is designed to detect Trojans, viruses, malware and other threats on the system.
chRootkit and Rootkit Hunter – chRootkit and Rootkit Hunter are used to find out rootkits in distros.
Snort – Snort is a powerful tool which helps detection of the intruders and highlights malicious attacks. Snort is a packet filter.
Other tools includes OWASP ZAP, Haka, Faraday, BeEF, Burp Suite, PeStudio, OWASP Offensive (Web) Testing Framework and more :
Mere Knowing This List of Essential Security Tools is Not Enough
It is obvious that even a new SSH user should harden the server with IPTables, Fail2Ban, FTP securing softwares, Port Knocking, configure SSH login properly to force higher security. There are dedicated blogs on security which are reference for the going to be advanced users.