Linux Top 3: Network Security Toolkit, Untangle NG Firewall and IPFire
1) Network Security Toolkit 24
There is no shortage of Linux distributions that provide a platform for security researcher to conduct various security research. Among them is the Network Security Toolkit (NST), which was recently updated to version 24-7977. The 24 is a referenced to Fedora, which NST is based on.
Aside from simply integrating existing tools, NST goes a step further and provides a number of innovative capabilities including a new Multi-Traceroute (MTR) networking tool.
A new Multi-Traceroute (MTR) networking tool has been developed for NST 24. This tool provides an interactive Traceroute visual using Scapy similar to the Traceroute Command and has been integrated into the NST WUI. Results from the tool can expose load balance tiers and NAT. NST uses the Python 3 version of Scapy known as Scapy3k. MTR includes new networking features such as running multiple queries with each target, display of Round Trip Time (RTT), selection of using Network Protocols: TCP, UDP and ICMP and enhanced SVG graphical results. Key NST WUI integration features include GUI options interface, an interactive MTR SVG graphic, NST IPv4 Address Tools integration, IPv4 Address Geolocation, MTR session Packet Capture, ASN lookup, MTR historical session selection and management, MTR SVG graphic editing, MTR session console output access and SVG Graphic image conversion.
2) Untangle NG Firewall 12.1
The Untangle Firewall is a small office firewall distribution that was updated to version 12.1 on July 13. Among the key improvements is an enhanced user interface that aims to make it easier to use and manage.
In addition to the user interface enhancements, NG Firewall version 12.1 provides new geolocation capabilities for all traffic. NG Firewall’s Integrated Rules EngineTM can utilize geolocation data to allow network administrators to create and apply rules based on client or server latitude and longitude or country. This enables network administrators to quickly triangulate where a threat is originating and create an appropriate policy response. Geolocation data is also available in NG Firewall’s reports and widgets.
3) IPFire 2.19
IPFire is another open-source firewall distribution and it has recently been updated to version 2.19, core update 103. The new update is mostly a basic package upgrade with the Squid web proxy being the big item, moving to version 3.5
Sean Michael Kerner is a senior editor at LinuxPlanet and InternetNews.com. Follow him on Twitter @TechJournalist