Top 5 Security-Oriented Operating Systems
After the tremendously successful 2000 and 2003
security tools surveys, Insecure.Org is delighted to
release this 2006 survey. I (Fyodor) asked users
from the nmap-hackers
mailing list to share their favorite tools, and 3,243 people
responded. This allowed me to expand the list to 100 tools, and even
subdivide them into categories. This is the category page for security-oriented operating systems -- the full network security list is available here. Anyone in the security field
would be well advised to go over the list and investigate tools they
are unfamiliar with. I discovered several powerful new tools this
way. I also point newbies to this site whenever they write
me saying “I don't know where to start”.
Respondents were allowed to list open source or commercial tools on
any platform. Commercial tools are noted as such in the list below.
No votes for the Nmap Security
Scanner were counted because the survey was taken on a Nmap
mailing list. This audience also biases the list slightly
toward “attack” hacking tools rather than defensive ones.
Each tool is described by one ore more attributes:
 | Did not appear on the 2003 list |
 | Generally costs money. A free limited/demo/trial version may be available. |
 | Works natively on Linux |
 | Works natively on OpenBSD, FreeBSD, Solaris, and/or other UNIX variants |
 | Works natively on Apple Mac OS X |
 | Works natively on Microsoft Windows |
 | Features a command-line interface |
 | Offers a GUI (point and click) interface |
 | Source code available for inspection. |
Please send updates and suggestions (or better tool logos) to Fyodor. If your tool is featured or you think your site visitors might enjoy this list, you are welcome to use our link banners.
Here is the list, starting with the most popular:
#1
|
BackTrack : An Innovative Penetration Testing live Linux distribution
This excellent bootable live-CD Linux distribution comes from the merger of Whax and Auditor. It boasts a huge variety of Security and Forensics tools and provides a rich development environment. User modularity is emphasized so the distribution can be easily customized by the user to include personal scripts, additional tools, customized kernels, etc.
|
#2
|
Knoppix : A general-purpose bootable live system on CD or DVD
Knoppix consists of a representative collection of GNU/Linux software, automatic hardware detection, and support for many graphics cards, sound cards, SCSI and USB devices and other peripherals. KNOPPIX can be used as a productive Linux system for the desktop, educational CD, rescue system, or as many nmap survey takers attest, a portable security tool. For a security-specific Linux distribution see BackTrack.
|
#3
|
OpenBSD : The Proactively Secure Operating System
OpenBSD is one of the only operating systems to treat security as their very highest priority. Even higher than usability in some cases. But their enviable security record speaks for itself. They also focus on stability and fight to obtain documentation for the hardware they wish to support. Perhaps their greatest achievement was creating OpenSSH. OpenBSD users also love [pf], their firewall tool.
|
#4
|
Helix : A Linux Distribution with Computer Forensics in Mind
Helix is a customized distribution of the Knoppix Live Linux CD. Helix is more than just a bootable live CD. You can still boot into a customized Linux environment that includes customized Linux kernels, excellent hardware detection and many applications dedicated to Incident Response and Forensics. Helix has been designed very carefully to NOT touch the host computer in any way and it is forensically sound. Helix will not auto mount swap space, or auto mount any attached devices. Helix also has a special Windows autorun side for Incident Response and Forensics.
|
#5
|
Bastille : Security hardening script for Linux, Mac OS X, and HP-UX
The Bastille Hardening program "locks down" an operating system, proactively configuring the system for increased security and decreasing its susceptibility to compromise. Bastille can also assess a system's current state of hardening, granularly reporting on each of the security settings with which it works. Bastille currently supports the Red Hat (Fedora Core, Enterprise, and Numbered/Classic), SUSE, Debian, Gentoo, and Mandrake distributions, along with HP-UX and Mac OS X. Bastille's focuses on letting the system's user/administrator choose exactly how to harden the operating system. In its default hardening mode, it interactively asks the user questions, explains the topics of those questions, and builds a policy based on the user's answers. It then applies the policy to the system. In its assessment mode, it builds a report intended to teach the user about available security settings as well as inform the user as to which settings have been tightened.
|
Show All Top 100 Network Security Tools
Or view by category:
Application-Specific Scanners | Password Crackers | Encryption Tools | Disassemblers | Firewalls | Intrusion Detection Systems | Netcats | OS Detection Tools | Packet Crafting Tools | Port Scanners | Rootkit Detectors | Security-Oriented Operating Systems | Packet Sniffers | Vulnerability Exploitation Tools | Traceroute Tools | Traffic Monitoring Tools | Vulnerability Scanners | Web Vulnerability Scanners | Wireless Tools
|
