50 Open Source Tools To Replace Popular Security Software

Published on: May 18, 2010
Last Updated: May 18, 2010

50 Open Source Tools To Replace Popular Security Software

Published on: May 18, 2010
Last Updated: May 18, 2010

While it’s pretty painless to convert from commercial office software to an open source version, if you’d like to replace commercial security products with open source counterparts, you’ll likely have to do some work.

You may need to combine several open source tools to get the functionality you get from a single commercial product.

Or you may need to educate yourself about underlying technology before you find the open source applications usable.

However, open source security tools do offer a great deal of flexibility – not to mention cost advantages.

If you want complete control over the way your network functions, having access to the source code gives you that ability.

For this list, we’ve compiled a set of open source security tools and their commercial counterparts.

We’re not suggesting that the open source apps have all the same features and use the same methods as the commercial products they can replace.

Instead, we’re saying that they provide end users with some of the same benefits and deserve consideration, particularly as businesses small and large look for ways to stretch their budgets.

Resource Contents show

Open Source Anti-Spam

1.) ASSP Replaces Barracuda Spam and Virus Firewall

ASSP (short for “Anti-Spam SMTP Proxy”) works with existing Exchange, Lotus Notes, or other SMTP servers to stop the delivery of spam.

Note that this a product for organizations, not home users, so you will need to be fairly knowledgeable to use it.

Unlike the commercial Barracude product, it’s software, not a physical appliance, and it only stops spam, not viruses. Operating System: OS Independent.

Open Source Anti-Virus/Anti-Malware

2.) ClamAV Replaces Avast! Linux Edition, VirusScan Enterprise for Linux

One of the best-known open source security software, ClamAv’s anti-virus capabilities have earned it a stellar reputation.

The version available at this site works on Linux/UNIX and is most suitable for larger organizations. Operating System: Linux.

3.) ClamAV for Windows Replaces Panda Cloud Antivirus

Recently released, the official ClamAV for Windows is a partnership between SourceFire (the owner of ClamAV) and cloud-based security provider Immunet.

Because it runs in the cloud, this anti-virus software doesn’t drain system resources, and it’s able to use community-based protection to improve security.

And while both Panda Cloud Antivirus and ClamAV for Windows are free, only ClamAV has source code available. Operating System: Windows.

4.) ClamWin Free Antivirus Replaces Kaspersky Anti-Virus, McAfee AntiVirus Plus, Norton Anti-Virus

Suitable for home users, this front-end for the ClamAV antivirus offers good protection from viruses and integrates into Windows Explorer and Microsoft Outlook.

Unlike the commercial products, however, ClamWin doesn’t automatically scan files in real time as you download them—you’ll have to schedule a scan of your system or manually click on a file to scan it individually. Operating System: Windows.

Open Source Anti-Spyware

5.) Nixory Replaces Webroot Spy Sweeper

Nixory works along with your existing firewall and anti-virus software to eliminate data-mining and spyware threats.

While Spy Sweeper works with all browsers, Nixory is specifically designed for Firefox users. Operating System: OS Independent.

Open Source Application Firewall

6.) AppArmor Replaces Barracuda Web Application Firewall, Citrix NetScaler Application Firewall.

Part of openSUSE and SUSE Linux Enterprise, Novell’s application firewall uses policy-based profiles to control who can access various applications.

This is not an appliance like the Barricuda product, but it does perform many of the same functions. Operating System: Linux.

7.) ModSecurity Replaces Barracuda Web Application Firewall, Citrix NetScaler Application Firewall.

ModSecurity provides a wide range of protection for Web applications. While this site offers software, not hardware, you can also purchase an appliance similar to the Barracuda product from Breach Security. Operating System: OS Independent.

Open Source Backup

8.) Areca Backup Replaces NovaBackup

While not as robust as some commercial backup utilities, Areca Backup does make it easy to backup selected files and folders with compression and encryption.

It’s not a disk-ghosting application, which would allow you to restore your system completely, but it does save important files so you can find them again. Operating System: Windows, Linux.

9.) Partimage Replaces Norton Ghost, NovaBackup, McAfee Online Backup

Unlike Areca, Partimage does save files in a way that provides easy recovery after a crash.

It’s also part of the SystemRescuecd package that contains a number of other helpful tools to help get your system back up and running. However, it’s only available for Linux. Operating System: Linux.

Open Source Browser Add-Ons

10.) Web of Trust (WOT) Replaces McAfee SiteAdvisor Plus.

Very similar to the SiteAdvisor, this add-on for Firefox, Internet Explorer, or Chrome rates sites on their trustworthiness.

When you use one of the major search engines, WOT will show you a red, green, or yellow circle, so you know whether or not the site is safe to visit. Operating System: Windows, Linux, OS X.

11.) PasswordMaker Replaces Kaspersky Password Manager Roboform

PasswordMaker solves the problem of needing to create and remember multiple passwords.

Although it works differently than the password managers listed above, it essentially solves the same problem. Operating System: Windows, Linux, OS X.

Open Source Data Removal

12.) BleachBit Replaces Easy System Cleaner

BleachBit erases the traces of your actions on your computer and speeds up performance by cleaning up your cache, deleting your history, and more.

It can also “shred” files or folders so they can’t be recovered from your hard drive. Operating System: Windows, Linux.

13.) Eraser Replaces BCWipe Enterprise

Even though you’ve deleted a file, someone may be able to recover it from your hard drive using forensics tools.

However, Eraser writes over your old files, completely eliminating all traces of sensitive or personal files. Operating System: Windows

14.) Wipe Replaces BCWipe Enterprise

Like Eraser, Wipe overwrites deleted files in order to make them impossible to restore. Operating System: Linux.

15.) Darik’s Boot and Nuke Replaces Kill Disk, BCWipe Total WipeOut

Sometimes you need to erase an entire hard drive—if you are recycling or donating an old system, for example. DBAN does the job for you quickly and easily. Operating System: OS Independent.

Open Source Encryption

16.) AxCrypt Replaces McAfee Anti-Theft, CryptoForge

The self-proclaimed “leading open source file encryption software for Windows,” AxCrypt makes it easy to protect files and folders in Windows.

From Window Explorer, you just right-click to encrypt, and double-click to decrypt data. Operating System: Windows.

17.) Gnu Privacy Guard Replaces Cypherus

Also known as “GPG,” this Gnu app for encrypting e-mail and other communication is based on the OpenPGP standard—just like the PGP product.

On the down side, this is a command-line project, so it’s not particularly easy to use. Operating System: Windows, Linux, OS X.

18.) Mac GNU Privacy Guard Replaces Cypherus

This version of GPG was designed specifically for the Mac. Again, like the standard version, it’s not particularly user-friendly, but it does get the job done. Operating System: OS X.

19.) gpg4win Replaces Cypherus

And, as you probably guessed, this is a version of GPG for Windows. Unlike the other two versions of GPG listed here, this one includes extensive documentation, including a novice guide for beginners. Operating System: Windows.

20.) PeaZip Replaces WinZip

Like WinZip, PeaZip’s primary purpose is compressing files for archiving or transmission, but also like WinZip, it offers built-in encryption capabilities as well.

PeaZip’s interface isn’t quite as easy to use as WinZip’s, but it can create and read more file types. Operating System: Windows, Linux.

21.) Crypt Replaces McAfee Anti-Theft, CryptoForge

This file and folder encryption app was designed for maximum speed. Thanks to its small size, it works incredibly quickly—and you don’t even have to install anything on your system in order to use it. Operating System: Windows.

22.) NeoCrypt Replaces McAfee Anti-Theft, CryptoForge

Another file and folder encryption utility, NeoCrypt integrates with Windows Explorer much like AxCrypt.

It’s easy to use and supports ten different encryption algorithms. Operating System: Windows.

23.) TrueCrypt Replaces PGP Whole Disk Encryption

Like the PGP product, TrueCrypt can protect your entire hard drive or thumb drive. Incredibly popular, it’s been downloaded more than 14 million times. Operating System: Windows.

24.) WinSCP Replaces CuteFTP, FTP Commander

This utility makes it easy to transfer files using SFTP or SCP. It also includes a fairly basic file manager and FTP transfer capabilities.

However, this is a file transfer client only—you can download files, but not set up your own FTP server. Operating System: Windows.

25.) FileZilla Replaces CuteFTP, FTP Commander

FileZilla transfers files via FTP, SFTP and FTPS. Unlike WinSCP, it also includes a (Windows-only) server version so you can set up your own secure file transfer server. Operating System: Windows, Linux, OS X.

Open Source Forensics

26.) ODESSA Replaces EnCase Forensics, X-ways Forensics, AccessData Forensic Toolkit

Short for “Open Digital Evidence Search and Seizure Architecture,” ODESSA, incorporates a variety of tools for collecting and analyzing digital evidence.

While the project hasn’t been updated in a while, the tools continue to be helpful for analyzing Internet Explorer cookies and Windows files. Operating System: Windows, Linux, OS X.

27.) The Sleuth Kit/Autopsy Browser Replaces EnCase Forensics, X-ways Forensics, AccessData Forensic Toolkit

This project offers a more robust set of forensic tools that run from the command line (The Sleuth Kit) or through a browser interface (Autopsy Browser).

Both provide the user with detailed information about file systems, including deleted data. Operating System: Windows, Linux, OS X.

Open Source Gateway/Unified Threat Management Appliances

28.) Endian Firewall Community Replaces Check Point Security Gateways, McAfee Unified Threat Management (UTM) Firewall , SonicWall, Symantec Web Gateway

The Community version of Endian Firewall transforms any PC (even a pretty old one) into a Unified Threat Management (UTM) appliance that protects your network with a firewall, anti-virus, spam filtering, application level protection, content filtering, a VPN, and more. If you prefer, you can also buy a pre-configured hardware appliance that is based on the same open-source software. Operating System: Linux.

29.) Untangle Replaces Check Point Security Gateways, McAfee Unified Threat Management (UTM) Firewall , SonicWall, Symantec Web Gateway

Untangle combines threat protection, network monitoring, and Web filtering capabilities into a single package.

You can choose the open source package, one of several paid packages that include support, or you can download the open source virus blocker, spam blocker, firewall, Web filter, and other pieces separately. Operating System: Linux.

30.) ClearOS Replaces Check Point Security Gateways, McAfee Unified Threat Management (UTM) Firewall , SonicWall, Symantec Web Gateway

Developed by Clear Foundation, ClearOS’s goal is to “ensure that every small organization and distributed IT environment on the globe can have proper security, filtration, and management tools.”

It includes anti-spam, anti-virus, VPN, and all the other features you’d expect, and it comes with an easy-to-use Web interface. Operating System: Linux.

31.) NetCop UTM Replaces Check Point Security Gateways, McAfee Unified Threat Management (UTM) Firewall , SonicWall, Symantec Web Gateway

Available as either a free open source download for up to five concurrent users or in an enterprise version for unlimited users, NetCop offers the same functions as Endian and Untangle and the commercial UTMs. However, it is not available as a pre-configured appliance. Operating System: Linux.

Open Source Intrusion Detection

32.) Open Source Tripwire Replaces Tripwire

In 2000, the owners of the popular Tripwire intrusion detection and file integrity monitoring software released their source code.

Although Tripwire has since become a commercial, closed source application, this app is based on the original Tripwire code.

It alerts systems administrators when changes have been made to specific files on their networks. Operating System: Windows, Linux.

33.) AFICK Replaces Tripwire

Specifically designed to provide similar functionality as Tripwire, AFICK (short for “Another File Integrity Checker”) also alerts administrators to changes on systems connected to the network. Operating System: Windows, Linux.

Open Source Network Firewalls

34.) IPCop Replaces Barricuda NG Firewall, Check Point Appliances

Instead of buying a firewall appliance, you can make your own with IPCop and an old PC.

Note that while IPCop does provide a firewall for your network, it does not include anti-virus and some of the other features of the commercial product. Operating System: Linux.

35.) Devil-Linux Replaces Barricuda NG Firewall, Check Point Appliances

Like IPCop, Devil-Linux also allows users to turn old hardware into a network firewall. It also lacks the anti-virus protection common in commercial appliances, but this project lets you use the system that is running the firewall as a secure server for a variety of applications. Operating System: Linux.

36.) Turtle Firewall Replaces Barricuda NG Firewall, Check Point Appliances

Like the other tools in this category, Turtle Firewall makes it possible to create your own Linux-based network firewall.

Based on Iptables, it offers a Web GUI that makes defining firewall elements and selecting services easy, or if you prefer, you can edit the XML files directly. Operating System: Linux.

37.) Shorewall Replaces Barricuda NG Firewall, Check Point Appliances

Shorewall (a.k.a. “Shoreline Firewall”) can be used as a network firewall, as a gateway/router/server, or to protect a standalone Linux system.

While it may not be the most intuitive tool for configuring Iptables to create your own firewall, it is very powerful and flexible. Operating System: Linux.

38.) Sentry Firewall Replaces Barricuda NG Firewall

When installed on a PC attached to your network, Sentry Firewall acts as a network firewall, secure server, and/or intrusion detection system. Like Devil-Linux it also boots from a CD. Operating System: Linux.

39.) Vuurmuur Replaces Barricuda NG Firewall

This is yet another Iptables-based Firewall, this time designed to be very easy to use. It also enables remote administration via SSH. Operating System: Linux.

40.) Vyatta Replaces Cisco Products

Vyatta offers router, firewall, and VPN products so similar to Cisco products, that the Web site even contains a handy comparison tool.

In addition to the “core” open source software download, the company also sells software subscriptions and hardware based on the open source product. Operating System: Linux.

Open Source Network Monitoring

41.) Wireshark Replaces OmniPeek, CommView, PacketView Pro

Calling itself “the de facto (and often de jure) standard” for network protocol analysis, Wireshark has won numerous industry awards and boasts a very large user base.

It performs deep inspection of hundreds of protocols and, unlike many of the similar commercial products, it works on multiple platforms. Operating System: Windows, Linux, OS X.

42.) tcpdump Replaces OmniPeek, CommView, PacketView Pro

This tool offers very similar functionality to Wireshark, but works from the command line instead of a GUI. Also, this version suports Linux systems only. Operating System: Linux.

43.) WinDump Replaces OmniPeek, CommView, PacketView Pro

If you want to use tcpdump on a Windows system, this is the app you need. This site also provides a home to WinPcap, the packet capture and filtering engine used in a number of network monitoring tools, including some on this list. Operating System: Windows.

Open Source Password Crackers

44.) Ophcrack Replaces Access Data Password Recovery Toolkit, Passware

Every enterprise network administrator needs a password cracker now and then. This one works fairly efficiently and runs from a CD or can be installed on your system. Operating System: Windows, Linux, OS X.

45.) John The Ripper Replaces Access Data Password Recovery Toolkit, Passware

Especially good at finding weak passwords, John the Ripper searches lists of common passwords looking for a match.

It’s not as good with strong passwords as the commercial apps or Ophcrack, but it works well in the many cases when users choose an easy-to-remember password. Operating System: Windows, Linux, OS X.

Open Source Password Management

46.) KeePass Password Safe Replaces Kaspersky Password Manager Roboform

KeePass and KeePass alternatives store your passwords in an encrypted database so that you only have to remember one master password.

It doesn’t fill in forms for you (like RoboForm), but it does have a strong password generator to help you pick good passwords. Operating System: Windows.

47.) KeePassX Replaces Roboform

If you use Linux or a Mac, this is the version of KeePass for you. Operating System: Windows, Linux, OS X.

48.) Password Safe Replaces Kaspersky Password Manager Roboform

With a very simple interface, Password Safe offers a bare-bones password management system.

It also offers the option of storing different sets of passwords—for example, your work and home passwords—in different databases with different master passwords. Operating System: Windows.

Open Source User Authentication

49.) WiKID Replaces Entrust IdentityGuard, Vasco Digipass

This two-factor authentication solution allows employees to access work servers remotely, customers to access online banking and other applications, and partners to access extranets.

In addition to the free community edition, it’s available in a supported enterprise edition. Operating System: OS Independent.

Open Source Web Filtering

50.) DansGuardian Replaces McAfee Family Protection NetNanny

In addition to blocking known objectionable Web addresses, DansGuardian also uses phrase matching and PICS filtering to filter out undesirable content.

The default settings filter content appropriately for young children, but they can be easily adjusted to provide any level of filtering desired. Operating System: Linux, OS X.

Stay on top of the latest technology trends — delivered directly to your inbox, free!

Subscription Form Posts

Don't worry, we don't spam

Written by Bobby

Bobby Lawson is a seasoned technology writer with over a decade of experience in the industry. He has written extensively on topics such as cybersecurity, cloud computing, and data analytics. His articles have been featured in several prominent publications, and he is known for his ability to distill complex technical concepts into easily digestible content.