Tuesday | 14 October, 2008
CIO
The Cheapskate's Infosecurity Toolbox
A list of free-to-download tools for the budget-pinched CIO or CISO
Ken Pfeil 07 February, 2007 15:14:29
Page:

Related Topics
(Security)
(CIO Careers)
Related Stories
  • +

    Can Macs conquer the enterprise? 11 January, 2008 10:55:53

    The field is wide open for a Macintosh insurrection on the business desktop. It could happen, but probably won't. Here's why.
    If Apple were a football team, the New England Patriots would have had some serious competition this year.
  • +

    10 things we hate about laptops 16 November, 2007 12:40:09

    Sure, laptops have revolutionized the way we compute. That doesn't mean they don't drive IT bonkers.
    Damaged. Lost. Stolen. Too big, too small. Insecure and unreliable. And just plain annoying. If you're in IT, there's just not much to like about laptops.
Additional Resources
Executive Guides
Whitepapers
white paper Read up on the latest ideas and technologies from companies that sell hardware, software and services.

Newsletter Subscription

Sign up for our CIO newsletters!
Weekly coverage of the issues that impact corporate and government information
RSS Feeds

As we all know, not everyone is fortunate enough to have a blank cheque for security-related procurement and implementation. Making the best of your allocated budget may at times call for primary or supplementary solutions that are freely available. This strategy cuts procurement time completely out of the loop as well. Here's a list of security tools available on the Web for free that you should add to your toolbox.

BartPE: Preinstalled Environment Troubled by that incessant spyware or virus that just doesn't seem to go away? Need a way to troubleshoot a system without booting the operating system installed on it? BartPE and the right plug-ins will let you do this. www.nu2.nu/pebuilder

Snort: Open Source Intrusion Detection System Arguably the world's most used Intrusion Detection System. Both Windows and Linux binaries are available. www.snort.org

VMWare Server: A virtual environment It finally happened: VMWare is available for free. Patch management, QA, vulnerability remediation testing and other daily activities are now available without a significant capital investment. VMWare also offers images of various environments, configurations and operating systems available for download (they're called "appliances") and ready to use in conjunction with the main product. Just download, point VMWare to the image and test away! www.vmware.com/products/server

DataRescue's IDA Pro Freeware 4.3 disassembler and debugger Although not posted on the DataRescue site any more, the free version of their utility will turn up with a quick Google dig. Try www.programmersheaven.com/

OllyDbg disassembler and debugger Probably the world's most used debugger disassembler. Gives most commercial debuggers a good run for their money. www.ollydbg.de

eEye Digital Security's Binary Diffing Suite A good, free suite of binary diffing tools you can use to see the effect that a released patch may have on your environment. Read the Web site, as there are some platform dependencies. research.eeye.com/html/tools/RT20060801-1.html Cygwin: Linux-like environment for Windows Need to run some scripts or programs that previously ran only under Linux? Do you miss your Linux command line when running Windows? www.cygwin.com

Nagios: An open-source host, service and network monitoring program Not for security only, but Nagios can be used to monitor for events that typically have security implications. This is one that both the CIO and CISO will agree upon. www.nagios.org

iptables and Firewall Builder: Firewall and Management Interface Don't have the deep pockets for a Checkpoint, Cisco or Juniper? iptables comes with most Linux distributions. Not comfortable using a command line to manage it? Firewall Builder is an intuitive way to install and manage the rule set. Get a couple of credit card CDs, create a bootable distribution, and you've got a firewall in your pocket. www.iptables.org and www.fwbuilder.org

Apache SpamAssassin: Fight Spam at the Gateway Not really a secret to most people. With the right configuration this is difficult to beat no matter how much you spend on an antispam solution. spamassassin.apache.org/index.html

Page:
More about IDA, Google, Microsoft, eEye Digital Security, NU, Juniper, Cisco, Apache, Gateway, Linux, VMware, MBSA, INS, Ecora
Market Place
21 October 2008 Live webinar: Learn how to orchestrate activities between a request management process and HP/Mercury/Quality Centre
Reduce TCO for SAP with Linux. Get the white paper that proves your Linux is SAP ready.
Computerworld SOA Summit: Improve your margins and eliminate inefficiencies. Register now | 17th October 2008
Cut Printer costs! Printing costs can be up to 3% of turnover, cut them by up to 50%.
New white paper | Improving Sales Productivity: An Opportunity for Sales and IT Leadership | Download now
Uncover the security challenges faced when defining and implementing security mechanisms within wired and wireless network environments.
CRM Webcast: Learn how to find a CRM solution that fits into your existing business environment. Tune in now.
Webcast: How to get the best out of your network featuring expert analysts, to view now click here
 

Smart SOA World Tour

Discover how SOA can create smarter outcomes for your business.

Attend and learn:

  • How SOA is helping leading companies to become more agile
  • Where you should be applying SOA processes in your company
  • The top SOA implementation mistakes to avoid

Click here for more information.
  • +

    CIO Live Podcast #79: Brent D Taylor, author of The Outsider's Edge: The Making of Self-Made Billionaires Part II 05 October, 2007 06:00:00

    For his new book, The Outsider's Edge: The Making of Self-Made Billionaires, social researcher Brent D Taylor spent four years of intensive research investigating the psychological make-up and backgrounds of some of the world's richest men and women, including IT luminaries Bill Gates, Larry Ellison and Steve Jobs. Taylor discovered that, despite working in different industries and coming from different upbringings, they all have one thing in common -- they are all outsiders.
    [ MP3 (7.32 MB) | Windows Media (5.67 MB) ]
  • +

    CIO Live Podcast #78: Brent D Taylor, author of The Outsider's Edge: The Making of Self-Made Billionaires 28 September, 2007 17:34:25

    For his new book, The Outsider's Edge: The Making of Self-Made Billionaires, social researcher Brent D Taylor spent four years of intensive research investigating the psychological make-up and backgrounds of some of the world's richest men and women, including IT luminaries Bill Gates, Larry Ellison and Steve Jobs. Taylor discovered that, despite working in different industries and coming from different upbringings, they all have one thing in common -- they are all outsiders.
    [ MP3 (7.56 MB) | Windows Media (5.14 MB) ]
  • +

    CIO Live Podcast #77: Panasonic Speeds Up Trans-Pacific File Transfers, Part III 21 September, 2007 07:00:00

    Part three in our three-part special report from CIO's sister publication Network World in the US, as Paul Desmond reports from the Network World IT Roadmap Conference in Santa Clara, California. With development teams in the US and Japan, Panasonic needed a more efficient way to move very large files between the two locations. Iben Rodriguez, IT consultant for Panasonic Research and Development, explains how a storage-area network and virtual server technology helped speed up WAN performance.
    [ MP3 (4.90 MB) | Windows Media (4.40 MB) ]
  • +

    CIO Live Podcast #76: Panasonic Speeds Up Trans-Pacific File Transfers, Part II 14 September, 2007 07:00:00

    Part two in our three-part special report from CIO's sister publication Network World in the US, as Paul Desmond reports from the Network World IT Roadmap Conference in Santa Clara, California. With development teams in the US and Japan, Panasonic needed a more efficient way to move very large files between the two locations. Iben Rodriguez, IT consultant for Panasonic Research and Development, explains how a storage-area network and virtual server technology helped speed up WAN performance.
    [ MP3 (5.89 MB) | Windows Media (4.84 MB) ]
  • +

    CIO Live Podcast #75: Panasonic Speeds Up Trans-Pacific File Transfers, Part I 07 September, 2007 07:00:05

    Part one in our three-part special report from CIO's sister publication Network World in the US, as Paul Desmond reports from the Network World IT Roadmap Conference in Santa Clara, California. With development teams in the US and Japan, Panasonic needed a more efficient way to move very large files between the two locations. Iben Rodriguez, IT consultant for Panasonic Research and Development, explains how a storage-area network and virtual server technology helped speed up WAN performance.
    [ MP3 (6.41 MB) | Windows Media (5.13 MB) ]
  • +

    Cutting Through the Spin of Recent Vulnerability Disclosures 13 October, 2008 10:53:00

    The FUD surrounding the ClickJacking and TCP/IP vulnerabilities has the world seemingly frozen in fear. But once you cut through the spin, the vulnerabilities aren't all that they were made out to be.
    There are a few highly publicised vulnerabilities at the moment which haven't completely been disclosed and which, it is claimed, could threaten the whole Internet as-we-know-it. Only, when the vulnerabilities are finally disclosed, it seems that the whole incident has been somewhat Chicken Little.
  • +

    PCI app security: Who's guarding the data bank? 13 October, 2008 11:09:00

    Compliance strategies for PCI's new application security requirements
    While Willy Sutton never really said it, the truth is that people rob banks because that is where the money is. Today's criminals don't walk into banks with loaded guns and get-away drivers. Rather they connect from a remote location using a browser and are armed with hacking tools and spyware.
  • +

    Data-center security tools to not overlook 10 October, 2008 11:37:00

    With the rise of security suites, it's time to consider some emerging security tools and rethink others
    Protecting a corporate data center is like trying to keep an elephant safe from a swarm of flies. Despite your best efforts, bites happen. As the staples of security -- such as firewalls, antivirus software, spam and spyware filters -- come together in suites of products that allow for sophisticated management, there are other security tools either emerging or worth a rethink.
  • +

    IBM, Secret Service, others study identity/cybercrime issues 09 October, 2008 10:09:00

    Center for Applied Identity Management Research organization teams experts in criminal justice, financial crime, biometrics, cybercrime and cyberdefense, data protection, homeland security and national defense.
    IBM, LexisNexis and the Secret Service are among a group of corporations, government agencies and academic institutions that has formed to study and help solve identity management challenges around cybercrime, terrorism and narcotics trafficking.
  • +

    Strange account management at Amazon 09 October, 2008 09:51:00

    A careless login led to the discovery of some strange ccount management practices at one of the Internet's largest retailers.
    Via the RISKS mailing list comes an interesting tale of poor online account management at a major online retailer. According to Graham Bennett, accounts with Amazon display an odd behaviour that doesn't seem to have attracted much attention in the past.
CIO Webcast Innovation #8 - What are the biggest roadblocks to IT's involvement in innovation at your company?
Watch the latest latest edition of CIO Innovation which is now available for download.
Watch the webcast
Sign up to the CIO Innovation update email


CIO Live Podcast #79: Brent D Taylor, author of The Outsider's Edge: The Making of Self-Made Billionaires Part II
Listen to the latest edition of CIO Live which is now available for download.
Listen to the podcast
Sign up to the CIO Live email
Get a job Careerone
Whitepaper
Wireless LANs: Is my enterprise at risk?

Read Whitepaper

Wireless LANs: Is my enterprise at risk?

Achieve an overall understanding of the risks associated with wireless LANs. Discover their inherent properties, as well as what makes them different from wired networks. Read on to uncover a list of recently published articles on real-life breaches and incidents illustrating the need for proactive measures to mitigate wireless security risks.