Linux security defense tools

Image of tower with text about defensive security

Introduction

Are you in the blue team or doing system administration? Then you probably like a good defense. These are the open source tools for Linux that help to improve your defenses.

Most Linux systems have the goal to fulfill a particular role, like serving web pages or sending email. These are also the type of systems that benefit from having a good layer of defenses. From intrusion detection to malware scanning, there is enough available.

This category will host a range of tools, each with a particular goal in mind. While reviewing tools, consider the different risks to the particular system. Our advice is to select the right defensive tools based on the related risks. If you are unsure about what to select, start with a technical security audit. A tool like Lynis can give a good indication of what is running and needs to be checked. Missing categories will be displayed, like a malware scanner or intrusion detection system (IDS) tool.

Usage

Linux security defense tools are typically used for defense testing, intrusion detection, risk mitigation, system hardening.

Users for these tools include security professionals, system administrators.

Tools

Linux security defense tools
ToolTypeDescriptionLatest releaseRelease dateScore
ArpONMitM defense toolArpON is a host-based tool to improve the security of the Address Resolution Protocol (ARP).UnknownUnknown63
Fail2banLog parser and blocking utilityFail2Ban is an intrusion prevention software framework that protects computer servers from brute-force attacks0.10.3.1April 4, 201896
hBlockAd blocking and tracker/malware protectionHBlock is a security tool to protect against advertisements, trackers, and malware. It does so by altering the /etc/hosts file and block bad or malicious hosts.1.6.6July 14, 201897
MongoSanitizerDefense against MongoDB injection attacksMongoSanitizer is a software component sanitizes MongoDB queries to prevent injection attacks as much as possible.0.0.1July 18, 201760
nixarmorLinux hardening scriptNixarmor is a set of shell scripts to harden Linux systems and help with security automation. It configures the system to increase its security level.UnknownUnknown64