Nerdegutta's logo

nerdegutta.no

Defensive Linux Security Tools

26.11.25

Miscellaneous

The article below is under editing.

This is a list of some of the Defensive Linux Security Tools. Some make cost som money, but most of them are free.

 

Firewalls

iptables - Netfilter

The netfilter project is a community-driven collaborative FOSS project that provides packet filtering software for the Linux 2.4.x and later kernel series. The netfilter project is commonly associated with iptables and its successor nftables.

firewald - Firewald

Firewalld provides a dynamically managed firewall with support for network/firewall zones that define the trust level of network connections or interfaces. It has support for IPv4, IPv6 firewall settings, ethernet bridges and IP sets. There is a separation of runtime and permanent configuration options. It also provides an interface for services or applications to add firewall rules directly.

ufw - Uncomplicated Firewall

The Uncomplicated Firewall (ufw, and gufw - a Graphical User Interface version of the same) is a frontend for iptables and is particularly well-suited for host-based firewalls. Ufw provides a framework for managing netfilter, as well as a command-line interface for manipulating the firewall.

Guarddog - https://github.com/DataDog/guarddog

GuardDog is a CLI tool that allows to identify malicious PyPI and npm packages, Go modules, GitHub actions, or VSCode extensions. It runs a set of heuristics on the package source code (through Semgrep rules) and on the package metadata.

Vuurmuur - Vuumuur

Vuurmuur is a powerful firewall manager built on top of iptables on Linux. It has a simple and easy to learn configuration that allows both simple and complex configurations. The configuration can be fully configured through an Ncurses GUI, which allows secure remote administration through SSH or on the console. Vuurmuur supports traffic shaping, has powerful monitoring features, which allow the administrator to look at the logs, connections and bandwidth usage in realtime. Vuurmuur is open source software and is distributed under the terms of the GNU GPL. Take a look at the list of Features, see the Screenshots for an impression.

Gufw - Gufw

Gufw is a firewall powered by UFW (Uncomplicated Firewall). For an overview of firewalls, please see Firewall.

Shorewall - Shorewall

Shorewall is a gateway/firewall configuration tool for GNU/Linux

Security Audit

openSCAP

openVAS

Nmap

Nikito

Lynsis

SpiderFoot

Rootkit/Malware

Detection

Wazuh

chkrootkit

rkhunter

Tiger

LMD

Access Control

SELinux

APPArmor

Smack

Grsecurity

Yama

Sandboxing

Bubblewrap

Firejail

Flatpak

Snappy

Chroot Jail

IDS / IPS

Snort

Suricata

Zeek

OSSEC

AIDE

Security Onion

OSSIM

CrowdSec

File Integrity Monitoring

Tripwire

Audtd

Samhain

OSSEC

Atomic OSSEC

Antivirus

Crowdstrike

ClamAV

Rspamd

Log Monitoring

Logwatch

ELK Stack

Graylog

Sagen

Fluentd

OpenObserve

Dynatrace

Disk/Filesystem encryption

dm-crypt

fscrypt

EncFS

Veracrypt

Gocrypt

eCrypfs

SecureFS

Secure Shell

SSHGuard

DenyHosts

Knockd

Fail2ban

Password security

John the Ripper

Hashcat

KeePassXC

pwgen

GoPass

VPN

strongSwan

OpenVPN

WireGuard

Libreswan

SoftEther

Patch Manager

Spacewalk

Katello

RH Satellite

Landscape

NinjaOne

WAFs

ModSecurity

NAXSI

BunkerWab

Coraza

open-appsec

Container Security

Docker Bench

Calito

Clair

gVisor

Grafeas

Falco

Dagda

Cilium

Dockle