Tools & Solutions

The poster child of the Open Source movement, GNU/Linux is often referred to as simply Linux. In 1983 the GNU project was started by Richard Stallman with the intention of building a "free" (as in speech) version of the Unix operating system. Many utilities were created by the GNU project, but it was not until 1991 when Linus Torvalds, a student in Helsinki, Finland, released the first version of the Linux kernel that tied it all together into one operating system.

The bundling of the Linux kernel with GNU (and other) utilities and applications is referred to as a "Linux Distribution". There are many different Linux distributions available, the most popular of which are Debian (and those based on Debian such as Ubuntu), Red Hat (and its community developed counterpart, Fedora) and SuSE (developed by Novell).

GNU/Linux is known for its stability and power and is the primary OS of the Open Source community.

A descendent of the BSD (Berkeley Systems Distribution) version of Unix created at UC Berkeley in the 1970's, FreeBSD is an excellent choice for a server operating system.

Another descendent of the BSD version of Unix, OpenBSD is designed with security in mind. If you have an application that places security as the highest qualification for the choice of an operating system, then OpenBSD is likely your best choice.

Qmail and Postfix are two of the leading email servers on the Internet.

No one likes getting spam. Unsolicited commercial (or non commercial) email is the cause of billions of lost dollars in the world today. An effective antispam solution is one of the first steps to recovering some of those dollars at any organisation.

SpamAssassin is the leading open source antispam filter. It incorporates numerous rules, including Bayesian analysis and several blacklists, to generate "spammishness" values for messages and tags them accordingly. The decision to route a message to the user's inbox or a spam folder is made later based upon policy.

While Linux itself does not have any known virus issues, often times it is used to route mail to Microsoft Windows based systems. While it is critical to install antivirus software at the client level (i.e. on the PC) it is also a good policy to have a server based antivirus filter for incoming email.

ClamAV is the leading open source antivirus filter. It is updated regularly as the ClamAV team discovers new virus signatures, plus it looks for known Phishing and Pharming scams as they pass through the filters.

Samba is a suite of utilities for providing file and print services to a Microsoft Windows network. It effectively replaces an existing Windows server whose purpose is to provide file and print sharing functionality.

The Linux Terminal Server Project (LTSP) provides a means to allow multiple thin clients to connect to a Linux server. By implementing an LTSP system an organisation can repurpose much of their old computer hardware into thin clients and dramatically reduce maintenance costs by centralising administration to a single point.

The most popular web server on the Internet, Apache accounts for over 65% of all web pages delivered over the Internet.

The PHP scripting language is one of the most common languages used to develop online applications. It is fast, flexible and, if done properly, secure.

Webmin provides a web interface to system administration. User accounts can be created within the Webmin system and various administration tasks (e.g. user management, DHCP changes, email aliases, etc) can be assigned to various users.

Nagios is an open source host, service and network monitoring program. When uptime is critical to your business a monitoring solution is essential. Nagios will keep you informed about the current state of all your network applications.

One of the top bulletin board packages available. phpBB is an excellent tool for fostering community.

Joomla is a fork of the Mambo Content Management System by the primary developers of Mambo. The Joomla framework makes it easy to design a template driven web site that can have many levels of contributors and editors.

A webmail interface that allows users to read, compose and organise their email using their browser.

Sugar CRM is a customer relationship management that is available both as an open source platform and as a commercial one.

Considered by many to be the only competition to Microsoft Office, OpenOffice.org is a suite of office applications that includes a word processor (like MS Word), a spread sheet (like MS Excel), a presentation package (like MS PowerPoint), a database interface (like MS Access) and a drawing program.

OpenOffice.org is the open source version of Sun Microsystem's Star Office package. The OpenOffice.org team is committed to providing an international office suite that will run on all major platforms and use open document formats to ensure both portability and longevity of data.

A cross platform application, OpenOffice.org will run on Windows, MacOS X and Linux.

A feature rich, standards-compliant and secure web browser that is the descendent of the Netscape Navigator browser. When Netscape Corporation released the code for their browser product in 1998 the project was renamed Mozilla. The original Mozilla application included a web browser, an email client, web authoring tools and several other features. Since most users do not require all that functionality in one bloated package the decision was made to split out the various functions into separate and lean packages. Firefox runs on multiple platforms (Windows, MacOS X and Linux), is very fast and, most importantly, secure.

ThunderBird is the email application component of the Mozilla suite. It runs on all major operating systems.

Evolution is a personal information manager for the Linux desktop only. It features email, contact management, task lists and calendaring. Evolution will work with several GroupWare servers including MS Exchange.

The GNU Image Manipulation Program (GIMP) is an image processing program similar to Adobe Photoshop. The GIMP runs on multiple platforms (Linux, MS Windows, MacOS X).

GNOME & KDE are desktop environments for Linux and other Unix like systems. They provide all the functionality users come to expect from their desktop environments, such as program interaction, drag and drop, cut and paste and many others.

Unlike Windows and Macintosh, the Linux world provides a choice of desktop environment. Which one to use is based upon personal preferences and local policy.

GAIM is a multi-protocol instant messaging (IM) client. It allows users to communicate with colleagues over Yahoo! Instant Messenger, MSN, AIM. Jabber and ICQ. It is also a cross platform application that will run on Windows, MacOS X and Linux

The most popular relational database management system (RDBM) on the Internet, MySQL provides the back end for thousands of web sites around the world.

Another relational database management system, PostgreSQL provides more advanced database functionality than MySQL and is comparable in features to Oracle.

OpenLDAP is a suite of software for implementing a Lightweight Directory Access Protocol (LDAP) database. Coupled with many application, OpenLDAP provides the back end for user authentication and directory management.

SSH (Secure Shell) is a suite of networking tools that provides for end to end encryption of the communication. For remote system administration SSH is a requisite for any security expert. It also provides protocols for establish secure tunnels for routing other protocols through as well as a secure file transfer protocol (sftp) server for transferring files without worrying about eaves dropping.

The OpenSSH implementation of the SSH protocol is an open source product that is ubiquitous in the world of security. It provides the basis for applications on numerous platforms.

OpenSSL is an open source toolkit implementing the Secure Sockets Layer (SSL) and it's derived standard, the Transport Layer Security (TLS) protocol. SSL/TLS is the most common mechanism for securing web pages and is the principal technology behind Public Key Infrastucture (PKI) implementations. Using OpenSSL an organisation can establish its own Certificate Authority to allow for secure access to SMTP, IMAP, POP, HTTP and OpenVPN, among others.

Many firewall implementations across the Internet rely upon the Linux kernel to perform efficient and flexible packet filtering. Netfilter and iptables are the building blocks of that framework. Fast highly configurable and very secure, a netfilter/iptables based firewall is a powerful way to protect your network from intruders. It can also be configured on each individual host, providing an added level of security for each system.

Encryption is one of the most overlooked yet critical aspects of communication. Not only is encryption useful to hide sensitive information from prying eyes, it also is the basis for digitally signing a document so that the recipient knows the document is from you and has not been altered during transmission.

In 1991 Phil Zimmerman released his Pretty Good Privacy (PGP) program for encrypting and signing documents. This eventually led to the OpenPGP encryption standard, which today is the most widely used email encryption standard in the world. In 1999 the Free Software Foundation released the GNU Privacy Guard as an open source implementation of the OpenPGP standard.

Although the GnuPG is considered by many to be too difficult to use in daily applications, the Enigmail extension for ThunderBird as well as the native GnuPG functionality built into Evolution make it trivial to implement the use of digital signatures and encryption into your everyday communication.

OpenVPN is a full-featured SSL VPN solution which can accomodate a wide range of configurations, including remote access, site-to-site VPNs, WiFi security, and enterprise-scale remote access solutions with load balancing, failover, and fine-grained access-controls.

Whether you need a VPN for a remote office or to keep your road warriors connected to the home office, OpenVPN is flexible enough to meet your requirements. Based on the time-tested SSL protocol that has secured web transactions for many years, this tool takes advantage of simplicity to avoid the "Complexity is the Enemy of Security" problem inherent in IPSec VPNs and the known insecurity of PPTP based VPNs.

Additionally the OpenVPN solution runs in Windows, Mac OS X and Linux.

For an excellent review of SSL based VPNs please read .