Public Domain Tools

There are literally thousands of tools available to help you evaluate, analyze, or manipulate resources in your IT environment. Some do protocol manipulation or are protocol analyzers (to look at or "sniff" traffic on the network) and some focus on your critical network servers like the name service or the Web server. Some of the tools check the integrity of the files on your systems and some check the integrity of a particular database or special operating system file (like the Windows Registry). Some tools are security- specific like deciphering passwords, encrypting or decrypting files, and doing vulnerability assessments. Also, there are a plethora of tools for all varieties of intrusion detection activities.

Some of these tools are for Windows environments, some for various flavors of UNIX, and some are for both. Some are for your wired environment and others are for your wireless infrastructure.

There are many variables to consider when looking at tools, but often, the most important characteristic is cost; some require license fees and others are free. Most of the free tools are part of what is called the Public Domain (also Shareware and Freeware) and are available from a large number of places on the Internet.

Many organizations don't allow the use Public Domain tools because unlike a commercial product, professional support services are not available and the tools don't have predictable upgrades for problems or new features. However, the overarching reason that most organizations don't allow the use of Public Domain tools is because they don't trust them. They fear that these unvetted tools may create or inject more problems than they purport to solve.

This is a huge problem because while there are many helpful and useful commercial products, a significant number of the vital programs that should be a part of every IT staff's toolkit are indeed free, Public Domain tools. In addition, historically, the Public Domain tool writers tend to be much quicker to respond to new technologies and have also been the leaders in new network and security ideas. If the hackers and determined intruders are using them and therefore one step ahead on everybody else, why shouldn't legitimate security professionals use them as well?

What's needed is some organization or consortium to step up and take responsibility for offering clean, vetted, and signed copies of these programs at a nominal cost so they can be used with confidence and without breaking internal security policy.