Download - Open Source for Cyber Security
![Page 1: Open Source for Cyber Security](https://reader031.vdocuments.site/reader031/viewer/2022030309/58f252c91a28ab70698b4571/html5/thumbnails/1.jpg)
Prabath Siriwardena Software Architect & Senior manager, WSO2
![Page 2: Open Source for Cyber Security](https://reader031.vdocuments.site/reader031/viewer/2022030309/58f252c91a28ab70698b4571/html5/thumbnails/2.jpg)
Free/Open Source Software, or FOSS, is software that is liberally licensed to grant users the right to study, change and improve its design since its
source code is made available
![Page 3: Open Source for Cyber Security](https://reader031.vdocuments.site/reader031/viewer/2022030309/58f252c91a28ab70698b4571/html5/thumbnails/3.jpg)
¡ The freedom to run the program for any purpose
¡ The freedom to study and modify the program
¡ The freedom to copy the program so you can help your neighbor
¡ The freedom to improve the program and release your improvements to the public, so that the whole community benefit
![Page 4: Open Source for Cyber Security](https://reader031.vdocuments.site/reader031/viewer/2022030309/58f252c91a28ab70698b4571/html5/thumbnails/4.jpg)
¡ The license should not prohibit free redistribution
¡ The program must include source code and must allow distribution in source code as well as compiled form
¡ The license must allow modifications and derived works, and must allow them to be distributed under the same terms as the license of the original software
¡ The integrity of the author’s source code and reputation must be maintained by requiring derived works to carry a different name or version number from the original software
¡ The license must not discriminate against any person or group of persons
![Page 5: Open Source for Cyber Security](https://reader031.vdocuments.site/reader031/viewer/2022030309/58f252c91a28ab70698b4571/html5/thumbnails/5.jpg)
¡ The license must not restrict anyone from making use of the program in a
specific field of endeavor
¡ The rights attached to the program must apply to all to whom the program is redistributed, without the need for execution of an additional license by those parties
¡ The rights attached to the program must not depend on the program being part of a particular software distribution
¡ The license must not place restrictions on other software that is distributed along with the licensed software
¡ No provision of the license may be predicated on any individual technology or style of interface
![Page 6: Open Source for Cyber Security](https://reader031.vdocuments.site/reader031/viewer/2022030309/58f252c91a28ab70698b4571/html5/thumbnails/6.jpg)
http://news.netcraft.com/archives/2011/01/12/january-‐2011-‐web-‐server-‐survey-‐4.html
![Page 7: Open Source for Cyber Security](https://reader031.vdocuments.site/reader031/viewer/2022030309/58f252c91a28ab70698b4571/html5/thumbnails/7.jpg)
http://www.securityspace.com/s_survey/data/man.201007/mxsurvey.html
![Page 8: Open Source for Cyber Security](https://reader031.vdocuments.site/reader031/viewer/2022030309/58f252c91a28ab70698b4571/html5/thumbnails/8.jpg)
http://en.wikipedia.org/wiki/Usage_share_of_web_browsers
![Page 9: Open Source for Cyber Security](https://reader031.vdocuments.site/reader031/viewer/2022030309/58f252c91a28ab70698b4571/html5/thumbnails/9.jpg)
![Page 10: Open Source for Cyber Security](https://reader031.vdocuments.site/reader031/viewer/2022030309/58f252c91a28ab70698b4571/html5/thumbnails/10.jpg)
![Page 11: Open Source for Cyber Security](https://reader031.vdocuments.site/reader031/viewer/2022030309/58f252c91a28ab70698b4571/html5/thumbnails/11.jpg)
![Page 12: Open Source for Cyber Security](https://reader031.vdocuments.site/reader031/viewer/2022030309/58f252c91a28ab70698b4571/html5/thumbnails/12.jpg)
![Page 13: Open Source for Cyber Security](https://reader031.vdocuments.site/reader031/viewer/2022030309/58f252c91a28ab70698b4571/html5/thumbnails/13.jpg)
![Page 14: Open Source for Cyber Security](https://reader031.vdocuments.site/reader031/viewer/2022030309/58f252c91a28ab70698b4571/html5/thumbnails/14.jpg)
Lot’s of eye balls
![Page 15: Open Source for Cyber Security](https://reader031.vdocuments.site/reader031/viewer/2022030309/58f252c91a28ab70698b4571/html5/thumbnails/15.jpg)
Lot’s of [Expert] eye balls
![Page 16: Open Source for Cyber Security](https://reader031.vdocuments.site/reader031/viewer/2022030309/58f252c91a28ab70698b4571/html5/thumbnails/16.jpg)
Lot’s of [Expert] eye balls
XML signature HMAC truncation authentication bypass DTD based XML attacks XML Signature Wrapping Attack The Java security bug
Double.parseDouble("2.2250738585072012e-‐308");
![Page 17: Open Source for Cyber Security](https://reader031.vdocuments.site/reader031/viewer/2022030309/58f252c91a28ab70698b4571/html5/thumbnails/17.jpg)
Money can’t buy the best evaluation
![Page 18: Open Source for Cyber Security](https://reader031.vdocuments.site/reader031/viewer/2022030309/58f252c91a28ab70698b4571/html5/thumbnails/18.jpg)
Money can’t buy the best evaluation
AES IPSec PPTP
![Page 19: Open Source for Cyber Security](https://reader031.vdocuments.site/reader031/viewer/2022030309/58f252c91a28ab70698b4571/html5/thumbnails/19.jpg)
¡ Absence of meticulous evaluation ¡ Spurious open source ¡ Lack of sponsorship ¡ Lack of proper documentation
![Page 20: Open Source for Cyber Security](https://reader031.vdocuments.site/reader031/viewer/2022030309/58f252c91a28ab70698b4571/html5/thumbnails/20.jpg)
¡ Nessus ¡ Snort ¡ Nagios ¡ SpamAssasssin ¡ ClamAV ¡ OpenSSL ¡ OpenSSH ¡ Ossec HIDS ¡ Wireshark
![Page 21: Open Source for Cyber Security](https://reader031.vdocuments.site/reader031/viewer/2022030309/58f252c91a28ab70698b4571/html5/thumbnails/21.jpg)