5 Open Source Security Tools for Small Business - Page 2

By Carla Schroder
  • Print Article
  • Email Article

A Safer Search Engine

Your Web-surfing habits are virtual gold mines and literal generators of massive wealth for the likes of Google, Facebook, Akamai, and pretty much every marketer alive with that insatiable hunger for more, more, more customer data, no matter how invasive or ethically questionable the means to get it. It's very difficult to hide your tracks, and you don't even have to visit websites to become ensnared in their data-collection nets. 

Donttrackus has a great presentation on how your data gets vaccumed up and shared. The NSA looks for connections with shady persons and, since we're all just a few clicks away from any random Internet user, we all look guilty.

small business security

Figure 2: The National Security Agency wants all your data (parody logo courtesy Wikimedia Commons, Creative Commons Attribution 3.0 Unported license).

Avoid Google and use DuckDuckGo for Web searches. DuckDuckGo does not collect and mine your search data, it forces HTTPS when it's available (which encrypts your searches to block snoops), and it prevents search leakage. Search leakage sounds like something you should treat with adult hygiene products, but it's more sinister. With other search engines your search terms are known not only to the search engine, but to every site you click on as a result of that search.

Many sites also collect personally-identifiable information from the session between your computer and their site. DuckDuckGo routes your session traffic in a way that foils this kind of personally-identifiable data collection.

Anonymous Web Surfing

Tor, The Onion Router, is a network of thousands of relays that anonymize and obscure your back-trail as you wander the Internet. Tor foils traffic analysis and search leakage. The weak points of Tor are the exit nodes, because just like a prairie dog with a giant network of underground tunnels, you have come to out to visit your destination sooner or later. But theoretically Tor is large enough and dynamic enough to prevent any kind of mapping and analysis of the exit points.

The easiest and most secure way to use Tor is to get TAILS, the Amnesic Incognito Live System. This is a customized live Debian Linux distribution that routes all of your Internet traffic through Tor: Internet chat, Web surfing, email, instant messaging, Skype—everything. TAILS does not install to your hard drive, but runs only from bootable media such as a DVD or USB stick. When you shut it off there are no traces of it on your host system.

End-to-End Encryption

Tor does not provide encryption, so you still need encryption tools to protect your traffic from source to destination. If you have fixed endpoints, such as a remote worker logging in to your work servers, or branch offices connecting directly to each other, then you want a VPN, or Virtual Private Network. This is an exclusive encrypted tunnel between two endpoints over untrusted networks, and it's very strong protection. The best is OpenVPN. OpenVPN offers both a free-of-cost version, which is not hard to setup, and various inexpensive commercial options.

Carla Schroder is the author of The Book of Audacity, Linux Cookbook, Linux Networking Cookbook,and hundreds of Linux how-to articles. She's the former managing editor of Linux Planet and Linux Today.

Do you have a comment or question about this article or other small business topics in general? Speak out in the SmallBusinessComputing.com Forums. Join the discussion today!

Page 2 of 2

Previous Page
1 2
This article was originally published on October 21, 2013
Thanks for your registration