SecuraBit » testing

Latest tools from Defcon 16

Andrew — Sat, 23 Aug 2008 00:46:30 +0000

Thanks to Mubix for his posting on ZDNet, below you will find a link that describes all of the latest tools that were presented at Defcon 16. Use them at your own discretion and make sure you have permission if using them on an enterprise network! As Mubix has no control over the ZDnet posting, you can visit his site and keep up-to-date on the latest happenings.

Latest tools from DC16!

And if Jay Beale is reading this, we want Middler to come out!

SnortSP 3.0 Available now!

Andrew — Tue, 08 Jul 2008 16:38:04 +0000

I know I’m a few days late, however Snort Security Platform (SnortSP) 3.0 Beta is available from Snort’s website. SnortSP 3.0 is the software platform which has traffic analysis engine modules that plug into SnortSP. It still runs on the 2.8.2 detection platform but it runs as a SnortSP engine module.

Some of the major features include:

Shell-based user interface with embedded scripting language
Native IPv6, MPLS and GRE support
Native support for inline operation
More subsystem plugin types such as data acquisition modules, decoders and traffic analyzers
Multithreaded execution model – multiple analysis engines may operate simultaneously on the same traffic
Performance increases

I’ve been messing around with it for a few days now and have found it to be an entirely different program altogether as the syntax and commands to get it up and running can become rather of a headache when first starting out. Overall though I like the idea of multiple detection analysis engines as well as the shell-based interface therefore preventing you from simply killing the snort process inadvertently. Anyways, thought I’d let you all know that it’s there now for all your sniffing needs!

Theme Testing

Chris — Sat, 07 Jun 2008 21:01:09 +0000

There will be some oddities going on today while I test out a new theme. It’s nowhere even near finished, I just want to tweak the interactions it has with the current content on the site.