Archive | Countermeasures


22 March 2007 | 4,496 views

Check Point VPN-1 Power VSX NGX – Virtual Firewalls Get Clustered

Clustered Firewalls? What on earth next, beowulf IDS systems? Check Point has added cluster support and more granular controls to its virtual firewall software, memorably named Check Point VPN-1 Power VSX NGX. Virtual firewalls can now be distributed around a server cluster, with standby firewalls on alternative servers. System administrators can also shift processor power [...]

Continue Reading


13 March 2007 | 8,733 views

PwdHash from Stanford – Generate Passwords by Hashing the URL

The Common Password Problem. Users tend to use a single password at many different web sites. By now there are several reported cases where attackers breaks into a low security site to retrieve thousands of username/password pairs and directly try them one by one at a high security e-commerce site such as eBay. As expected, [...]

Continue Reading


07 March 2007 | 7,687 views

Microsoft’s Live OneCare the WORST Anti-Virus Solution

An Austrian web site called AV Comparatives has done an ‘independent‘ test of 17 different Anti-Virus products and released the results online. On this site you will find independent comparatives of Anti-Virus software. All products listed in our comparatives are already a selection of some very good anti-virus products. In order to get tested by [...]

Continue Reading


25 February 2007 | 4,759 views

Defense Workers Warned About Spy Coins for Espionage

This is a pretty cool new development, something straight out of a Tom Clancy thriller or a spy/hacker movie. Introducing Spy Coins! People are actually being warned about picking up stray coins as they might have surveillance devices inside. Can the coins jingling in your pocket trace your movements? The Defense Department is warning its [...]

Continue Reading


26 October 2006 | 18,084 views

ARPWatch-NG ARP Flooding/Spoofing Protection/Detection

If you are paranoid about people ARP spoofing or flooding on your network you can use ARPWatch-NG, ARPWatch-NG is a continue of the popular original ARPWatch from ftp://ftp.ee.lbl.gov/. ARPWatch monitors MAC adresses on your network and writes them into a file, last know timestamp and change notification is included. It can be used it to [...]

Continue Reading


09 October 2006 | 12,737 views

Inprotect 0.22.5 Released – Web Interface for Nessus & Nmap

A new revision of Inprotect has just been released, 0.22.5 in order to fix bugs and implement feature requests submitted by the development team and users. Existing users are recommended to upgrade. Inprotect is a web interface for Nessus and Nmap security scanners, released under GNU/GPL license. This version has the following enhancements: Improved and [...]

Continue Reading


01 October 2006 | 11,611 views

Security Boom Post 9/11

It makes sense really, the paranoia that quickly infected every corner of the ‘Western’ world had to be cashed in on by somebody, tada! The security industry of course. During the Cold War, Canada’s National Optics Institute developed a system to detect which type of enemy tank or fighter jet was approaching. After the Soviet [...]

Continue Reading


25 September 2006 | 17,241 views

FIS [File Inclusion Scanner] v0.1 – PHP Vulnerability

A useful tool for anyone working with PHP applications. DESCRIPTION ———— FIS (File Inclusion Scanner) is a vulnerability scanner for PHP applications. Is scans PHP files mapping PHP/HTTP variables and then performs a security audit,in order to find out which of them are exploitable. USAGE —— php fis.php [local file] [remote file] [remote FIS ID [...]

Continue Reading


14 September 2006 | 16,586 views

Impressive Open Source Intrusion Prevention – HLBR

It’s good to see work on open source tools in the countermeasure department aswell as the attack and penetration arena. It’s a shame since Snort and Nessus have gone semi-commercial. I hope more people invest their time in good IDS, Firewall and IPS systems, I love things like IPCop and hope to see more products [...]

Continue Reading


13 September 2006 | 19,562 views

Using the capture command in a Cisco Systems PIX firewall.

This is an excellent article you might find useful covering the use of the capture command in Cisco PIX firewalls. A vital tool to use when troubleshooting computer networking problems and monitoring computer networks is a packet sniffer. That being said, one of the best methods to use when troubleshooting connection problems or monitoring suspicious [...]

Continue Reading