Archive | Countermeasures


09 October 2006 | 12,727 views

Inprotect 0.22.5 Released – Web Interface for Nessus & Nmap

A new revision of Inprotect has just been released, 0.22.5 in order to fix bugs and implement feature requests submitted by the development team and users. Existing users are recommended to upgrade. Inprotect is a web interface for Nessus and Nmap security scanners, released under GNU/GPL license. This version has the following enhancements: Improved and [...]

Continue Reading


01 October 2006 | 11,606 views

Security Boom Post 9/11

It makes sense really, the paranoia that quickly infected every corner of the ‘Western’ world had to be cashed in on by somebody, tada! The security industry of course. During the Cold War, Canada’s National Optics Institute developed a system to detect which type of enemy tank or fighter jet was approaching. After the Soviet [...]

Continue Reading


25 September 2006 | 17,223 views

FIS [File Inclusion Scanner] v0.1 – PHP Vulnerability

A useful tool for anyone working with PHP applications. DESCRIPTION ———— FIS (File Inclusion Scanner) is a vulnerability scanner for PHP applications. Is scans PHP files mapping PHP/HTTP variables and then performs a security audit,in order to find out which of them are exploitable. USAGE —— php fis.php [local file] [remote file] [remote FIS ID [...]

Continue Reading


14 September 2006 | 16,582 views

Impressive Open Source Intrusion Prevention – HLBR

It’s good to see work on open source tools in the countermeasure department aswell as the attack and penetration arena. It’s a shame since Snort and Nessus have gone semi-commercial. I hope more people invest their time in good IDS, Firewall and IPS systems, I love things like IPCop and hope to see more products [...]

Continue Reading


13 September 2006 | 19,554 views

Using the capture command in a Cisco Systems PIX firewall.

This is an excellent article you might find useful covering the use of the capture command in Cisco PIX firewalls. A vital tool to use when troubleshooting computer networking problems and monitoring computer networks is a packet sniffer. That being said, one of the best methods to use when troubleshooting connection problems or monitoring suspicious [...]

Continue Reading


12 September 2006 | 13,393 views

Moving Ahead in the War Against Botnets

This effort started quite a long time ago, I was just checking up to see how they were getting on, but there’s not much news of their progress. perating under the theory that if you kill the head, the body will follow, a group of high-profile security researchers is ramping up efforts to find and [...]

Continue Reading


27 August 2006 | 15,638 views

Sophos Offers Free Rootkit Detection Tool/Software

Ah, here at Darknet we have always been a fan of Sophos and the way they operate, a very efficient company and good to see good technical products still coming out of the UK! Another good move by them, they have decided to offer a free rootkit detection tool called Sophos Anti-Rootkit..Yah I know, not [...]

Continue Reading


12 August 2006 | 9,162 views

TCPReplay suite 3.0.beta10. Released

Another good tool updated! TCPReplay suite 3.0.beta10 has been released. For those that don’t know Tcpreplay is a suite of BSD licensed tools written by Aaron Turner for *NIX operating systems which gives you the ability to use previously captured traffic in libpcap format to test a variety of network devices. It allows you to [...]

Continue Reading


10 August 2006 | 4,544 views

OWASP – Fortify Bug Taxonomy

Ah at last a good solid collaborative effort to identify and categorise software vulnerabilities with a solid taxonomy and good organisation! It seems very well written too in terms that anyone familiar with software development or programming can understand. Fortify Software, which identifies and remediates software vulnerabilities, has contributed its collection of 115 types of [...]

Continue Reading


01 August 2006 | 13,645 views

SpikeSource Spike PHP Security Audit Tool

Spike is an Open Source tool based on the popular RATS C based auditing tool implemented for PHP. The tool Spike basically does static analysis of php code for security exploits, PHP5 and call-time pass-by-reference are currently required, but a PHP4 version is coming out this week. This tool is especially welcomed by Darknet as [...]

Continue Reading