Archive | Countermeasures


16 May 2011 | 8,345 views

pytbull – Intrusion Detection/Prevention System (IDS/IPS) Testing Framework

pytbull is an Intrusion Detection/Prevention System (IDS/IPS) Testing Framework for Snort, Suricata and any IDS/IPS that generates an alert file. It can be used to test the detection and blocking capabilities of an IDS/IPS, to compare IDS/IPS, to compare configuration modifications and to check/validate configurations. The framework is shipped with about 300 tests grouped in […]

Continue Reading


05 May 2011 | 8,427 views

ArpON v2.2 Released – Tool To Detect & Block ARP Spoofing

ArpON (ARP handler inspection) is a portable handler daemon that make ARP secure in order to avoid the Man In The Middle (MITM) through ARP Spoofing/Poisoning attacks. It detects and blocks also derived attacks by it for more complex attacks, as: DHCP Spoofing, DNS Spoofing, WEB Spoofing, Session Hijacking and SSL/TLS Hijacking & co attacks. […]

Continue Reading


13 April 2011 | 6,949 views

Microsoft Unleashes Record Breaking Patch Tuesday – April 2011

We all love Patch Tuesday – no doubt about that right? Well Microsoft has blessed us this month with the biggest Patch Tuesday in the history of the program. That’s a good thing because it’s had some horribly effective vulnerabilities revealed lately. It managed to package up a massive bundle of patches for 64 vulnerabilities […]

Continue Reading


06 April 2011 | 6,512 views

Google Chrome To Protect Users Against Malicious Executables

It looks like Google Chrome is stepping up to provide users with the most secure browsing experience. The browser has been built with security in mind since the beginning with it’s sandbox model and it escaped exploitation during the recent Pwn2Own contest. Now they are infringing on the area of anti-virus vendors and stepping up […]

Continue Reading


22 March 2011 | 10,178 views

Smooth-Sec – All In One Pre-Configured IDS/IPS System

Smooth-Sec is a ready to-go IDS/IPS (Intrusion Detection/Prevention System) Linux distribution based on the multi threaded Suricata IDS/IPS engine and Snorby, the top notch web application for network security monitoring. Smooth-Sec is built on Ubuntu 10.04 LTS using the TurnKey Core base as development platform. Functionality is the key point that allows a user to […]

Continue Reading


11 March 2011 | 7,316 views

Agnitio v1.2 – Manual Security Code Review Tool

Agnitio is a tool to help developers and security professionals conduct manual security code reviews in a consistent and repeatable way. Agnitio aims to replace the adhoc nature of manual security code review documentation, create an audit trail and reporting. v1.2 of Agnitio includes a new application metrics section to give better visibility of the […]

Continue Reading


08 March 2011 | 9,284 views

PacketFence – Free, Open Source Network Access Control (NAC) System

PacketFence is a fully supported, trusted, Free and Open Source network access control (NAC) system. Boasting an impressive feature set including a captive-portal for registration and remediation, centralized wired and wireless management, 802.1X support, layer-2 isolation of problematic devices, integration with the Snort IDS and the Nessus vulnerability scanner; PacketFence can be used to effectively […]

Continue Reading


03 March 2011 | 9,035 views

Microsoft Attack Surface Analyzer – Test Software Vulnerabilities

Attack Surface Analyzer is developed by the Security Engineering group, building on the work of our Security Science team. It is the same tool used by Microsoft’s internal product groups to catalogue changes made to operating system attack surface by the installation of new software. Attack Surface Analyzer takes a snapshot of your system state […]

Continue Reading


02 March 2011 | 6,133 views

Intel Completes $7.68B McAfee Buyout In All-Cash Deal

The big news in the last fews days is that Intel has completed it’s buy-out of McAfee in a $7.6 Billion dollar all-cash deal, it seems like security on the chipset/CPU is going to be a reality. We wrote about the initial acquisition back in August 201 and Intel have been working hard to get […]

Continue Reading


21 December 2010 | 12,611 views

Gawker CTO Outlines Security Improvements Post Breach

An e-mail from the Gawker CTO (Tom Plunkett) has been posted online and it outlines the security improvements that Gawker are planning to implement after the recent massive breach of user passwords from their database. As we mentioned recently, the U.S. Federal Bureau of Investigation is looking into the Gawker breach, which just goes to […]

Continue Reading