Tag Archive | "Countermeasures"


06 October 2009 | 26,330 views

Samhain v.2.5.9c – Open Source Host-Based Intrusion Detection System (HIDS)

We’ve only mentioned one HIDS before, that was OSSEC HIDS, so I thought I’d do some updates on the others. Samhain has always been one of my favourites, before that of course I was using Tripwire like everyone else. The Samhain open source host-based intrusion detection system (HIDS) provides file integrity checking and logfile monitoring/analysis, [...]

Continue Reading


07 September 2009 | 8,135 views

UK Has The Worst Internet Security In Europe

Interesting story for our British readers, seems like back in Old Blighty people are a bit lax when it comes to keeping their security software up to date. Not only that, from the other aspects of the survey it seems UK is generally lacking in cybersecurity awareness and education with people not deleting dodgy files [...]

Continue Reading


27 August 2009 | 6,765 views

Trafscrambler – Anti-sniffer/IDS Tool

Trafscrambler is an anti-sniffer/IDS LKM(Network Kernel Extension) for OSX, licensed under BSD. Features Injection of packets with bogus data and with randomly selected bad TCP cksum or bad TCP sequences Userland binary(tsctrl) for controlling trafscrambler NKE SYN decoy – sends out number of SYN pkts before the original SYN pkt TCP reset attack – sends [...]

Continue Reading


20 February 2009 | 6,501 views

DShield Web Honeypot Project – Alpha Version Released

For those of you who are not familiar with DShield (where have you been? under a rock?) it’s a Cooperative Network Security Community. Basically what that means is they collect firewall logs and map out the trends. Like when there was a worm going around that bruteforced SSH2 you could see a spike in port [...]

Continue Reading


09 December 2008 | 4,935 views

Secunia Personal Software Inspector (PSI) 1.0

To continue with some software targeted towards security and self-protection after posting about Microsoft Baseline Security Analyzer (MBSA) and Microsoft Security Assessment Tool (MSAT) we continue with one more – Secunia Personal Software Inspector. We did write about this software way back when Secunia first came out with their Secunia Software Inspector. There’s now 3 [...]

Continue Reading


18 November 2008 | 5,777 views

Microsoft Security Assessment Tool – Free for Windows

The Microsoft Security Assessment Tool (MSAT) is a free tool designed to help organizations like yours assess weaknesses in your current IT security environment, reveal a prioritized list of issues, and help provide specific guidance to minimize those risks. MSAT is an easy, cost-effective way to begin strengthening the security of your computing environment and [...]

Continue Reading


06 October 2008 | 6,642 views

fwknop – Port Knocking Tool with Single Packet Authorization

Port Knocking came about in around 2003, but it has various weaknesses. There are plenty of implentations though (some quite advanced). Most of the problems are fixed however by fwknop! fwknop stands for the “FireWall KNock OPerator”, and implements an authorization scheme called Single Packet Authorization (SPA). This method of authorization is based around a [...]

Continue Reading


17 September 2008 | 5,086 views

psad – Intrusion Detection and Log Analysis with iptables

psad is a collection of three lightweight system daemons (two main daemons and one helper daemon) that run on Linux machines and analyze iptables log messages to detect port scans and other suspicious traffic. A typical deployment is to run psad on the iptables firewall where it has the fastest access to log data. psad [...]

Continue Reading


16 June 2008 | 13,280 views

ArpON – ARP Handler Detect and Block ARP Poisoning/Spoofing

ArpON (Arp handler inspectiON) is a portable handler daemon with some nice tools to handle all ARP aspects. It has a lot of features and it makes ARP a bit safer. This is possible using two kinds of anti Arp Poisoning tecniques, the first is based on SARPI or “Static ARP Inspection”, the second on [...]

Continue Reading


11 April 2008 | 4,908 views

WSGW – Web Security Gateway for Secure Apache

The Web Security Gateway is a security-centric distribution of the Apache web server, bundled with additional security modules, and configured as a front-end (reverse) HTTP proxy. The goal is to mirror most of the features of commercial web application “firewalls”, with free and Open-Source software. The Web Security Gateway provides a configurable caching, authentication, input [...]

Continue Reading


Popular Tags

computer-security · darknet · exploits · google · hacking · hacking-networks · hacking-websites · hacking-windows · hacking tool · Hacking Tools · Information-Security · information gathering · malware · microsoft · network-security · Network Hacking · Password Cracking · penetration-testing · Phishing · Privacy · Python · scammers · Security · Security Software · spam · spammers · sql-injection · trojan · trojans · virus · viruses · vulnerabilities · web-application-security · web-security · Web Hacking · windows · windows-security · Windows Hacking · worms · XSS ·