Sguil (pronounced sgweel) is probably best described as an aggregation system for network security monitoring tools. It ties your IDS alerts into a database of TCP/IP sessions, full content packet logs and other information. When you’ve identified an alert that needs more investigation, the sguil client provides you with seamless access to the data you […]
IDS
Hackers Target Home Users for Cash
[ad] Hackers are switching targets now, companies are getting too hard to break into due to the availability of decently configured perimeter kit like firewalls and IDS. Plus the information they do get if they manage to break in is often worthless commercially and really not worth the effort. So instead, they target the end […]
Impressive Open Source Intrusion Prevention – HLBR
It’s good to see work on open source tools in the countermeasure department aswell as the attack and penetration arena. It’s a shame since Snort and Nessus have gone semi-commercial. I hope more people invest their time in good IDS, Firewall and IPS systems, I love things like IPCop and hope to see more products […]
TCPReplay suite 3.0.beta10. Released
[ad] Another good tool updated! TCPReplay suite 3.0.beta10 has been released. For those that don’t know Tcpreplay is a suite of BSD licensed tools written by Aaron Turner for *NIX operating systems which gives you the ability to use previously captured traffic in libpcap format to test a variety of network devices. It allows you […]
BASE 1.2.6 Released (Basic Analysis & Security Engine)
[ad] We are happy to announce that the 1.2.6 (christine) release of the Basic Analysis and Security Engine (BASE) is available. BASE is the Basic Analysis and Security Engine. It is based on the code from the Analysis Console for Intrusion Databases (ACID) project. This application provides a web front-end to query and analyze the […]