Sguil (pronounced sgweel) is probably best described as an aggregation system for network security monitoring tools. It ties your IDS alerts into a database of TCP/IP sessions, full content packet logs and other information. When you’ve identified an alert that needs more investigation, the sguil client provides you with seamless access to the data you […]
network-security
JBroFuzz 0.5 from OWASP – Stateless Network Protocol Fuzzer
[ad] OWASP JBroFuzz is a stateless network protocol fuzzer that emerged from the needs of penetration testing. Written in Java, it allows for the identification of certain classess of security vulnerabilities, by means of creating malformed data and having the network protocol in question consume the data. The purpose of this application is to provide […]
arp-sk – ARP Swiss Army Knife Tool
arp-sk is basically an ARP Traffic Generation Tool. It’s quite old but still very useful! There are 2 basics mode: – who-has: build a request ARP message. – reply: build a reply ARP message (default) Other advanced modes should come very soon – arping: send a who-has to every host on the LAN to see […]
Impressive Open Source Intrusion Prevention – HLBR
It’s good to see work on open source tools in the countermeasure department aswell as the attack and penetration arena. It’s a shame since Snort and Nessus have gone semi-commercial. I hope more people invest their time in good IDS, Firewall and IPS systems, I love things like IPCop and hope to see more products […]
Using the capture command in a Cisco Systems PIX firewall.
This is an excellent article you might find useful covering the use of the capture command in Cisco PIX firewalls. A vital tool to use when troubleshooting computer networking problems and monitoring computer networks is a packet sniffer. That being said, one of the best methods to use when troubleshooting connection problems or monitoring suspicious […]