illurity-logo
Log in

Site menu:

Categories

Tags

Site search

July 2018
M T W T F S S
« Dec    
 1
2345678
9101112131415
16171819202122
23242526272829
3031  

Links:

Archives

Archive for 'IDS/IDP'

Rumors and Preparedness

There are rumors circulating around SANS and full-disclosure circles that there is a 0day SSH exploit in the wild that might be announced sometime around the upcoming Black Hat event. Whether or not it is true is to be seen, but beyond the question of “is it or isn’t it,” it’s interesting to consider the […]

Banners Are Poor Liars

In response to a risk assessment and security audit being performed by one of the proliferating lot of peddlers of such services, a friend recently asked my position on obscuring the banner on our application platforms. This “best-practice” of concealing the true identity of web and FTP servers, SMTP engines, et al, has been around […]

NG-HD-FW-FUD

It must have been the striking dearth of jargon that led the security industry to introduce a new term for an existing technology: High-Definition (or Next-Generation) firewalls want you to ask yourself the question: “Is the traffic on your network a wolf in sheep’s clothing?” In other words, let’s say you’ve configured your firewall to […]

Firekeeper IDS/IPS Firefox Plugin

Firekeeper is a snort-like plug-in for Firefox that embeds intrusion detection and prevention directly into the browser. The rule language is a simplified version of Snort’s, with a focus on browser-based attacks. Good potential for use as as a dynamically updated host-based IDS without the need for a separate HIDS installation. A similar add-on for […]

Snort Vulnerability: Intruding on the Intrusion Protector

Secunia just announced an algorithmic complexity attack exploiting the behavior of Snort’s (pre-2.6.1) predicate-based rule matching. Susceptibility to the backtracking attack with custom crafted packets is rule dependent (based largely on the presence of relative-position content matching), and is estimated by the reporters to affect about 300 Snort signatures with varying intensity. A successful attack […]