Brainfoldb4u's Blog

Just another WordPress.com weblog

Archive for January 2nd, 2010

Open source linux IDS/IPS from OISF

Posted by brainfoldb4u on January 2, 2010

The Open Information Security Foundation (OISF) is a non-profit foundation organized to build a next generation IDS/IPS engine. The OISF has formed a multi-national group of the leading software developers in the security industry.  In addition to developers and a consortium consisting of leading cyber security companies, OISF after three years have  first released their Suricata Engine! The engine is an Open Source Next Generation Intrusion Detection and Prevention Tool, not intended to just replace or emulate the existing tools in the industry, but to bring new ideas and technologies to the field.

Multi-Threading

Amazing that multi-threading is new to IDS!

Automatic Protocol Detection

The engine not only has keywords for IP, TCP, UDP and ICMP, but also has HTTP, TLS, FTP and SMB! A user can now write a rule to detect a match within an HTTP stream for example regardless of the port the stream occurs on. This is going to revolutionize malware detection and control. Detections for more layer 7 protocols are on the way.

Gzip Decompression

The HTP Parser will decode Gzip compressed streams, allowing much more detailed matching within the engine.

Independent HTP Library

The HTP Parser will be of great use to many other applications such as proxies, filters, etc. The parser is available as a library also under GPLv2 for easy integration ito other tools.

For detailed overview and download click here

Posted in Auditing, Information Security, Open Source | Tagged: , , | Leave a Comment »

Open source: How e-voting can be done

Posted by brainfoldb4u on January 2, 2010

I found this article by By Paul Venezia from computer world discussing about how e-vote can be done.

Author discusses his views on  current e-voting systems and Open Vote Act  and how it should  enact laws that prohibit the use of any voting system  and how it does not provides a paper audit trail, and how to  mandate that companies use government-approved voting code without modification when building proprietary systems.

For detailed report on this topic from computer world click here

Posted in Open Source | Tagged: | Leave a Comment »

Open source fix for flash security holes

Posted by brainfoldb4u on January 2, 2010

Open source solution for Flash security holes:

To prevent the frequently recurring security issues in Adobe’s software from being exploited, Felix “FX” Lindner of Recurity Labs presented his open source “Blitzableiter” (lightning rod) project at the 26th Chaos Communication Congress (26C3). The tool analyses and cleans up Flash code before playback and is designed to prevent security holes in Adobe Flash from being exploited. Flash is one of the most commonly used points of entry for attackers who try to compromise PCs during visits to web pages. the Blitzableiter tool checks SWF files for their integrity. Embedded ActionScript code is detected, analysed and cleaned up. The wrapper can also verify whether embedded objects such as JPEG images comply with the specification.

To read the full article from H-Secure, click here

Previously, Adobe was warning of a new zero-day vulnerability in its popular Reader and Acrobat applications that is being actively targeted by attackers in the wild.

In an advisory released mid December,, Adobe acknowledged reports from several security vendors that a new malicious PDF file was discovered in some email attachments targeting the Adobe flaw. Adobe said the remote code execution vulnerability is in Reader and Acroobat 9.2 and earlier versions

To learn more about adobe zero day vulnerability, click here

Posted in Information Security, Open Source, Security tools | Tagged: , , | Leave a Comment »