Brainfoldb4u's Blog

Just another WordPress.com weblog

Posts Tagged ‘Open Source’

Open source linux IDS/IPS from OISF

Posted by brainfoldb4u on January 2, 2010

The Open Information Security Foundation (OISF) is a non-profit foundation organized to build a next generation IDS/IPS engine. The OISF has formed a multi-national group of the leading software developers in the security industry.  In addition to developers and a consortium consisting of leading cyber security companies, OISF after three years have  first released their Suricata Engine! The engine is an Open Source Next Generation Intrusion Detection and Prevention Tool, not intended to just replace or emulate the existing tools in the industry, but to bring new ideas and technologies to the field.

Multi-Threading

Amazing that multi-threading is new to IDS!

Automatic Protocol Detection

The engine not only has keywords for IP, TCP, UDP and ICMP, but also has HTTP, TLS, FTP and SMB! A user can now write a rule to detect a match within an HTTP stream for example regardless of the port the stream occurs on. This is going to revolutionize malware detection and control. Detections for more layer 7 protocols are on the way.

Gzip Decompression

The HTP Parser will decode Gzip compressed streams, allowing much more detailed matching within the engine.

Independent HTP Library

The HTP Parser will be of great use to many other applications such as proxies, filters, etc. The parser is available as a library also under GPLv2 for easy integration ito other tools.

For detailed overview and download click here

Posted in Auditing, Information Security, Open Source | Tagged: , , | Leave a Comment »

Open source: How e-voting can be done

Posted by brainfoldb4u on January 2, 2010

I found this article by By Paul Venezia from computer world discussing about how e-vote can be done.

Author discusses his views on  current e-voting systems and Open Vote Act  and how it should  enact laws that prohibit the use of any voting system  and how it does not provides a paper audit trail, and how to  mandate that companies use government-approved voting code without modification when building proprietary systems.

For detailed report on this topic from computer world click here

Posted in Open Source | Tagged: | Leave a Comment »

Open source fix for flash security holes

Posted by brainfoldb4u on January 2, 2010

Open source solution for Flash security holes:

To prevent the frequently recurring security issues in Adobe’s software from being exploited, Felix “FX” Lindner of Recurity Labs presented his open source “Blitzableiter” (lightning rod) project at the 26th Chaos Communication Congress (26C3). The tool analyses and cleans up Flash code before playback and is designed to prevent security holes in Adobe Flash from being exploited. Flash is one of the most commonly used points of entry for attackers who try to compromise PCs during visits to web pages. the Blitzableiter tool checks SWF files for their integrity. Embedded ActionScript code is detected, analysed and cleaned up. The wrapper can also verify whether embedded objects such as JPEG images comply with the specification.

To read the full article from H-Secure, click here

Previously, Adobe was warning of a new zero-day vulnerability in its popular Reader and Acrobat applications that is being actively targeted by attackers in the wild.

In an advisory released mid December,, Adobe acknowledged reports from several security vendors that a new malicious PDF file was discovered in some email attachments targeting the Adobe flaw. Adobe said the remote code execution vulnerability is in Reader and Acroobat 9.2 and earlier versions

To learn more about adobe zero day vulnerability, click here

Posted in Information Security, Open Source, Security tools | Tagged: , , | Leave a Comment »

Open Source

Posted by brainfoldb4u on December 25, 2009

Open source

Open source is a development method and the creative practice of appropriation and free sharing of information/invention.  This method enhances the power of distributed or autonomous behavior.  This way improves the transparency and promises better quality, flexibility, reliability, and availability. Good part is our standards body are maintaining this open source concepts for good of the community. This way makes any one can be a developer, reviewer or even a hacker (both in better and bitter way).

There are numerous open source projects like source-forge, open office, Linux, Ubuntu, ruby and many others available to us and wonder how many of us know about their existence and value they bring in comparison to their costly counterparts.  It became my interest to explore open source ad make reader aware of it.  Thus i am going to use this space in my page to talk about the source projects, their benefits and unique features they bring along …

Open source web

In general Open source software is whose source code is freely published and made available to any one and they can choose to edit, discover something new or even redistribute it without paying royalties.  Though said, it is not an easy task , it requires dedication ,involvement and community cooperation.  Few of those open source products are:

  • Linux:  Open source operating system based on Unix
  • Apache:  HTTP web server
  • MySQL: Most popular open source database.
  • Tomcat: provides pure java HTTP web server environment for Java code to run.
  • Eclipse: Open source software framework for rich client applications.
  • Mozilla Firefox: Worthy IE competent with rich plugins and customizable browser.
  • Ruby on Rail: Full stacked, web application framework optimized for building and publishing application for free.
  • Open Office.org:  Very useful MS office counterpart with built-in word, spreadsheet, power point and many..
  • MediaWiki: Knowledge base and the software that runs Wikipedia
  • Drupal/Joomla: Open source content management systems
  • Coffee Cup: Very useful HTML/CSS editor and website content developer.
  • PHP/Perl/Java: Handy scripting or programming languages that available for anyone to learn and master.
  • GIMP: Logo, website design and theme creator

Note: Majority of discussion will be around computing and internet technology oriented products..

Funny open source conversation
funny open source conversation

Posted in Linux, Open Source, Ubuntu | Tagged: , | Leave a Comment »