Network and Computer Security

It’s always great to have new tools to protect our assets from attackers and when those tools are free it’s even better (honeytrap is licenced under the GNU GPL licence).

Honeytrap is still a very new tool but it already provides neat services to its users by allowing to collects information regarding known or unknown network-based attacks and therefore provide early-warning information to the network/security administrator.

Honeytrap usage shouldn’t be a problem as the program is well documented. This software should also run on any “standand Unixish” operating system.

Just click here to download honeytrap!

The June 15th issue of Bruce Schneier’s Crypto-Gram newsletter is out.

The Value of Privacy
Movie-Plot Threat Contest Winner
Crypto-Gram Reprints
Diebold Doesn’t Understand the Security Threat
News
Hacking Computers Over USB
The Doghouse: KRYPTO 2.0
Counterpane News
Aligning Interest with Capability
Comments from Readers

The May 15th issue of Bruce Schneier’s Crypto-Gram newsletter is out.

Summary:

Movie Plot Threat Contest: Status Report
Who Owns Your Computer?
Crypto-Gram Reprints
Identity-Theft Disclosure Laws
When “Off” Doesn’t Mean Off
News
RFID Cards and Man-in-the-Middle Attacks
Software Failure Causes Airport Evacuation
Counterpane News
Microsoft’s BitLocker
The Security Risk of Special Cases
Comments from Readers

As usual it is an excellent reading, but if you don’t have time to read it all, make sure you read at least the Who Owns Your Computer? and Microsoft’s BitLocker articles, they are especially enlightening!

There aren’t enough good open source security related software so new ones are always welcome.

On the heels of Snort and Prelude, we know have OSSEC.

Here are the version 0.8 release notes:

OSSEC HIDS is an Open Source Host-based Intrusion
Detection System. It performs log analysis, integrity
checking, rootkit detection, time-based alerting and
active response.
It runs on most operating systems, including Linux,
OpenBSD, FreeBSD, Solaris and Windows.

This is the first version offering native support for
Windows (XP/2000/2003). It includes as well a new set
of log analysis rules for sendmail, web logs (Apache
and IIS), IDSs and Windows authentication events.

The correlation rules for squid, mail logs, firewall
events and authentication systems have been improved,
now detecting scans, worms and internal attacks.
The active-responses were also refined, with support
to IPFW (FreeBSD) added.

See here for the OSSEC homepage.

NMap, the invaluable tool for smart port scanning and network mapping got a new version released yesterday. NMap 4.03 is mostly a bugfix release of 4.01, but there are a few new features and improvments (now works better in chroot environments, improved error logging, etc…)

See the Release Notes from Fyodor for the full details and download location.

The April 15th issue of Bruce Schneier’s Crypto-Gram newsletter is out.

Summary:
Movie-Plot Threat Contest
Airport Passenger Screening
80 Cameras for 2,400 People
Crypto-Gram Reprints
VOIP Encryption
Security through Begging
DHS Privacy and Integrity Report
News
KittenAuth
Terrorism Risks of Google Earth
New Kind of Door Lock
Counterpane News
Evading Copyright Through XOR
iJacking
Security Screening for New York Helicopters
Comments from Readers

You can read it here.

In december, Nessus 3.0.0 has been released bringing major evolutions compared to the Nessus 2 branch. It’s hard to memtion all the changes, but basically Nessus 3 is a fully rewrite of Nessus 2 and as a result performances got a huge boost. However during those major changes some new problems creep in. Nessus 3.0.1 fixed most of them and the newly released Nessus 3.0.2.

• Why upgrade to Nessus 3 ?
• Nessus FAQ
• Download Nessus 3.0.2!