Colapse all |
Post message
Whatever happened to 10gb IPS? 2010-07-12 Mr. Karim (aseeker03 gmail com) (2 replies) Re: Whatever happened to 10gb IPS? 2010-07-12 Curt Purdy (infosysec gmail com) (1 replies) Re: Whatever happened to 10gb IPS? 2010-07-12 Joel Esler (joel esler me com) (1 replies) RE: Whatever happened to 10gb IPS? 2010-07-13 Jeffrey White (Jeff White RaymondJames com) (1 replies) XArp 2.1.0 - ARP Spoofing Detection - new version and changed license: its free 2010-07-07 xarp chrismc de Hi, XArp - ARP Spoofing Detection - has made a huge step and is now available in version 2.1.0. Most important changes: -increased stability -available for Linux and Windows -changed license model XArp is now free to use for unlimited time and fully functional! The XArp Professional version is av [ more ] [ reply ] [TOOL] The 'Snort like' way of dealing with logs == Sagan 2010-06-25 Champ Clark III [Softwink] (champ softwink com) Sagan release version 0.1.0 http://sagan.softwink.com Written by Champ Clark (AKA 'Da Beave') and the Softwink, Inc team Date: 06/24/2010 Softwink announces the release of Sagan, a real time log monitoring utility. Sagan can alert you when events are occurring in your syslogs that need your atte [ more ] [ reply ] Announcement: xtractr updates 2010-06-08 pcapr (pcapr admin gmail com) Just a quick note to let you know that the lite version of xtractr can now index up to 10 million packets or 1GByte of pcaps. This makes it easy to grab large packet traces from a production network and perform troubleshooting and forensics with just a few clicks. We have also updated the live demo [ more ] [ reply ] Performance measurement tool for IDS/IPS 2010-06-01 wittybugz gmail com Hi All, Is any tool available in market (free or paid) for measuring performance of Host based IDS/IPS devices? I want to measure performance for protocols like HTTP,FTP,SMB/RPC,DNS etc. Thanks, Prateek ----------------------------------------------------------------- Securing Your Online Da [ more ] [ reply ] Re: RE: Re: OSSEC and Windows messages 2010-05-17 evilwon12 yahoo com Actually got this working. I am still not 100% sure why it was not working earlier. What I had to do was include the full path, out to the directory I want to exclude, in my match. As I said, it was C:\Windows/system32/dir1/dir2/dir3/.../dirx/file.out I was trying to match only on "dirM" a [ more ] [ reply ] Re: Re: OSSEC and Windows messages 2010-05-10 evilwon12 yahoo com (1 replies) Sorry if I was not clear in my original post. When I said I have not been able to filter on anything in the message string, I thought that implied that I have already done a custom rule in the local rules file. Sorry if that was not clear, but it is not working. ---------------------------------- [ more ] [ reply ] Re: OSSEC and Windows messages 2010-05-05 sohil_garg yahoo co in you can write a custom rule in local_rules.xml file and filter accordingly. ----------------------------------------------------------------- Securing Your Online Data Transfer with SSL. A guide to understanding SSL certificates, how they operate and their application. By making use of an SSL cert [ more ] [ reply ] OSSEC and Windows messages 2010-04-20 evilwon12 yahoo com I am trying to match on a windows error message and am not having any luck. What I do not want to do is ignore the rule completely, only certain messages. An example message is this: Integrity checksum changed for: 'C:\Win32/system32/directory1/directory2/directory3/...../name.txt' I want [ more ] [ reply ] Announcing: Ruby API for xtractr 2010-03-18 kowsik (kowsik gmail com) What started off as a way to unit test the RESTful API for xtractr has now turned into a Ruby gem that we are releasing as open source. First xtractr, then nuggets and now a gem. We are happy to announce a Ruby gem for xtractr which takes all the goodness of Ruby and interacts RESTfully with xtract [ more ] [ reply ] Decrypting PPTP network traffic 2010-03-17 Alexander Perchov (alexperchov1969 googlemail com) Note: apologies for cross posting - I hope to get more coverage this way, because google hasn't been helping lately ;-) I am looking for a tool that can decrypt MPPE (Microsoft Point-to-Point Encryption) network traffic given a pcap (or any other format really) and the correct key / NTLM hash. Is a [ more ] [ reply ] Call for Papers: EC2ND 2010 2010-03-05 Konrad Rieck (konrad rieck tu-berlin de) Dear Colleagues, Please find attached the Call for Papers for EC2ND 2010, the sixth European Conference on Computer Network Defense, which will be held in Berlin, Germany, October 28-29, 2010. Please feel free to distribute this announcement. We apologize if you receive multiple copies of this [ more ] [ reply ] Announcing xtractr (on pcapr) 2010-02-22 kowsik (kowsik gmail com) We are happy to announce xtractr, a collaborative cloud app for indexing, searching, extracting and reporting on large pcaps. xtractr enables network/support engineers and testers to troubleshoot the network, isolate problems, identify field issues and perform network forensics. You can learn more [ more ] [ reply ] CfP DIMVA 2010 - Detection of Intrusions and Malware & Vulnerability Assessment (2 Week Notice) 2010-01-20 Sebastian Schmerl (sbs informatik tu-cottbus de) Hello List-Member, attached you'll find the Call for Paper for the International Conference on Detection of Intrusions and Malware & Vulnerability Assessment. The focus of the DIMVA conference covers topics on this list, so do not hesitate to submit your research results as a paper or your ongoing [ more ] [ reply ] Recent NSS test 2009-12-16 Ravi Chunduru (ravi is chunduru gmail com) Hi, It apperas from the test methodology, NSS concentrated on the protections for target types Web Server, Web Browser ActiveX, JavaScript , Browser Plug-ins/Add-ons. Except for Web Server, all others are mainly related to "Target Initiated" intrusions. Does anybody have information on number of [ more ] [ reply ] Re: I love the smell of whining in the morning... 2009-12-11 Lawrence Pingree (ntpeck yahoo com) I agree with Joel, nss holds their ground on their methodology. What i think happens is he vendors select the "best features" that one-up the competition and whalla... They win. I thinm Some testing firms can't hold water at all and and are just producing hype. Best do your due dilligence yo [ more ] [ reply ] Re: RE: Re: I love the smell of whining in the morning... 2009-12-10 bwalder spamcop net (1 replies) Andrew - I see Tippingpoint is listed as a "strategic partner" on your Web site, so I guess I can see where you might be concerned about such results. However, the reason why Tippingpoint results have altered from report to report is covered quite well in Rick Moy's blog posts at http://nsslabs.b [ more ] [ reply ] RE: RE: Re: I love the smell of whining in the morning... 2009-12-11 Andrew Plato (andrew plato anitian com) |
Privacy Statement |
that could decode 10gb Ethernet traffic. I was wondering if anyone has
recently validated any IPS sensors that can actually inspect 10GB
worth of traffic, full duplex (20gb)?
Thanks
H
---------------------------------------------
[ more ] [ reply ]