Solera Networks announces open source license for DataEcho web forensics software – Windows application reconstructs web and email activity for compliance and security management
Solera Networks, Inc., the technology leader in network packet record and playback appliances, today announced that source code for DataEcho, a web session reconstruction application, will be made available under the GNU General Public License. The company has established a community website. Source code and Windows installers are available for download now.
DataEcho reconstructs historical web browsing and email traffic from captured network packets, for monitoring insider security threats and policy compliance. It is a useful adjunct to network protocol analyzers such as Sniffer™ or WireShark.
“Releasing this application under the GPL allows Solera Networks to focus on system level advances in network packet capture and storage: our core competencies. Applications such as DataEcho demonstrate why we believe packet recording and playback capability is such a critical component of every data center’s infrastructure,” said Terry Haas, President and CEO of Solera Networks. “We look forward to future enhancements to DataEcho.”
More info…
Stormy weather for malware defenses
Virus writers go after anti-virus vulnerabilities
By Robert Lemos, SecurityFocus
When the Storm Worm swept through the internet in mid-January, the program’s writers took a brute force approach to evading anti-virus defenses: They created a massive number of slightly different copies of the program and released them all at the same time.
On 18 January, the day the misnamed program – a Trojan horse, not a worm – first appeared, more than 350 different variants were released, according to a report penned by security firm CommTouch Software. Four days later, the number of slightly-different versions jumped to more than 7,300. By the end of January, more than 54,000 variants had hit the internet, the report (PDF) stated, each one spammed out by computers previously compromised by the program.
“Virus writers’ goals have changed,” CommTouch CEO Amir Lev said in an email interview with SecurityFocus. “They are doing ‘good’ business now. They do not focus on finding vulnerabilities in Microsoft and other products, they look for ‘vulnerabilities’ (in) the AV (anti-virus) systems.”
Continue Reading »
BackTrack es una de las más conocidas y apreciadas distribuciones GNU/Linux orientadas a profesionales de la seguridad, con un enfoque especial hacia la realización de tests de penetración. Para dar una idea de su popularidad, baste decir que ocupa el puesto 32 en el famoso ránking de Insecure.org. Se presenta como un LiveCD (por lo que ni siquiera necesita instalación) que proporciona en un par de minutos acceso a más de 300 herramientas de todo tipo (sniffers, exploits, auditoría wireless, análisis forense, etc) perfectamente organizadas. Por lo demás BackTrack incorpora también todas utilidades habituales en cualquier distribución al uso…
Link to BackTrack
InnoTek VirtualBox is a general-purpose full virtualizer for x86 hardware. Targeted at server, desktop and embedded use, it is now the only professional-quality virtualization solution that is also Open Source Software.
Some of the features of VirtualBox are:
- Modularity. VirtualBox has an extremely modular design with well-defined internal programming interfaces and a client/server design. This makes it easy to control it from several interfaces at once: for example, you can start a virtual machine in a typical virtual machine GUI and then control that machine from the command line, or possibly remotely. VirtualBox also comes with a full Software Development Kit: even though it is Open Source Software, you don’t have to hack the source to write a new interface for VirtualBox.
- Virtual machine descriptions in XML. The configuration settings of virtual machines are stored entirely in XML and are independent of the local machines. Virtual machine definitions can therefore easily be ported to other computers.
- Guest Additions for Windows and Linux. VirtualBox has special software that can be installed inside Windows and Linux virtual machines to improve performance and make integration much more seamless. Among the features provided by these Guest Additions are mouse pointer integration and arbitrary screen solutions (e.g. by resizing the guest window).
Parte 1
Ésta es la primera parte de una serie sobre las novedades en el núcleo de Windows Vista. En este artículo analizaré los cambios producidos en las áreas de procesos y subprocesos y en E/S. Las siguientes entregas incluirán la administración de la memoria, inicio y apagado, confiabilidad y recuperación y seguridad.
Parte 2
Parte 3
A security company has launched a pocket-sized table that can hack into Wi-Fi networks using powerful penetration tools – a boon for security professionals and hackers alike.
Silica, from penetration test company Immunity, runs Canvas, an attack tool that includes hundreds of exploits, to attack any Wi-Fi networks it detects. It is designed to help IT managers secure their networks, but the $3600 tool would obviously be very dangerous in the wrong hands.Operating on a Nokia 770 Internet tablet the tool, which was shown at this week’s RSA security conference, runs through an attack routine automatically, controlled by a simple three-button interface on the tablet’s touch-screen. It searches for open connections and launches exploits, and carries out pre-programmed routines to exploit weaknesses it finds. The Canvas tool is regularly updated with new security exploits.
Posts
