Security vendors would like you to believe that HIPS, IDS and IPS mean one and the same. Network Intrusion Detection System means *passive*...
The risk in reality is quite minimal, both in terms of what can be done with unreassembled packets and the effect of what could possibly be done...
Is this some kind of thread-posting advertising?
I haven't released any versions, although I should release some of the interface designs that I have already done.
Any good? No, made by CS students. Uses RRAS not a lower level NDIS driver. Port of BSD firewall. A graphical frontend was created but has since...
Just listing that link isn't proof that these attacks are being used. If you follow the examples provided you will find that many don't follow the...
Where?
Here's what happens (if I remember correctly): Each packet starts with a Time to Live (eg. 255) - at each router hop it decreases by one. Once...
Removed (wrong meaning implied)
Yes it is, since most people use a HIPS to do exactly the same thing in most cases.
NIST Special Publication 800-30 http://csrc.nist.gov/publications/nistpubs/800-30/sp800-30.pdf might also have some information to help you out. I...
Use SSH with an SSH server to protect the endpoint transfer. Or zip the file and create a self-decrypting archive using PGP. Don't rely on Zip...
As far as I know using fragmentation in a remote attack usually results in DoS conditions, although some vulnerable systems may allow remote code...
Fragmentation was and in some cases is still necessary to send data through multiple transmission mediums (eg. Ethernet, optic fiber). Each...
It's not the number it's the rate, and how consistent this rate is. While idle there really shouldn't be a large number of page faults occuring....
What do you think is going on when you allow an application access in most warm-and-fuzzy super-easy-to-use GUI firewalls? The implicit rule is...
Sandboxes do not automatically stop exploitation of vulnerabilities, they just have the ability with user input to set tight boundaries on...
"Sandbox" software and the like sounds good in theory because it implies the use of two security concepts which have proven effective in the long...
Sorry, Kerodo: Did you do any tests regarding TCP both inbound or outbound? Can you confirm that outbound fragmented UDP packets exhibit similar...
I haven't seen conclusive proof that Kerio 2x allows fragmented TCP/UDP regardless of the ruleset and/or Stop Traffic option only some limited...
That's 32 bytes though - no need to fragment it.
No-one could really do much with ICMP; perhaps create an inefficient covert channel which has been done. The bigger issue is how Kerio handles...
Firstly, I'm guessing RWA was using the DNS Client Service. www.freebsd.org already had a resolving enty in the cache so ping didn't fail to...
They can't. If I remember correctly, one of the main programmers for 2x became really pissed off at Kerio because of some issue and he left for...
Some fair points there, ---/Guest. Errr, I disagree, I think. I favor full control by the user only, rather than any automated decisions....
Separate names with a comma.
