Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Focus-IDS
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

psad-1.4.0 release

from [Michael Rash] Network Security [Permanent Link]
Subject: psad-1.4.0 release
Date: Thu, 2 Dec 2004 09:12:04 -0500 
psad-1.4.0 has been released.  This release incorporates true p0f-
style passive OS fingerprinting (requires the usage of the iptables
--log-tcp-options argument).  Psad still supports the old TOS-based
passive OS fingerprinting if the TCP options portion of the TCP
header is not being logged.

Here is an example alert generated by psad-1.4.0 that includes the
new p0f functionality (psad fingerprints the remote OS as
"Linux:2.6::Linux 2.4/2.6"):

http://www.cipherdyne.org/psad/sample_alerts/socks_proxy.html

p0f fingerprints have also been integrated with --Status output:

http://www.cipherdyne.org/psad/sample_alerts/status.html

psad-1.4.0 tarballs, rpms, and Debian packages can be downloaded
here:

http://www.cipherdyne.org/psad/download/

--Mike

Michael Rash
http://www.cipherdyne.org/
Key fingerprint = 53EA 13EA 472E 3771 894F  AC69 95D8 5D6B A742 839F

--------------------------------------------------------------------------
Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it with real-world attacks from 
CORE IMPACT.
Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 
to learn more.
--------------------------------------------------------------------------
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
  • psad-1.4.0 release, Michael Rash <=
Previous by Date:  RE: NIDS and HIDS, Chris Petersen
Next by Date:  RE: Foolin an IDS ?, Maynor, David (ISS Atlanta)
Previous by Thread:  CiscoWorks - VMS - IDS Monitoring and Alerting, Terry S
Next by Thread:  LIDS 1.2.2 for Linux kernel 2.4.28 released, Yusuf Wilajati Purna
Indexes:  [Date] [Thread] [Top] [All Lists]