Attacks/Breaches
10/28/2013
02:28 PM
Connect Directly
Twitter
Twitter
RSS
E-Mail
50%
50%
Repost This

Slide Show: 10 Free Network Defense Tools

Affordably protect the perimeter and beyond with these handy network security utilities and toolkits
Previous
1 of 10
Next


Keep the bad guys' success at breaking through some security defenses from turning into a full-blown network incursion. Nova helps confuse and confound attackers doing network reconnaissance by configuring many different fake virtual servers "running" on the network using Honeyd and then uses a machine-learning traffic analyzer to monitor honeypts.

 

Ericka Chickowski specializes in coverage of information technology and business innovation. She has focused on information security for the better part of a decade and regularly writes about the security industry as a contributor to Dark Reading.  View Full Bio

Previous
1 of 10
Next
Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
sleath066
50%
50%
sleath066,
User Rank: Apprentice
11/30/2013 | 4:30:07 AM
re: Slide Show: 10 Free Network Defense Tools
agreed. Could someone do something about that?
acces
50%
50%
acces,
User Rank: Apprentice
10/30/2013 | 1:17:18 AM
re: Slide Show: 10 Free Network Defense Tools
A url would be nice ... how about telling us what platforms are available for each tool. Come on, be a bit more user friendly please ...
whydoesitmatterjustmakeoneup
50%
50%
whydoesitmatterjustmakeoneup,
User Rank: Apprentice
10/29/2013 | 3:40:42 PM
re: Slide Show: 10 Free Network Defense Tools
I agree the screen is very busy but descriptions are in the upper right hand corner, at least on my browser, Chrome.
Patches
50%
50%
Patches,
User Rank: Apprentice
10/29/2013 | 1:53:23 PM
re: Slide Show: 10 Free Network Defense Tools
Is there supposed to be an article of some kind to go along with this slideshow? I mean, there's not even descriptions that go along with any of these tools...
Register for Dark Reading Newsletters
White Papers
Flash Poll
Current Issue
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2011-0460
Published: 2014-04-16
The init script in kbd, possibly 1.14.1 and earlier, allows local users to overwrite arbitrary files via a symlink attack on /dev/shm/defkeymap.map.

CVE-2011-0993
Published: 2014-04-16
SUSE Lifecycle Management Server before 1.1 uses world readable postgres credentials, which allows local users to obtain sensitive information via unspecified vectors.

CVE-2011-3180
Published: 2014-04-16
kiwi before 4.98.08, as used in SUSE Studio Onsite 1.2 before 1.2.1 and SUSE Studio Extension for System z 1.2 before 1.2.1, allows attackers to execute arbitrary commands via shell metacharacters in the path of an overlay file, related to chown.

CVE-2011-4089
Published: 2014-04-16
The bzexe command in bzip2 1.0.5 and earlier generates compressed executables that do not properly handle temporary files during extraction, which allows local users to execute arbitrary code by precreating a temporary directory.

CVE-2011-4192
Published: 2014-04-16
kiwi before 4.85.1, as used in SUSE Studio Onsite 1.2 before 1.2.1 and SUSE Studio Extension for System z 1.2 before 1.2.1, allows attackers to execute arbitrary commands as demonstrated by "double quotes in kiwi_oemtitle of .profile."

Best of the Web