Articles about Snort

Defence in depth: Don't let your firm's security become a boondoggle

Information security (infosec) isn’t a game for amateurs. No one solution will do. Proper information security requires defence in depth: layers of technologies, techniques, best practices and incident response woven together into the tapestry of everyday operations. Unfortunately, hiring professionals is no guarantee that …
Trevor Pott, 15 Apr 2016
band_aid_648

Cisco, Snort scramble to plug malware hole

A URL sanitisation bug has Cisco pushing a patch for its Firepower system software. As the advisory for CVE-2016-1345 explains, the software doesn't properly validate fields in HTTP headers. A crafted HTTP request can bypass malicious file detection, or could block policies configured on the system. Sysadmins can check …
Toilet roll printed with fake US $100 bills

HP Inc won't shake you down for ink in 3D printer era, says CTO

Interview HP Inc is threatening to bring an era of open platforms to 3D printing, one it claims will turn the well used – and much criticised – ink toner supplies biz model on its head. So how exactly does HP expect to print money when it is actually using thermo-plastics? There's one buzz word on the tip of the CTO's tongue – …
Paul Kunert, 23 Mar 2016
Cartoon - Private SNAFU

It's 2016 and a font file can own your computer

Updated Cisco-owned Talos has announced a bunch of font library bugs present in apps running on Windows and Linux, affecting client and-server-side machines. The problem is in the Libgraphite library, and means that applications using the library to load .TTF font files can inherit its vulnerabilities. All that's needed for a …

Cisco hooks Angler Exploit Kit infrastructure

Security researchers at Cisco have struck a blow against crooks behind the notorious Angler Exploit Kit, blocking or re-routing access around dangerous domains on the interwebs. Angler has been linked to high-profile malvertising and ransomware campaigns over recent months. The utility uses software vulnerabilities (in …
John Leyden, 06 Oct 2015
The Shining - blood cascade

SYNful Knock spreads: embaddened boxen in 31 countries

Cisco's moved to sweep up routers compromised by the firmware vulnerability that first emerged in August and which FireEye/Mandiant last week found in the wild. The router implant, now dubbed SYNful Knock (because you can no longer have a vulnerability without a brand), was spotted in the wild in machines in the Ukraine, the …

Vegan eats BeEf, gets hooked

Botnet slaughterer Brian Wallace has created a module to detect when attackers are using the popular browser-busting BeEF hacking framework. The Chrome extension codenamed Vegan allows victims to detect when attackers have hooked their web browser instances using the enormously powerful Browser Exploit Framework. Vegan could …
Darren Pauli, 26 Jun 2015

'We will SNORT UP CRYSTAL DUST and then do a MAJOR software update'

NASA boffins are planning to pulverise a dried-up deposit from the surface of Mars and then snort up and "ingest" the resulting crystalline dust before performing a major software update, they have announced. The crystal snorting will of course be done by robotic means, through the agency of the nuclear powered, raygun-armed, …
Lewis Page, 15 Jan 2015

Open Source's 2014: MS 'cancer' embrace, NASDAQ listings and a quiet dog

Ho hum. Another year, another slew of open source announcements that prove the once-maligned development methodology is now so mainstream as to be tedious. Running most of the world’s most powerful supercomputers? Been there, done that. Giving retailers the ability to deliver highly customized paper coupons to consumers based on …
Matt Asay, 27 Dec 2014
Snort 3 logo

Cisco to release flying pig – Snort 3.0

Cisco's going to release a flying pig. The porcine in question is Snort 3.0, a new version of Sourcefire's well-regarded intrusion protection system. Snort's mascot is a pig and Sourcefire has, over the years, had a lot of fun with toy pigs and calendars picturing its pig in provocative poses. That silliness is, happily, …
Simon Sharwood, 12 Dec 2014

Security products: Best of breed or create your own monster?

IT security is not just about antivirus or firewall products anymore. There is a whole layer cake of different product types designed to protect your organisation in different ways. It is a stack, in much the same way as TCP-IP networking or web server functionality has stacks of functionality. The question is, what's the best …
Danny Bradbury, 07 Nov 2014

Cisco splats Bash bug in busy swatting season

Cisco has begun its response to the Bash “Shell Shocked” vulnerability, the 20-year-old bug that's sent the *nix world into a frenzy. It's going to be a long slog for the Borg, but in its advisory, Cisco has so far identified 31 individual products vulnerable to Shell Shocked, compared to seven confirmed not vulnerable. Another …
Flytrap

Security chap writes recipe for Raspberry Pi honeypot network

Honeypots are the perfect bait for corporate IT shops to detect hackers targeting and already within their networks and now one security bod has devised a means to build a battalion of the devices from Raspberry Pis. University of Arizona student Nathan Yee (@nathanmyee) has published instructions for building cheap hardware …
Darren Pauli, 01 Aug 2014

Ballmer: 'Microsoft would have a stronger position if I could redo the last TEN YEARS'

Quotw This was the week when MtGox finally admitted that it had probably lost all its Bitcoin investors' money, although it refused to give any definitive statements. The one-time top digital currency exchange said on its website: At the start of February 2014, illegal access through the abuse of a bug in the bitcoin system …
colbert

RSA booked TV's Stephen Colbert to give the final speech. This is what happened next

RSA 2014 Comedian Stephen Colbert closed down the RSA 2014 conference in San Francisco on Friday with a characteristically smart yet snarky roasting for his hosts, the NSA, and Edward Snowden. "RSA developed this conference in 1991 as a forum for cryptographers to gather and talk shop, and I assume breed with one another. Of course …
Iain Thomson, 01 Mar 2014
SOURCE: http://www.sxc.hu/photo/959469

Nothing to sniff at: Cisco finishes $2.8bn gobble of Snort'ing guy's Sourcefire

Intrusion prevention's a hot topic in the world of security, as reflected in the $2.8bn price tag Cisco has paid to complete the acquisition of network security specialists Sourcefire. The purchase - which was announced in July - is the largest security firm purchase since Intel's $7.7bn acquisition of McAfee in 2010. And it's a …
Iain Thomson, 09 Oct 2013
SOURCE: http://www.sxc.hu/photo/959469

Cisco coughs $2.7bn for Sourcefire

Cisco has dug deep and found $2.7bn for intrusion prevention security player Sourcefire. Sourcefire started out in intrusion detection/intrusion prevention but expanded over the years to add next-generation firewall and advanced malware protection wares to its portfolio. Cisco reckons the acquisition will accelerate the …
John Leyden, 23 Jul 2013
VMware logo

VMware sucks server and app logs into vCenter control freak

Server virtualization juggernaut and cloud builder and parts supplier VMware is bolting more capabilities onto its vCenter management tools with the launch of a new module called Log Insight. As the name suggests, vCenter Log Insight is designed to ingest and analyze the operational data that is generated by servers, storage …
North Anna Power Plant

SCADA honeypots attract swarm of international hackers

Vulnerable internet-facing industrial systems controlling crucial equipment used by power plants, airports, factories and other critical systems are subjected to sustained attacks within hours of appearing online, according to new honeypot-based research by Trend Micro. The security weaknesses of SCADA (supervisory control and …
John Leyden, 20 Mar 2013
The Register breaking news

US gov blames Iran for cyberattacks on American banks

Denial-of-service attacks against US banks' web systems were the work of Iran rather than Islamic activists, says a former American government official. A group called the Izz ad-Din al-Qassam Cyber Fighters claimed responsibility for two waves of cyber-attacks against US banks including US Bancorp, Bank of America, Citigroup, …
John Leyden, 09 Jan 2013
The Register breaking news

Sourcefire jumps into anti-malware market

Sourcefire, the security biz behind the commercial versions of the open-source Snort intrusion-detection software, is bowling itself at enterprises and touting tech designed to quickly detect and block malware outbreaks. FireAMP offers a malware discovery and analysis tool that offers visibility of threats and outbreak control. …
John Leyden, 23 Jan 2012
The Register breaking news

What you can do to enforce endpoint security

Thirty years after the PC was launched, security and management problems for the endpoint seem to be getting worse rather than better. PCs have become more functional, creating a greater surface area for attack. And the number of endpoint devices has proliferated, as tablets, netbooks and smartphones have entered the fray. The …
Danny Bradbury, 27 Dec 2011
The Register breaking news

RIM invites BlackBerry users into MS Office cloud beta

BlackBerry users wanting to get into Microsoft's cloudy Office 365 only have a few months to wait, and the properly impatient can sign up for the beta this month. The Office 365 service will be hosted by RIM and offered free to users; access will be granted to all comers next January, but an open beta launches later this month …
Bill Ray, 04 Oct 2011
Samsung RF711

Samsung RF711 17.3in Core i7 laptop

Review It’s not unusual for desktop replacements to have a bit of heft, but Samsung’s RF711 positively throws caution to the wind. Tipping the scales at an obese 2.9kg and measuring 416mm across (almost one-and-a-half feet), it’s only a laptop in the sense that the screen folds down to cover the keyboard when you’ve finished using it. …
Dave Stevenson, 11 Jul 2011
The Register breaking news

Snort team aim to scent malformed email attachments

Interview The developers behind Snort, the open source intrusion detection system, are pushing ahead with a project to develop a system for detecting malformed documents in a bid to provide early warnings about targeted attacks. Razorback is designed to complement traditional anti-virus products by providing a warning about maliciously …
John Leyden, 19 May 2011
The Register breaking news

Robo-warship sub hunter: Free DARPA crowdsauce game

No doubt regular readers will recall the US military's cunning plan to develop unmanned submarine-hunting robotic frigates - warships which would prowl the oceans like automated Mary Celestes, remorselessly tracking enemy submarines regardless of how their pale, sweaty, malodorous captains* might twist and turn. Screenshot …
Lewis Page, 07 Apr 2011
The Register breaking news

Burglars snort dead dad's ashes

Florida cops have cuffed a burglary gang who broke into a house and stole the ashes of the owner's father, believing they were illicit narcotics. The victim returned to her Silver Springs residence to discover she was short of a few items, including electronics and jewellery. Rather more disturbing was the absence of the ashes …
Lester Haines, 20 Jan 2011
The Register breaking news

119 iPad apps for admins, coders, and geeks

Part one: Apple's "magical and revolutionary" iPad is not just a toy for Jobsian fanbois — and The Reg has 119 tech-savvy apps to prove it. Today we launch our first installment of a Reg roundup of iPad apps that provide more utility than do fart-sharing, bubble-popping, and "Yo Mama!" joke-telling apps. We'll focus on items that can …
Rik Myslewski, 14 Aug 2010
The Register breaking news

Battle joined for future of open source IPS

Analysis The battle to develop the next generation of open source intrusion prevention systems (IPS) technology is intensifying between incumbent Snort and a US government-backed project, the Open Information Security Foundation (OISF). Disagreements over technical issues such as the relative importance of developing IPS systems that …
John Leyden, 27 Jul 2010
The Register breaking news

India to place $11bn order for AIP hi-tech submarines

Indian defence chiefs have approved $11bn of funds to boost the country's submarine fleet. The cash is intended to see India become the first non-Western nation to deploy long-touted, much feared "air independent propulsion" (AIP) submarine technology. The Times of India reports that 50,000 crores of rupees (500 billion rupees …
Lewis Page, 14 Jul 2010
The Register breaking news

Dutch send submarine to fight Somali pirates

International naval forces battling piracy in the lawless seas off the Horn of Africa are to be joined for the first time by a submarine. A single Dutch Walrus-class boat will operate in the area from September to November this year as part of NATO's Operation Ocean Shield taskforce. HNLMS Dolfijn leaving Portsmouth. Credit: …
Lewis Page, 30 Jun 2010
cable

Patching is a pain...

Sysadmin Blog After a couple of pretty bad weeks, in which virtually everything that could conceivably have gone wrong has, things are finally starting to settle down. Despite a couple of “weeks from hell” in which my network survived virtually every “network down” scenario back to back, none of that actually bothers me. Some of these worst …
Trevor Pott, 02 Jun 2010
The Register breaking news

Kipping at your desk is highly productive, say boffins

Splendid news for those among us who occasionally wake up with a snort at our desks, hastily wiping drool off our chins and looking around guiltily. Boffins have annouced that a brief zizz during the day enhances performance and makes people more efficient and productive. According to Matthew Walker, a trick-cyclist out of UC …
Lewis Page, 22 Feb 2010
The Register breaking news

Fortinet launches rare net security IPO

Fortinet has set a price of $12.50 a share for its initial public offering on Wednesday. If all goes to plan, the security appliance firm and its investors stand to rake in a more than $156m through the offer. Fortinet shares are due to begin trading on Nasdaq on 18 November under the ticker symbol "FTNT", as part of the first …
John Leyden, 18 Nov 2009
channel

Rapid7 penetrates Metaspolit

Vulnerability management firm Rapid7 has acquired Metasploit, the popular open source dual-use penetration testing and hacking tool. Commercial terms of the deal were not disclosed. The deal means that the Metasploit project will receive commercial backing, so furthering its development. A non-commercial version of the tool will …
John Leyden, 23 Oct 2009
channel

Nominum on the back foot over open source attacks

Commercial DNS software firm Nominum has responded to the backlash against its criticism of open source alternatives. During interviews promoting its recently launched cloud-based DNS (Domain Name System) service, SKYE, Nominum slammed open source and freeware DNS packages as a recipe for security problems. During a question and …
John Leyden, 02 Oct 2009
The Register breaking news

Microsoft confirms IIS bug gives complete server control

Microsoft has confirmed a vulnerability in its Internet Information Services webserver and spelled out the conditions under which it can be exploited to give an attacker complete control of the server on which it runs. The good news: As previously reported, remote execution of malicious code can be triggered only in limited …
Dan Goodin, 02 Sep 2009
The Register breaking news

Fortinet plots rare IT security IPO

All in one security appliance firm Fortinet has announced plans to go public on the stock exchange. The firm announced on Monday that it has filed a S-1 registration statement with the US Securities and Exchange Commission on a proposed initial public offering of its stock, marking the first stage in the sometimes complicated …
John Leyden, 10 Aug 2009
The Register breaking news

New-age cyber-attack inflicts major damage with modest means

A sustained cyber-attack against a handful of niche pornography sites has demonstrated a novel way to inflict major damage on hardened targets using a modest amount of data, a security researcher has warned. The technique - which tricks the net's authoritative name servers into bombarding innocent victims with more data than …
Dan Goodin, 10 Feb 2009
The Register breaking news

World's power grids infested with (more) SCADA bugs

Areva Inc. - a Paris-based company that serves nuclear, wind, and fossil-fuel power companies - is warning customers to upgrade a key piece of energy management software following the discovery of security bugs that leaves it vulnerable to hijacking. The vulnerabilities affect multiple versions of Areva's e-terrahabitat package …
Dan Goodin, 05 Feb 2009
cable

Fraunhofer boffins: Laser printers safe after all

Scientists from Germany's renowned Fraunhofer institutes have concluded that the much-hyped issue of laser printers emitting deadly toxic clouds of toner particles is essentially bunk. Printers do emit small amounts of volatile organic chemicals, but so do toasters. Various researchers had theorised that laser printers might …
Lewis Page, 03 Dec 2008
The Register breaking news

Nasty Toryboy bloggers ate my politics, claims Blears

Cynical, viciously nihilist bloggers are destroying British political culture, claims Communities Secretary Hazel Blears. And furthermore, she is due to say today in a speech to the Hansard Society, they're all Tories. "The most popular blogs are rightwing," claims Blears, "ranging from the considered Tory views of Iain Dale, to …
John Lettice, 05 Nov 2008
The Register breaking news

US Navy robot kill-choppers to drop auto-snort podules

The US Navy has awarded funds to develop a self-contained remote electronic sniffer unit which could be delivered to the holds of suspect vessels by a robot helicopter to detect "chemical, explosive, and illegal drug residues". The Fire Scout robo-chopper in sea trials Soon with droppable remote drug-sniffer bugs. VIASPACE …
Lewis Page, 21 Oct 2008
The Register breaking news

Cap, trade, subsidise - Obama's energy plan goes off piste

One of the huge surprises of the way that climate change is being discussed and the way we ought to try to deal with it, is that the orthodox economists have won. We don't have crazed Naderites screaming that carbon must be regulated and legislated out of business, as we did only a couple of decades ago with chlorofluorocabons …
Tim Worstall, 23 Jun 2008
Pacman

Third Brigade annexes open source intrusion detection tech

OSSEC, the open source host-based intrusion detection project, has been snapped up by Third Brigade, a commercial firm in the same information security sub-market. Terms of the deal, announced on Tuesday, were undisclosed. Daniel Cid, creator and primary developer for OSSEC, has become the principal researcher at Third Brigade, …
John Leyden, 20 Jun 2008
thumbs down teaser 75

Sourcefire snorts at unsolicited takeover bid

Sourcefire has rejected an unsolicited takeover bid from Barracuda Networks. The firm, which develops a commercial version of Snort, the popular open source intrusion detection tool, said Barracuda's $187m bid "substantially undervalues" Sourcefire. In a terse statement on Friday, Sourcefire's board said it was better off as a …
John Leyden, 30 May 2008

Snort coke, shaft the environment, say boffins

Snorting cocaine is an environmental crime whatever your views on drug use, scientists declared last week. A panel of scientists meeting at the Natural History Museum in London last week detailed how the production of the drug and its trafficking affect biodiversity and contribute to climate change. The production of a gram of …
Barbara Axt, 30 Mar 2008
Flag Russia

'Ragtag' Russian army shows the new face of DDoS attacks

In late April, a Russian-speaking blogger upset with recent events in Estonia posted a series of dispatches calling on like-minded people to attack government servers in that country. "They're really fascists," the user, who went by the name of VolchenoK, wrote of Estonian government officials, according to this translation. " …
Dan Goodin, 04 Jan 2008
The Register breaking news

MPAA's uni piracy-busting toolkit forced offline

The Motion Picture Ass. of America (MPAA) has been forced to stop distributing its "University Toolkit" online after just one month because it may violate copyright laws. The attempt to quash movie piracy via BitTorrent was taken offline yesterday. A suite of open source applications was cobbled together to make colleges spy on …
The Register breaking news

Naked builders hate ugly logos, but don't frequent Google Maps

Friday again, folks, and you, our very own chattering masses, have been pressing enter like crazy. We'll start with an issue that seemed to unite us all for a few days. The London 2012 Olympics logo was launched on Monday to universal derision. Opinions were divided over what it was meant to be and what it actually looks like, …
Robin Lettice, 08 Jun 2007