Articles about Snort

Snort 3 logo

Cisco to release flying pig – Snort 3.0

Cisco's going to release a flying pig. The porcine in question is Snort 3.0, a new version of Sourcefire's well-regarded intrusion protection system. Snort's mascot is a pig and Sourcefire has, over the years, had a lot of fun with toy pigs and calendars picturing its pig in provocative poses. That silliness is, happily, …
Simon Sharwood, 12 Dec 2014
SOURCE: http://www.sxc.hu/photo/959469

Nothing to sniff at: Cisco finishes $2.8bn gobble of Snort'ing guy's Sourcefire

Intrusion prevention's a hot topic in the world of security, as reflected in the $2.8bn price tag Cisco has paid to complete the acquisition of network security specialists Sourcefire. The purchase - which was announced in July - is the largest security firm purchase since Intel's $7.7bn acquisition of McAfee in 2010. And it's a …
Iain Thomson, 09 Oct 2013
The Register breaking news

Snort team aim to scent malformed email attachments

Interview The developers behind Snort, the open source intrusion detection system, are pushing ahead with a project to develop a system for detecting malformed documents in a bid to provide early warnings about targeted attacks. Razorback is designed to complement traditional anti-virus products by providing a warning about maliciously …
John Leyden, 19 May 2011

Cisco splats Bash bug in busy swatting season

Cisco has begun its response to the Bash “Shell Shocked” vulnerability, the 20-year-old bug that's sent the *nix world into a frenzy. It's going to be a long slog for the Borg, but in its advisory, Cisco has so far identified 31 individual products vulnerable to Shell Shocked, compared to seven confirmed not vulnerable. Another …
The Register breaking news

Burglars snort dead dad's ashes

Florida cops have cuffed a burglary gang who broke into a house and stole the ashes of the owner's father, believing they were illicit narcotics. The victim returned to her Silver Springs residence to discover she was short of a few items, including electronics and jewellery. Rather more disturbing was the absence of the ashes …
Lester Haines, 20 Jan 2011
Flytrap

Security chap writes recipe for Raspberry Pi honeypot network

Honeypots are the perfect bait for corporate IT shops to detect hackers targeting and already within their networks and now one security bod has devised a means to build a battalion of the devices from Raspberry Pis. University of Arizona student Nathan Yee (@nathanmyee) has published instructions for building cheap hardware …
Darren Pauli, 01 Aug 2014
channel

Snort bug is nothing to sniff at

Snort and Sourcefire users are urged to update their intrusion detection software following the discovery of a potentially serious security vulnerability. A stack-based buffer overflow security bug in the preprocessor handling DCE/RPC traffic means hackers could inject hostile code onto systems running the popular open source …
John Leyden, 20 Feb 2007
chart

Snort plugs Back Orifice as Oracle issues mega-fix

Patch roundup Wednesday became a busy patching day for sys admins with the release of Oracle's quarterly patch roundup - boasting an impressive 85 software fixes - and an update designed to defend the popular Snort open source intrusion detection application against possible hacker attack. Oracle's mega update covers a variety of security …
John Leyden, 19 Oct 2005

Security products: Best of breed or create your own monster?

IT security is not just about antivirus or firewall products anymore. There is a whole layer cake of different product types designed to protect your organisation in different ways. It is a stack, in much the same way as TCP-IP networking or web server functionality has stacks of functionality. The question is, what's the best …
Danny Bradbury, 07 Nov 2014
colbert

RSA booked TV's Stephen Colbert to give the final speech. This is what happened next

RSA 2014 Comedian Stephen Colbert closed down the RSA 2014 conference in San Francisco on Friday with a characteristically smart yet snarky roasting for his hosts, the NSA, and Edward Snowden. "RSA developed this conference in 1991 as a forum for cryptographers to gather and talk shop, and I assume breed with one another. Of course …
Iain Thomson, 01 Mar 2014
SOURCE: http://www.sxc.hu/photo/959469

Cisco coughs $2.7bn for Sourcefire

Cisco has dug deep and found $2.7bn for intrusion prevention security player Sourcefire. Sourcefire started out in intrusion detection/intrusion prevention but expanded over the years to add next-generation firewall and advanced malware protection wares to its portfolio. Cisco reckons the acquisition will accelerate the …
John Leyden, 23 Jul 2013
The Register breaking news

US Navy robot kill-choppers to drop auto-snort podules

The US Navy has awarded funds to develop a self-contained remote electronic sniffer unit which could be delivered to the holds of suspect vessels by a robot helicopter to detect "chemical, explosive, and illegal drug residues". The Fire Scout robo-chopper in sea trials Soon with droppable remote drug-sniffer bugs. VIASPACE …
Lewis Page, 21 Oct 2008
The Register breaking news

Snort coke, shaft the environment, say boffins

Snorting cocaine is an environmental crime whatever your views on drug use, scientists declared last week. A panel of scientists meeting at the Natural History Museum in London last week detailed how the production of the drug and its trafficking affect biodiversity and contribute to climate change. The production of a gram of …
Barbara Axt, 30 Mar 2008

Ballmer: 'Microsoft would have a stronger position if I could redo the last TEN YEARS'

Quotw This was the week when MtGox finally admitted that it had probably lost all its Bitcoin investors' money, although it refused to give any definitive statements. The one-time top digital currency exchange said on its website: At the start of February 2014, illegal access through the abuse of a bug in the bitcoin system resulted …
VMware logo

VMware sucks server and app logs into vCenter control freak

Server virtualization juggernaut and cloud builder and parts supplier VMware is bolting more capabilities onto its vCenter management tools with the launch of a new module called Log Insight. As the name suggests, vCenter Log Insight is designed to ingest and analyze the operational data that is generated by servers, storage …
The Register breaking news

Sourcefire jumps into anti-malware market

Sourcefire, the security biz behind the commercial versions of the open-source Snort intrusion-detection software, is bowling itself at enterprises and touting tech designed to quickly detect and block malware outbreaks. FireAMP offers a malware discovery and analysis tool that offers visibility of threats and outbreak control. …
John Leyden, 23 Jan 2012
The Register breaking news

US gov blames Iran for cyberattacks on American banks

Denial-of-service attacks against US banks' web systems were the work of Iran rather than Islamic activists, says a former American government official. A group called the Izz ad-Din al-Qassam Cyber Fighters claimed responsibility for two waves of cyber-attacks against US banks including US Bancorp, Bank of America, Citigroup, …
John Leyden, 09 Jan 2013
The Register breaking news

RIM invites BlackBerry users into MS Office cloud beta

BlackBerry users wanting to get into Microsoft's cloudy Office 365 only have a few months to wait, and the properly impatient can sign up for the beta this month. The Office 365 service will be hosted by RIM and offered free to users; access will be granted to all comers next January, but an open beta launches later this month …
Bill Ray, 04 Oct 2011
The Register breaking news

Battle joined for future of open source IPS

Analysis The battle to develop the next generation of open source intrusion prevention systems (IPS) technology is intensifying between incumbent Snort and a US government-backed project, the Open Information Security Foundation (OISF). Disagreements over technical issues such as the relative importance of developing IPS systems that …
John Leyden, 27 Jul 2010
North Anna Power Plant

SCADA honeypots attract swarm of international hackers

Vulnerable internet-facing industrial systems controlling crucial equipment used by power plants, airports, factories and other critical systems are subjected to sustained attacks within hours of appearing online, according to new honeypot-based research by Trend Micro. The security weaknesses of SCADA (supervisory control and …
John Leyden, 20 Mar 2013
channel

Rapid7 penetrates Metaspolit

Vulnerability management firm Rapid7 has acquired Metasploit, the popular open source dual-use penetration testing and hacking tool. Commercial terms of the deal were not disclosed. The deal means that the Metasploit project will receive commercial backing, so furthering its development. A non-commercial version of the tool will …
John Leyden, 23 Oct 2009
channel

Check Point Snorts up Sourcefire

Check Point has promised to support the open source Snort community following a $225m cash and stock acquisition of security tools firm Sourcefire last week. The deal, which is subject to regulatory approval, is expected to close in Q106. Sourcefire founder Martin Roesch developed the popular Snort intrusion prevention before …
John Leyden, 11 Oct 2005
thumbs down teaser 75

Sourcefire snorts at unsolicited takeover bid

Sourcefire has rejected an unsolicited takeover bid from Barracuda Networks. The firm, which develops a commercial version of Snort, the popular open source intrusion detection tool, said Barracuda's $187m bid "substantially undervalues" Sourcefire. In a terse statement on Friday, Sourcefire's board said it was better off as a …
John Leyden, 30 May 2008
Pacman

Third Brigade annexes open source intrusion detection tech

OSSEC, the open source host-based intrusion detection project, has been snapped up by Third Brigade, a commercial firm in the same information security sub-market. Terms of the deal, announced on Tuesday, were undisclosed. Daniel Cid, creator and primary developer for OSSEC, has become the principal researcher at Third Brigade, …
John Leyden, 20 Jun 2008
The Register breaking news

Sourcefire eyes acquisitions

Security vendor Sourcefire, which went public last month, said tougher corporate governance regulations are making it more difficult and more expensive to float. Sourcefire represents a rare example of a security firm staging an IPO, a feat only a handful of firms have succeeded in doing in the last five years. A more frequent …
John Leyden, 26 Apr 2007
The Register breaking news

Fortinet launches rare net security IPO

Fortinet has set a price of $12.50 a share for its initial public offering on Wednesday. If all goes to plan, the security appliance firm and its investors stand to rake in a more than $156m through the offer. Fortinet shares are due to begin trading on Nasdaq on 18 November under the ticker symbol "FTNT", as part of the first …
John Leyden, 18 Nov 2009
The Register breaking news

Fortinet plots rare IT security IPO

All in one security appliance firm Fortinet has announced plans to go public on the stock exchange. The firm announced on Monday that it has filed a S-1 registration statement with the US Securities and Exchange Commission on a proposed initial public offering of its stock, marking the first stage in the sometimes complicated …
John Leyden, 10 Aug 2009
Samsung RF711

Samsung RF711 17.3in Core i7 laptop

Review It’s not unusual for desktop replacements to have a bit of heft, but Samsung’s RF711 positively throws caution to the wind. Tipping the scales at an obese 2.9kg and measuring 416mm across (almost one-and-a-half feet), it’s only a laptop in the sense that the screen folds down to cover the keyboard when you’ve finished using it. …
Dave Stevenson, 11 Jul 2011
fingers pointing at man

Network security vulns keep sysadmins busy

Sysadmins can look forward to clocking some overtime this week after Cisco warned of flaws in how its core operating system handles malformed Secure Sockets Layer (SSL) traffic. Several types of SSL messages (such as ClientHello and ChangeCipherSpec), when malformed, can crash vulnerable appliances running IOS, which are …
John Leyden, 23 May 2007
channel

GigaStor to hunt zero-day breaches

CeBIT Your intrusion detection system (IDS) may have just downloaded a new security rule, but you have no way of knowing if your network has already been hit by the exploit in a zero-day attack, says Network Instruments. The company claims the latest update of its GigaStor network traffic recorder could help you find out, however, …
Bryan Betts, 14 Mar 2007
The Register breaking news

Kipping at your desk is highly productive, say boffins

Splendid news for those among us who occasionally wake up with a snort at our desks, hastily wiping drool off our chins and looking around guiltily. Boffins have annouced that a brief zizz during the day enhances performance and makes people more efficient and productive. According to Matthew Walker, a trick-cyclist out of UC …
Lewis Page, 22 Feb 2010
channel

Nominum on the back foot over open source attacks

Commercial DNS software firm Nominum has responded to the backlash against its criticism of open source alternatives. During interviews promoting its recently launched cloud-based DNS (Domain Name System) service, SKYE, Nominum slammed open source and freeware DNS packages as a recipe for security problems. During a question and …
John Leyden, 02 Oct 2009
The Register breaking news

Microsoft confirms IIS bug gives complete server control

Microsoft has confirmed a vulnerability in its Internet Information Services webserver and spelled out the conditions under which it can be exploited to give an attacker complete control of the server on which it runs. The good news: As previously reported, remote execution of malicious code can be triggered only in limited …
Dan Goodin, 02 Sep 2009
The Register breaking news

What you can do to enforce endpoint security

Thirty years after the PC was launched, security and management problems for the endpoint seem to be getting worse rather than better. PCs have become more functional, creating a greater surface area for attack. And the number of endpoint devices has proliferated, as tablets, netbooks and smartphones have entered the fray. The …
Danny Bradbury, 27 Dec 2011
The Register breaking news

Robo-warship sub hunter: Free DARPA crowdsauce game

No doubt regular readers will recall the US military's cunning plan to develop unmanned submarine-hunting robotic frigates - warships which would prowl the oceans like automated Mary Celestes, remorselessly tracking enemy submarines regardless of how their pale, sweaty, malodorous captains* might twist and turn. Screenshot from …
Lewis Page, 07 Apr 2011
The Register breaking news

Dutch send submarine to fight Somali pirates

International naval forces battling piracy in the lawless seas off the Horn of Africa are to be joined for the first time by a submarine. A single Dutch Walrus-class boat will operate in the area from September to November this year as part of NATO's Operation Ocean Shield taskforce. HNLMS Dolfijn leaving Portsmouth. Credit: …
Lewis Page, 30 Jun 2010
The Register breaking news

India to place $11bn order for AIP hi-tech submarines

Indian defence chiefs have approved $11bn of funds to boost the country's submarine fleet. The cash is intended to see India become the first non-Western nation to deploy long-touted, much feared "air independent propulsion" (AIP) submarine technology. The Times of India reports that 50,000 crores of rupees (500 billion rupees, …
Lewis Page, 14 Jul 2010
cable

Fraunhofer boffins: Laser printers safe after all

Scientists from Germany's renowned Fraunhofer institutes have concluded that the much-hyped issue of laser printers emitting deadly toxic clouds of toner particles is essentially bunk. Printers do emit small amounts of volatile organic chemicals, but so do toasters. Various researchers had theorised that laser printers might be …
Lewis Page, 03 Dec 2008
The Register breaking news

Nasty Toryboy bloggers ate my politics, claims Blears

Cynical, viciously nihilist bloggers are destroying British political culture, claims Communities Secretary Hazel Blears. And furthermore, she is due to say today in a speech to the Hansard Society, they're all Tories. "The most popular blogs are rightwing," claims Blears, "ranging from the considered Tory views of Iain Dale, to …
John Lettice, 05 Nov 2008
The Register breaking news

World's power grids infested with (more) SCADA bugs

Areva Inc. - a Paris-based company that serves nuclear, wind, and fossil-fuel power companies - is warning customers to upgrade a key piece of energy management software following the discovery of security bugs that leaves it vulnerable to hijacking. The vulnerabilities affect multiple versions of Areva's e-terrahabitat package …
Dan Goodin, 05 Feb 2009
The Register breaking news

Cocaine found on 99.9% of UK banknotes

Pretty well every banknote in the UK shows traces of cocaine, forensic scientists have claimed. According to a report in the Sunday Telegraph, 99.9 per cent of the two billion notes currently in circulation have come into contact with Bolivian marching powder. Bristol-based company Mass Spec Analytical tested over "1,500 £10 …
Lester Haines, 08 Jan 2007
chart

Feds nix Check Point's Sourcefire bid

A takeover bid by an Israeli firewall firm has become the latest victim of US security protectionism. Check Point Software has dropped its bid for US rival Sourcefire after objections from the FBI and Pentagon were heard by the Treasury's Committee on Foreign Investments. The Committee has also overseen the recent rumpus …
The Register breaking news

Popular packet sniffing packages contaminated by Trojan

Users are warned to be vigilant after trojanised versions of popular packet sniffing packages were posted on well known download sites. A detailed alert from members of the Houston Linux users group warns that trojanised versions of Libpcap, used as a packet sniffing library in programs like Snort (the open source IDS package …
John Leyden, 14 Nov 2002
The Register breaking news

New-age cyber-attack inflicts major damage with modest means

A sustained cyber-attack against a handful of niche pornography sites has demonstrated a novel way to inflict major damage on hardened targets using a modest amount of data, a security researcher has warned. The technique - which tricks the net's authoritative name servers into bombarding innocent victims with more data than …
Dan Goodin, 10 Feb 2009
The Register breaking news

Sourcefire touts 'smart' network defence

Sourcefire, the company founded by the creator of the open source Snort intrusion detection system, has added improved vulnerability detection technology to help customers bolster their security defences. The real time network analysis offered by its Sourcefire 3D system can place security events in context and thereby help …
John Leyden, 28 Oct 2004
The Register breaking news

MPAA's uni piracy-busting toolkit forced offline

The Motion Picture Ass. of America (MPAA) has been forced to stop distributing its "University Toolkit" online after just one month because it may violate copyright laws. The attempt to quash movie piracy via BitTorrent was taken offline yesterday. A suite of open source applications was cobbled together to make colleges spy on …
cable

Patching is a pain...

Sysadmin Blog After a couple of pretty bad weeks, in which virtually everything that could conceivably have gone wrong has, things are finally starting to settle down. Despite a couple of “weeks from hell” in which my network survived virtually every “network down” scenario back to back, none of that actually bothers me. Some of these worst …
Trevor Pott, 02 Jun 2010
HP

HP ProCurve gets the NAC

HP ProCurve has dived into NAC (network access control), announcing an endpoint security appliance and Network Immunity - software that ties into a threat-detection appliance on one side and the network switches on the other, and uses 802.1X port control to lock out miscreants and network threats as they are detected. The two …
Bryan Betts, 18 Apr 2007
channel

Phony BBB email dupes more than 1,400 execs

A provider of online security services has uncovered a highly sophisticated phishing scheme that has already duped at least 1,400 US executives. They were fooled into sending sensitive information in response to an email purporting to come from officials at the Better Business Bureau. The ruse starts with an email addressed to …
Dan Goodin, 30 May 2007
The Register breaking news

119 iPad apps for admins, coders, and geeks

Part one: Apple's "magical and revolutionary" iPad is not just a toy for Jobsian fanbois — and The Reg has 119 tech-savvy apps to prove it. Today we launch our first installment of a Reg roundup of iPad apps that provide more utility than do fart-sharing, bubble-popping, and "Yo Mama!" joke-telling apps. We'll focus on items that can ease …
Rik Myslewski, 14 Aug 2010