Latest news
- ntoscan - a fast, accurate port scanner that discovers live hosts and their open ports, capable of banner grabbing, randomized scanning, and a powerful host and customization syntax
- ntoweb - a simple, accurate web server scanner that checks for known, common, high-exposure vulnerabilities
- ntoroute - a traceroute tool that collects data from each of the hosts to identify network architecture
- ntomap - a map generator that graphically documents the scanned network and quickly points out vulnerabilities, includes drill-down capabilities to quickly review host characteristics
- ntotrend - an analysis tool that compares data from multiple scans to track changes in network architecture and security posture
- ntowire - an Internet Information Server ISAPI filter that dynamically enforces strong security policy on web servers, capable of being updated with Snort signatures for greater security
Web Server Fingerprinting - The toolkit accurately identifies web server platforms regardless of banner or stack manipulation, even if a third party filter is obfuscating the information.
Advanced Page Proofing - While the rapid proliferation of "Custom 404 Pages" on today's sites encourages more user-friendly navigation, it creates unreliable results from scanners. By returning a successful response code, vulnerability scanners are deceived into believing that what they are checking for is really there, when in fact it is simply a custom error page. The Advanced Page Proofing technology in Fire & Water can determine whether a requested resource is really on the target, or whether it has been designed to return such custom error messages.
Smart Vulnerability Selection - By accurately identifying your web server platform, Fire & Water is able to select and execute only the vulnerabilities relevant to each target. This reduces traffic from each scan and eliminates errors and false positives due to bad server responses
Erik Caso, Director of Product Strategy at NT OBJECTives said: "We are working with a few very large beta testers like Intel and General Electric. The response has been very positive so far." What has improved as a result of the feedback from the beta testers is the reduction in the usage of resources the toolkit uses. What users can do now is choose how much resources they want to use, this gives them complete customization.
Spotlight
The CSO perspective on healthcare security and compliance
Posted on 20 May 2013. | Randall Gamby is the CSO of the Medicaid Information Service Center of New York. In this interview he discusses healthcare security and compliance challenges and offers a variety of tips.
Cyber espionage campaign uses professionally-made malware
Posted on 20 May 2013. | A massive cyber espionage campaign has been hitting government ministries, IT companies, academic research institutions, and more.
Ransomware adds password stealing to its arsenal
Posted on 17 May 2013. | Microsoft researchers are warning about a new variant of the well-known Reveton ransomware doing rounds.
IT security jobs: What's in demand and how to meet it
Posted on 15 May 2013. | Let's say you want a career in information security, where do you start? What credentials do you need? What are employers looking for? Read on to find some answers.
Hacking charge stations for electric cars
Posted on 15 May 2013. | Ofer Shezaf talks about what charge stations really are, why they have to be ‘smart’ and the potential risks created to the grid, to the car and most importantly to its owner’s privacy and safety.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.
 |
