Open source IDS Suricata 1.3 released
Posted on 09 July 2012.
Suricata is a network intrusion detection and prevention engine developed by the Open Information Security Foundation and its supporting vendors.


Several characteristics of Suricata make it appropriate for tackling today’s security threats including:
  • An open source engine. The power of the community works well within IT security defenses, as a community is more effective than a single organization at capturing characteristics of emerging threats.
  • Multi-threaded. A multi-threaded architecture allows the engine to take advantage of the multiple core and multiple processor architectures of today’s systems.
  • Supports IP reputation. By incorporating reputation and signatures into its engine, Suricata can flag traffic from known nefarious origins.
  • Automated protocol detection. Preprocessors automatically identify the protocol used in a network stream and apply the appropriate rules, regardless of numerical port.
New features in version 1.3 include:
  • TLS/SSL handshake parser and rule keywords for detecting anomolies in TLS/SSL traffic
  • HTTP user agent keyword for matching directly on User-Agent header
  • On the fly MD5 calculation and matching for files in HTTP streams.





Spotlight

Android Fake ID bug allows malware to impersonate trusted apps

Posted on 29 July 2014.  |  Bluebox Security researchers unearthed a critical Android vulnerability which can be used by malicious applications to impersonate specially recognized trusted apps - and get all the privileges they have - without the user being none the wiser.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Tue, Jul 29th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //