Cipherdyne - cipherdyne.org - cipherdyne.org | System and Network Security
General Information:
Latest News:
Design of a New 'xbits' Cross-Stream IDS Keyword 23 Aug 2013 | 07:01 am
In the previous blog post a proposal was made for a new Snort and Suricata keyword "xbits" for cross-stream signature matching. This post had little discussion of implementation tradeoffs, and some ha...
Crossing the Streams in IDS Signature Languages 24 Jul 2013 | 07:01 am
This blog post is a proposal for a new SNORTĀ®/Suricata keyword "xbits" that could change how IDS signature developers approach detection of exploits that cross multiple streams. Today in both Snort an...
Software Release: fwknop-2.5 with HMAC Support 20 Jul 2013 | 07:01 am
After a long development cycle started over a year ago that has focused on how fwknop uses cryptography, the 2.5 release of fwknop is available for download. This release now includes support for HMAC...
Coverity Static Analysis and Open Source Software 4 Jul 2013 | 07:01 am
A few months ago Coverity announced that they would grant open source projects access to their "Scan" static analysis tool for free. This was certainly a bold move, and one that has the potential to i...
ShmooCon 2013 Talk on fwknop 23 Feb 2013 | 07:01 am
This past weekend at ShmooCon 2013 I gave a talk entitled "Generalized Single Packet Authorization for Cloud Computing Environments" (slides, video demo), and in this blog post I thought it appropriat...
Software Release - psad-2.2.1 3 Jan 2013 | 07:01 am
The 2.2.1 release of psad is available for download. This release adds new support for detecting a type of scan that psad has been previously blind to - IP protocol scanning (nmap -sO). Also in this r...
Software Release - fwsnort-1.6.3 23 Dec 2012 | 07:01 am
The 1.6.3 release of fwsnort is available for download. This release adds a new test suite in the test/ directory that sends fwsnort through its paces for both iptables and ip6tables firewalls, speeds...
Software Release - fwknop-2.0.4 10 Dec 2012 | 07:01 am
The fwknop-2.0.4 release of fwknop is available for download. This release includes new support for fuzzing the SPA protocol powered by the perl FKO module along with a set of patches designed to brea...
Tutorial on Single Packet Authorization with fwknop 9 Oct 2012 | 07:01 am
One thing that has been requested a few times is a tutorial on how to use fwknop, so here it is: "Single Packet Authorization: A Comprehensive Guide to Strong Service Hardening with fwknop". This docu...
Single Packet Authorization: The fwknop Approach 11 Sep 2012 | 07:01 am
There are many different port knocking implementations out there, and a few that take things to the next level with Single Packet Authorization. All PK/SPA implementations have three primary goals: 1)...