OISF Release Suricata

The Open Information Security Foundation has released Suricata.

From the OISF website :

The Suricata Engine is an Open Source Next Generation Intrusion Detection and Prevention Engine. This engine is not intended to just replace or emulate the existing tools in the industry, but will bring new ideas and technologies to the field.

Currently (as of version 0.8), the Suricata engine has the following features :

  • Multi-threaded
  • Automatic Protocol Detection
  • Gzip Decompression
  • Independent HTP Library (HTTP Parser from Ivan Ristic)
  • Standard Input Methods
  • Unified2 Output
  • Flow Variables
  • Fast IP Matching
  • HTTP Log Module

If you’re interested to learn more about it, please do visit OISF website.

But beware that at this moment, Suricata is still in beta phase, so you might want to test it before using it in the production site.

Updating Nessus Plugin Feed

Nessus is an active vulnerability scanner. It is a client and server software. Currently it is available for several platforms :

  • Linux: Fedora 10 (i386 and x86-64), Red Hat Enterprise 4 & 5 (i386 and x86-64), CentOS 4 & 5, SuSE 9.3 & 10, Debian 5 (i386, amd64), Ubuntu 8.04 (i386, amd64), Ubuntu 8.10 (i386, amd64)
  • FreeBSD : FreeBSD 7 (i386)
  • Solaris : Solaris 9 & 10 (sparc)
  • Mac OS X: Mac OS X 10.4 and 10.5 (intel & ppc)
  • Windows: Windows XP, 2003, Vista and 2008

Continue reading

Upgrading to TrueCrypt 5.0a

On Feb 12, 2008, TrueCrypt version 5.0a has been released. It has several fixes for the previous version, TrueCrypt 5.0. I don’t notice TrueCrypt latest release because I don’t check Internet regularly anymore.

Several features that I found very interesting in TrueCrypt version 5.0 are :

  • It has GUI for the Linux version
  • XTS mode of operations
  • Ability to encrypt system partition/drive (for Windows)
  • It now has a Rescue Disk for restoring damaged encrypted system partition
  • It is using SHA-512 for creating volume
  • TrueCrypt for Linux no longer affected by the changes of Linux kernel. A very cool feature. :D

You can read the other features in TrueCrypt site.

Here are the steps I took to upgrade my previous TrueCrypt (version 4.3a).

– Extract truecrypt tarball :

tar xvzpf truecrypt-5.0a-opensuse-x86.tar.gz

– Change to the latest truecrypt directory :

cd truecrypt-5.0a/

– Upgrade truecrypt on my system :

  # rpm -Uvh truecrypt-5.0a-0.i586.rpm  Preparing...             ########################################### [100%]     1:truecrypt              ########################################### [100%]

Here is the TrueCrypt GUI in Linux, amazing :

truecrypt-01.png

BTW, the window’s size displayed is not adjustable.

In this version, you can also see TrueCrypt on your taskbar :

truecrypt-02.png

Right-click to see the menu :

truecrypt-03.png