Loading...
 
Location : Got Root >
3d browser Print


Atomic Secured Linux 2.2.2 Released

By: Michael Shinn  on: Thu 07 of Jan., 2010 09:00 EST  (496 Reads)
Security Tool

Atomicorp is proud to announce the release of version 2.2.2 of Atomic Secured Linux. Our full service security suite for Linux based systems.

Atomic Secured Linux 2.2.1 Released

By: Michael Shinn  on: Sun 13 of Sep., 2009 02:47 EDT  (801 Reads)
Security Tool

We are proud to announce the release of Atomic Secured Linux 2.2.1 (external link) the latest version of our cutting-edge Unified Security solution for servers.

Follow the status of the Real Time rules on twitter

By: Michael Shinn  on: Sun 21 of June, 2009 15:49 EDT  (2278 Reads)

We've setup a twitter feed for our subversion system. When we put out new rules you'll get a tweet. You can follow us here:

GotRoot/Atomicorp Real Time Rules Twitter Feed (external link)

Stop Rogue devices on your network for free

By: Michael Shinn  on: Thu 09 of Apr., 2009 18:24 EDT  (3486 Reads)

Rogue devices, like unauthorized hosts or rogue APs got you down? Here are several free and powerful solutions to detect, stop and even quarantine rogue devices on your network.

Standalone modsecurity rules updater available

By: Michael Shinn  on: Tue 07 of Apr., 2009 14:29 EDT  (3410 Reads)

ASL customers already have this built into ASL, but for those running the rules without ASL we have developed a stand alone rule updater/downloader:

Automatic Rule Updater (external link) (cache)

And the config file for the same:

Automatic Rule Updater Config file (external link) (cache)

Installation instructions are available here:

Installation Instructions (external link) (cache)

MD5 weakness Proof of Concept

By: Michael Shinn  on: Tue 30 of Dec., 2008 13:45 EST  (3863 Reads)
Vulnerability

MD5 (external link) (cache) weaknesses have been known for some time now and security researchers have been recommending against its use for a few years, while predicting that a realistic attack was just around the corner. Research was published today that demonstrates that realistic attacks are possible now. The research deals with a proof of concept collision attack to create fake CA certificate using MD5. The researchers state that a knowledgeable attacker can fake a valid signature on a CA certificate, thereby making it possible to hijack the PKI used to sign SSL certs by pretending to be a valid CA. The researchers website MD5 considered harmful today (external link) (cache) has the details. In short, nothing important should use MD5 anymore.

BotHunting tool

By: Michael Shinn  on: Sun 21 of Dec., 2008 19:00 EST  (3335 Reads)
Security Tool

For those that are not familiar with it, SRI has a great project called BotHunter?. Its a snort derivative using special rules and some SRI code to detect bots on your network and to anonymously share data with the BotHunter? folks. The installer is top notch and we really like what the project is doing. Check it out yourself at http://www.bothunter.net (external link)

ASL 2.0 Final Released

By: Michael Shinn  on: Mon 07 of July, 2008 12:06 EDT  (3509 Reads)

Prometheus Group is proud to announce the release of Atomic Secured Linux 2.0, the latest version of our cutting-edge Unified Security solution for servers.

Virtual Patch for Hidden Text Exploit

By: Michael Shinn  on: Thu 24 of Apr., 2008 18:00 EDT  (5506 Reads)

SANS ISC (external link) (cache) brings us a report (external link) (cache) of a new method spammers are using to put links into blogs using hidden text. We don't consider this a WordPress vuln, but rather a class of problems revolving around hidden test. This is very reminiscent of the iframe attacks using hidden iframes. In the spirit of making the world a nicer place, we're publishing Modsec rules to protect against this problem. You can download the rules from here. Right now its one rule, but as we discover other ways to protect against this we'll update the file. If you are running ASL or have a subscription to the real time rules, this is included in the latest update automatically.

Free Modsecurity 2.5 rules released

By: Michael Shinn  on: Tue 18 of Mar., 2008 11:28 EDT  (4873 Reads)

We've been providing 2.5 signatures and rules to our ASL customers for over a year, and are proud to announce the availability of these rules through the GotRoot? lab website. The free rules are delayed 30 days. Want the rules in real time? Well sign up now! (external link) Its only $79.95 a year for a real time subscription to the most comprehensive and widely used WAF rules on the Internet!

ASL 2.0 final beta out

By: Michael Shinn  on: Mon 04 of Feb., 2008 20:18 EST  (5563 Reads)
Software Release

We've been been working like mad men on ASL (especially Scott), and we're at the final Beta. 2.0 final is just around the corner. The GUI is slick, tons of new security features, vulnerability scanner, built in support portal and more. Check it out on the ASL website (external link).






Latest Realtime Supported Rules (supports modsec 2.5!)



Free Delayed Unsupported Rules (Delayed at least 90 days)



Retired Rules (No longer updated)






Mikes Corner

DateTitleAuthor
Sat 29 of Jan., 2005 How to use RBL's to protect apache from compromised and infected systems Michael Shinn
Sat 01 of Jan., 2005 A quick list of privacy enhancing tools for Windows and UNIX Michael Shinn
Fri 01 of Oct., 2004 The top nine ways to stop spyware from infecting your computer Michael Shinn
Fri 24 of Sep., 2004 Nine easy things you can do to improve the security of your Enterprise Michael Shinn
Wed 22 of Sep., 2004 Cellular High Speed WiFi a hit Michael Shinn
Fri 03 of Sep., 2004 Portknocking in BASH Michael Shinn
Tue 31 of Aug., 2004 Why your should never forward UDP out of your firewall Michael Shinn


The Fire Monkey

DateTitleAuthor
Fri 19 of Nov., 2004 Dealing With Phishing Fire Monkey
Wed 10 of Nov., 2004 I Want Better Bookmarks Fire Monkey
Tue 21 of Sep., 2004 Cisco's VoIP Security Fire Monkey
Thu 16 of Sep., 2004 Choosing A Secure Password Fire Monkey


Steves Wacky Programming

DateTitleAuthor
Sun 10 of Oct., 2004 Compiled Funge steve
Mon 20 of Sep., 2004 3d programming...can it be a Good Thing(TM)? steve

{SPLIT


Contributors to this page: Michael Shinn20259 points  .
Page last modified on Saturday 09 of January, 2010 12:45:09 EST by Michael Shinn20259 points .
The content on this page is licensed under the terms of the Got Root License.

Our Books