Download BlackICE 3.6.cpw

Spread the love

The developers of Internet Security Systems have released a new version of BlackICE with 3.6.cpw as the version designation. This update comes in two flavors viz BlackICE PC Protection and BlackICE Server Protection. The package is a versatile firewall with full intrusion detection. Both the incoming and outgoing network flows are checked and if there is a possible suspicion that something is wrong, the administrator is warned and the connection can be closed. The list of adjustments looks like this:

[break]New Security Content:

ProductCheckNameEvent TypeRisk Level
SIP_Invalid_URI Suspicious activity Low
HTTP_Orion_JSP_SourceRead Suspicious activity Low
HTTP_MHTML_Redirect Suspicious activity Medium
Shellcode_Detected Unauthorized Access Attempt High
HTML_ClassID_Overflow Unauthorized Access Attempt High
HTTP_AIMExpress Suspicious activity Low
FTP_Checksum_Cmd_BO Unauthorized Access Attempt High
HTML_IE_Render_Memory_Corruption Unauthorized Access Attempt High
SMTP_MailEnable_NTLM_Type1_Overflow Unauthorized Access Attempt High
SMTP_MailEnable_NTLM_Type3_Overflow Unauthorized Access Attempt High
EPolicy_Orchestrator_Source_Overflow Unauthorized Access Attempt High
Sunrpc_BackupProduct_BO Unauthorized Access Attempt High
Sunrpc_BackupProduct_String_Overflow Unauthorized Access Attempt High
SIP_Invalid_Invite_Address Suspicious activity Low
VPN_Hamachi_Client Suspicious activity Low
Video_Flic_Color_BO Unauthorized Access Attempt High
Video_Flic_Malformed Suspicious activity Low
ACF_Mem_Corruption Unauthorized Access Attempt High
MSRPC_WksSvc_Mgmnt_JoinDom_Bo Unauthorized Access Attempt High
MSRPC_Netware_Change_Password_BO Unauthorized Access Attempt High
MSRPC_Netware_Get_User_DoS Denial of Service Low
DNS_Malformed_Flood Denial of Service Medium

Security Content Improvements:

  • Fixed an attacker vs. victim reporting error in SSH_Vulnerable_OpenSSH
  • The PAM tuning parameter, pam.email.executable.extension.blacklist, has been changed to report all of the default file extensions on one line in the pam log file.
  • Fixed memory leak in the processing of .url files.
  • The Compound File parser was optimized to reduce space.
  • The Flash file parser was updated to reduce the potential of a false positive in some circumstances.
  • Fixed a false positive in Email_HTML_File_URI wherein an IP address in the hostname portion of the URI was incorrectly detected.
  • Fixed a false positive for SIP_Long_Via_Host and SIP_Unknown_Via_Parameter that could occur in certain networking-relaying configurations.
  • The IRC parser was updated to more closely adhere to RFC 1459.
  • The report for URL_file_URI_overflow now displays the correct length value.
  • A false positive was corrected in HTTP_DotDotDot that occurred when using carefully constructed URLs.
  • False positives were removed for DPS_Magic_Number_DoS.

Version number 3.6.cpw
Operating systems Windows 9x, Windows 2000, Windows XP, Windows Server 2003
Website Internet Security Systems
Download
License type Shareware
You might also like