Download BlackICE 3.6.com

Internet Security Systems has released a new version of BlackICE. The software is available in a PC version and one for the server, and the version number for both is available at 3.6.com. The package is a versatile firewall with full intrusion detection. Both the incoming and outgoing network flows are checked and if there is a possible suspicion that something is wrong, the administrator is warned and the connection can be closed. The full release notes are up this page can be found, these are the main changes:

Security Content Updates in 3.6.com:

• A false positive in HTTP_Proxy_Cache_Poisoning was removed.
• A false positive in HTTP_PHP_Addslashes_ViewFiles was removed.
• An ESF rule issue was removed wherein a non-sequiter event with no adapterID present cause a rule to falsely match.
• More detection logic for mime type ‘application/x-zip-compressed’ was added.
• An issue wherein adatper ID and VLAN information was missing for certian events has been removed.
• Added new channel names to IRC_Generic_Trojan (for the Mytob worm).
• Signal handling processing performance enhancements were added.
• Added new spyware detection logic to Suspicious_ActiveX_Installer.
• Added detection of new phone home methods to Spyware_PH_HotBar
• Added response-side reporting to HTTP_Unknown_Protocol.
• A loop error in conjunction with the userdefined event DNS_Query and the G2K was removed.
• An issue wherein IP addresses of some HTTP signature were reported as 0.0.0.0 has been removed.
• CLSIDs were added to HTML_IE_ActiveX_Loader_Heap_Corruption.
• A false negative in SQL_SSRP_Slammer_Worm was removed.

[break]