Download BlackICE 3.6.coq

Spread the love

The developers of Internet Security Systems have released a new version of BlackICE with 3.6.coq as the version designation. This update comes in two flavors viz BlackICE PC Protection and BlackICE Server Protection. The package is a versatile firewall with full intrusion detection. Both the incoming and outgoing network flows are checked and if there is a possible suspicion that something is wrong, the administrator is warned and the connection can be closed. The changelog includes the following list:

Security Content Improvements in 3.6.coq:

  • The default priorities of 68 PAM issues have changed to take X-Force recommendations directly. The issues and their priority changes are listed in section 6.
  • A false positive was removed from HTTP_Skype_Callto_Overflow.
  • A new tuning parameter, pam.content.vcard.limit, has been added to help prevent false positives with Email_VCF_Mozilla_Overflow.
  • A false positive was removed from HTTP_PHP_Addslashes_ViewFiles.
  • A false positive was removed from SQL_SSRP_Malformed_Enum_Response that could fire on non-threatening DNS traffic.
  • A new tuning parameter, pam.http.iis.ida.threshold, has been added to help prevent false positives with HTTP_IIS_Index_Server_Overflow.
  • The file name details for MIME attachments is now set to a displayable maximum of 255.
  • A false positive due to skipping “End of Mib View” variables has been removed from SNMP_Bad_Variable_Type.
  • A false positive was removed from SIP_Unknown_Method_name by tightening the reverse connection logic.
  • The file extension “.vsd” was associated with compound documents to remove a false positive from Content_CompoundFile_Bad_Extension.
  • The file extensions “.lha” and “.lzh” were associated with LHA compressed files to remove a false positive from Content_CompoundFile_Bad_Extension.
  • A false negative was removed from HTTP_IExplorer_Command_Exec, and the default response was changed from block- connection to rewrite.
  • FTP heuristics were enhanced to accept a hyphen as the first character following a 220 server response.
  • A false positive was removed from MSRPC_MSDTC_Message_BO by having the algorithm only inspect vulnerable opcodes.
  • A false negative was removed from BrightStor_Discovery_Overflow.
  • A false negative was removed from BackOrifice_Ping.

OtherUpdates:

  • Changed the order MIME type evaluations to detect more common MIME types earlier.
  • Added recognition of several new MIME types to the HTTP parser.
  • Improved data validation was added to the BGP parser to improve accuracy and prevent desynchronization.
  • Two tuning parameters, pam.fastchannel.size and pam.fastchannel.expire, have been added to provide additional VoIP performance control.
  • Performance improvements were made to the HTML content-layer parser.
  • The SIP protocol parser was refactored to improve performance.

[break]The following two downloads are ready:
BlackICE PC Protection 3.6.coq
BlackICE Server Protection 3.6.coq

Version number 3.6.coq
Operating systems Windows 9x, Windows NT, Windows 2000, Windows XP, Windows Server 2003
Website Internet Security Systems
Download
License type Shareware
Facebook Notice for EU! You need to login to view and post FB Comments!
You might also like