Download BlackICE 3.6.cpp

Spread the love

The developers of Internet Security Systems have released a new version of BlackICE with 3.6.cpp as the version designation. This update comes in two flavors viz BlackICE PC Protection and BlackICE Server Protection. The package is a versatile firewall with full intrusion detection. Both the incoming and outgoing network flows are checked and if there is a possible suspicion that something is wrong, the administrator is warned and the connection can be closed. The list of adjustments looks like this:

New Security Content For 3.6.cpp:

ProductCheckName Event type Risk level
Skype_Detected Protocol signature Low
SIP_Request_Invalid_Characters Suspicious activity Low
SIP_Invalid_To Suspicious activity Low
SIP_Message_Termination_Incorrect Suspicious activity Low
SIP_Response_Invalid_Characters Suspicious activity Low
SIP_Invalid_Auth_Response Suspicious activity Low
PKG_EPO_Directory_Traversal Unauthorized Access Attempt High
HTTP_Tunnel_Not_TLS_or_SSL Suspicious activity Medium
HTTP_MySpace_Login Suspicious activity Low
HTTP_Tunnel_Detected Suspicious activity Low
HTTP_eBuddy_Login Suspicious activity Low
PGM_Detected Unauthorized Access Attempt High
CompoundFile_Publisher_String_BO Unauthorized Access Attempt High
ICMP_Phishing_Trojan Suspicious activity Medium
SIP_Unknown_Via_Parameter Suspicious activity Low
CompoundFile_Word_Malformed_Table_String Unauthorized Access Attempt High
SIP_Long_Via_Host Suspicious activity Low

Security Content Improvements in 3.6.cpp:

  • False positives were removed from the following signatures:
    • HTTP_IE_HTA_Remote_Exec
    • Flash_ActionDefineFunction_Name_BO.
    • Content_Incorrect_Extension for gzipped files with .tgz file name suffix.
    • CompoundFile_VBA_Properties_BO.
    • HTTP_IE_HTA_Remote_Exec.
    • HTTP_LDAP_Mod_Rewrite_BO
    • JavaScript_Flash_AddressBar_Spoofing
    • HTTP_Favorites_Icon_Overflow and Image_ICON_Malformed signatures when a web server returns a requested icon file using data compression.
    • HTTP_ASP_AppFolder_Disclosure.
    • Content_Compound_File_Bad_Extension for .xlr file extension.
    • HTML_Mshtml_Overflow
  • A false negative was eliminated from the ICMP_Flood signature.
  • The HTTP_Cross_Site_Scripting signature has been updated to also detect attempts to use obscure character sets to encode scripting directives.
  • The compound file parser was optimized.

Version number 3.6.cpp
Operating systems Windows 9x, Windows NT, Windows 2000, Windows XP, Windows Server 2003
Website Internet Security Systems
Download
License type Shareware
You might also like