Home page logo
/

pen-test logo Penetration Testing mailing list archives

Re: [PEN-TEST] Black ICE
From: Riley Hassell <riley () SPEAKEASY NET>
Date: Fri, 8 Sep 2000 12:52:13 -0700

They also have a distributed monitoring system available.
(The ICECAP Server)

It allows BlackIce Defender clients to report their logs to a larger
administrated database. The whole concept is very interesting.

Example.
*  successful connection to protected client
X  Filtered out
-> data sent


       2.) Clients recognize scan and Logs aresent to ICECAP Server

1.)       ->    * 1.1.1.1  - >    --------  3.) Icecap Server sends
Attacker  ->    * 1.1.1.1  - >   | ICECAP |     an email to admin
Initiates ->    * 1.1.1.1  - >   | SERVER |     cell phone about a      
vuln scan ->    * 1.1.1.1  - >    --------      scan initiatedon
          ->    * 1.1.1.1  - >                  the network he is
          ->    X ...                           protecting.
          ->    X ...  5.) The scan doesn't                             
                           even reach the       4.) Admin log's into the
                           the rest of the          ICECAP server from
                           network.                 his laptop and set's
                                                    the filters up.

Note: This can also be automated. ;)



  Riley Hassell
  Network Security
  Speakeasy Network
  Phone : 206-728-9770x151
  Email : riley () speakeasy net


On Fri, 8 Sep 2000, Talisker wrote:

Bill

I have info on BlackIce Defender, BlackIce Sentry on my web site below,
There are also plans to launch a network vulnerability scanner called
IceScanner, also worth a look is IceAgent which is the corporate version of
defender, I haven't put that up yet.

Andy


http://www.networkintrusion.co.uk/
 Listing all known commercial IDS
                    '''
                 (0 0)
  ----oOO----(_)----------
  | The geek shall        |
  |  Inherit the earth     |
  -----------------oOO----
               |__|__|
                  || ||
              ooO Ooo


The opinions contained within this transmission are entirely my own, and do
not necessarily reflect those of my employer.





----- Original Message -----
From: "Bill Casti (System Admin)" <help () QUALITY ORG>
To: <PEN-TEST () SECURITYFOCUS COM>
Sent: Thursday, September 07, 2000 10:18 PM
Subject: Re: [PEN-TEST] Black ICE


Anyone tell me more about Black ICE, what it is and where to get some
detailed information?

Thanks.
Bill


============================================================================
=
 Bill Casti, CQA                                     Email:
help () quality org
 - Domain Owner, QUALITY.ORG                         Pager: +1 800 604
6149
 - List Moderator, "TQM in Manufacturing and Service Industries"
--------------------------------------------------------------------------
---
 Self-service list subscription service at
www.quality.org/cgi-bin/majordomo
         See http://www.quality.org/lists/lists_at_quality.org.html
               for the List of Lists supported at QUALITY.ORG

============================================================================
=





  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault