Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: Updates to some of our favorite tools - SANS Internet Storm Center SANS ISC InfoSec Forums

Watch ISC TV. Great for NOCs, SOCs and Living Rooms:

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Updates to some of our favorite tools

Over the last month or so, several of our favorite tools have been updated and we haven't necessarily mentioned them all here, so for those of you not standing in line waiting for your new iPhone 3G, here are a few to update.

  • Wireshark.  I was going to do this story last night at the very beginning of my shift and mention that 1.0.1 was out, well, 1.0.2 just came out and fixes a couple of issues including a potentially somewhat serious reassembly issue, see CVE-2008-3137 and CVE-2008-3141.
  • Our friend, Daniel Cid has released OSSEC 1.5.1 and yesterday mentioned that he is in the process of adding the capability of checking a system against the CIS Security Benchmarks.  Read more about it here.
  • Another of our friends, Chris Rohlf has updated his binhash tool to v0.6.0 you can get it here.

Also, for those who like to shove data into MySQL databases for further analysis (who doesn't?), I came across these 2 posts by Marcin about a couple of Python scripts for parsing nmap and nessus output and loading them into MySQL.  They look useful, though I haven't had an opportunity to do much with them yet.


I will be teaching next: Reverse-Engineering Malware: Malware Analysis Tools and Techniques - SANS DFIR Summit & Training 2022


423 Posts
ISC Handler
Jul 11th 2008
Don't forget that Nmap 4.68 was released on June 28.

Sign Up for Free or Log In to start participating in the conversation!