BPS-1000 1.1 Beta 1 Software Update
We are happy to announce the availability of 1.1 Beta 1 for the BPS-1000 appliance. This release is available for download from the StrikePacks link on the right side of this page. The 1.1 Beta 1 release offers some substantial feature enhancements that provide users with more fine-grained control over test traffic. In the GA release of the BPS-1000, users were able to create a mix of application traffic by defining percentages of application protocols (e.g., 50% HTTP, 25% SMTP, 25% POP3), but relied on the system to generate random data flows. Even though the BPS-1000 System supports an extensive number of application modules, users could not configure the application traffic to match their own network traffic or define client and server profiles.
In response to this need, BreakingPoint Systems is developing a new feature called the AppManager, which allows users to create network-specific data flows by defining the actual mix of applications. The AppManager itself will be a separate, new UI feature that will be used in conjunction with the App Sim test component -- similar to how the Attack Manager is currently used with the Security component. Using the AppManager, users will be able to create application profiles consisting of protocol type, server type, and client type; then, users can select the profile for use through the App Sim test component. Host addresses, however, will still be generated using Network Neighborhood settings.
This Beta 1 release notably includes the implementation of four application protocols with configurable parameters: DNS, HTTP, SIP, and SMTP. These parameters are viewable and configurable from App Sim's advanced options. Please see the release notes on the StrikePack page for more information about this update.
Viva Las Vegas: Tactical Exploitation
I will be presenting at Black Hat USA 2007 (August 1-2) and Defcon 15 (August 3-5) with Valsmith of Offensive Computing on the topic of Tactical Exploitation. This talk introduces a tactical approach to penetration testing that does not rely on exploiting known vulnerabilities. Using a combination of new tools and obscure techniques, we will walk through the process of compromising an organization without the use of normal exploit code. More information about this talk can be found in the DarkReading article.
StrikePack 12852 Released
This StrikePack adds four strikes covering four new vulnerabilities.
StrikePack 12736 Released
This StrikePack adds twenty-five strikes covering six new vulnerabilities. This update includes coverage for the Safari 3 Beta feed:// URL DoS vulnerability as well the Adobe Flash Player FLV buffer overflow flaw announced this week.
StrikePack 12636 Released
This release corrects a data format error with the application data flows present in StrikePacks 12373 and 12524. If you have installed one of the two affected StrikePacks, apply this update and reboot your BPS-1000 appliance.
StrikePack 12524 Released
StrikePack 12524 is now available to BreakingPoint customers. This release includes coverage for many of the flaws addressed by Microsoft on July 10th (patch Tuesday), including MS07-038, MS07-039, and MS07-040. Microsoft released MS07-041 to address a two year old vulnerability in IIS 5.1 (CVE-2005-4360). This StrikePack also includes coverage for the recent Sun Java JNLP Buffer Overflow reported by eEye.
StrikePack 12373 Released
StrikePack 12373 is now available to BreakingPoint customers. This release contains 7 new strikes covering 7 different vulnerabilities.