Downloads

Software Update: BlackICE 3.6.coq

By admin
Spread the love

The developers of Internet Security Systems have released a new version of BlackICE with 3.6.coq as the version designation. This update comes in two flavors viz BlackICE PC Protection and BlackICE Server Protection. The package is a versatile firewall with full intrusion detection. Both the incoming and outgoing network flows are checked and if there is a possible suspicion that something is wrong, the administrator is warned and the connection can be closed. The changelog includes the following list:

Security Content Improvements in 3.6.coq:

  • The default priorities of 68 PAM issues have changed to take X-Force recommendations directly. The issues and their priority changes are listed in section 6.
  • A false positive was removed from HTTP_Skype_Callto_Overflow.
  • A new tuning parameter, pam.content.vcard.limit, has been added to help prevent false positives with Email_VCF_Mozilla_Overflow.
  • A false positive was removed from HTTP_PHP_Addslashes_ViewFiles.
  • A false positive was removed from SQL_SSRP_Malformed_Enum_Response that could fire on non-threatening DNS traffic.
  • A new tuning parameter, pam.http.iis.ida.threshold, has been added to help prevent false positives with HTTP_IIS_Index_Server_Overflow.
  • The file name details for MIME attachments is now set to a displayable maximum of 255.
  • A false positive due to skipping “End of Mib View” variables has been removed from SNMP_Bad_Variable_Type.
  • A false positive was removed from SIP_Unknown_Method_name by tightening the reverse connection logic.
  • The file extension “.vsd” was associated with compound documents to remove a false positive from Content_CompoundFile_Bad_Extension.
  • The file extensions “.lha” and “.lzh” were associated with LHA compressed files to remove a false positive from Content_CompoundFile_Bad_Extension.
  • A false negative was removed from HTTP_IExplorer_Command_Exec, and the default response was changed from block- connection to rewrite.
  • FTP heuristics were enhanced to accept a hyphen as the first character following a 220 server response.
  • A false positive was removed from MSRPC_MSDTC_Message_BO by having the algorithm only inspect vulnerable opcodes.
  • A false negative was removed from BrightStor_Discovery_Overflow.
  • A false negative was removed from BackOrifice_Ping.

OtherUpdates:

  • Changed the order MIME type evaluations to detect more common MIME types earlier.
  • Added recognition of several new MIME types to the HTTP parser.
  • Improved data validation was added to the BGP parser to improve accuracy and prevent desynchronization.
  • Two tuning parameters, pam.fastchannel.size and pam.fastchannel.expire, have been added to provide additional VoIP performance control.
  • Performance improvements were made to the HTML content-layer parser.
  • The SIP protocol parser was refactored to improve performance.

[break]The following two downloads are ready:
BlackICE PC Protection 3.6.coq
BlackICE Server Protection 3.6.coq

Version number 3.6.coq
Operating systems Windows 9x, Windows NT, Windows 2000, Windows XP, Windows Server 2003
Website Internet Security Systems
Download
License type Shareware
You might also like
News

Android 14 beta brings support for a desktop mode

News

Good news for TSMC: its 3nm node will take flight in 2024 thanks to the push of these…

News

The most boring technology of the 21st century: Intel has only grown 5% since 2000

News

Google Password Manager can start sharing passwords with partners or children

News

PlayStation 5 beta update improves audio from DualSense controller

News

Rumor: Android 15 puts apps in ‘edge-to-edge’ mode by default