Sunday, June 20, 2010

Norton DNS

Norton DNS provides alternative DNS servers that can be used by any Internet-connected device. Their DNS servers will also block malware and phishing websites.

It’s currently a free beta available on 198.153.192.1 and 198.153.194.1. Visit http://www.nortondns.com/ for more information.

For home users, the following may be a nice setup:

setting your DNS to Norton’s new service

surfing with Firefox
using adblock plus (with appropriate subscriptions) and Web of Trust
Siteadvisor
Winpatrol
MalwareBytes
Or, for the more technical, running James McQuaid’s “DNS Super Black Hole” would provide even better protection.

For those running their own dns servers, running the dns-bh list internally while pointing to Norton’s DNS may be worth considering.
Right now their service is free, we are not sure if this service will remain free or will need to be purchased after the beta is over

Sunday, April 26, 2009

Complemento v0.6 - LetDown TCP Flooder, ReverseRaider Subdomain Scanner & Httsquash HTTP Server Scanner Tool

What is Complemento?

Complemento is a collection of tools that the author originally created for his own personal toolchain for solving some problems or just for fun. Now he has decided to release it to the public.

LetDown is a TCP flooder written after the author read the article by fyodor entitled article “TCP Resource Exhaustion and Botched Disclosure“. It has an (experimental) userland TCP/IP stack, and support multistage payloads for complex protocols, fragmentation of packets and variable TCP window.

ReverseRaider is a domain scanner that uses brute force wordlist scanning for finding a target sub-domains or reverse resolution for a range of ip addresses. This is similar to some of the functionality in DNSenum. It supports permutation on wordlist and IPv6.

Httsquash is an HTTP server scanner, banner grabber and data retriever. It can be used for scanning large ranges of IP addresses and finding devices or HTTP servers (there is an alpha version of a GUI for this). It supports IPv6 and personalized HTTP requests.

Improvements for v0.6

LetDown:

* New (experimental) userland TCP stack
* Support for multistage payloads (for complex and stateful protocol, such as FTP, SMTP…)
* Variable TCP Window size
* Fragmentation of packets
* Polite mode (ACK received packets and/or closing the connection with FIR or RST packets)
ReverseRaider:

* Support for IPv6

HttSquash:

* Support for IPv6

You can download Complemento v0.7 here:

complemento-0.7