Artillery 0.6 Released
Labels:
Forensics,
Linux,
Security Tools
Artillery takes advantage of that by making vulnerabilities and exposures look like they are existent when they are really not there. When the attacker goes after a given port, Artillery sends random data back to the attacker then bans them permanently.
In addition to the active banning and honeypot portions of Artillery, there is also file integrity monitoring, server health checks, and hardening checks.
Artillery 0.6 change log:
- fixed a bug in remove_ban that would not remove the ip address
- added threat intelligence feed – this is an automatic feed that will pull from trustedsec webservers around attacker IP addresses
- added ability to automatically block based on intelligence feed
- daily checks added to banlist
- fixed a bug when uninstall would not properly kill artillery
- added a check in the uninstall to see if artillery is actually running
- added some enhancements to the honeypot banning
- added new flag for intelligence feed in the config file
- added the ability to change threat feeds to a different server of your choice
- added threading to reloading the IP tables matrix, was causing a hang on other imports
- removed 3306 as a standard port, would cause conflicts at times if it was already installed
- added the ability to specify the threat intelligence feed server
- added the ability to configure your own threat intelligence feed server
- added ability to change the public directory for the HTTP server
- added ability to configure multiple threat feeds, can pull in multiple Artillery servers
Download Artillery from the SVN at the following link:
svn co http://svn.secmaniac.com/artillery artillery/
Subscribe to our Daily Newsletter via email - Be First to know about Security and Penetration testing tools. or Join our Huge Hackers Community on Facebook , Google+ and Twitter .
Subscribe Top Hacker Stories via email
The Hacker News - Daily Updates