June 10th, 2011 
Mourad Ben Lakhoua Xplico is a project released under GPL that decodes packet captures (PCAP), extracting the likes of email content (POP, IMAP, and SMTP protocols), all HTTP content, VoIP calls (SIP), IM chats, FTP, TFTP, and many others. It can be used on platforms with an embedded ARM core processor or typical multi-core servers, making optimal use [...]
Posted in Open-Source, Tools 
Tags: Forensics, network discovery, Network Monitoring, open source, XPLICO 
51 Comments » May 30th, 2011 Mourad Ben Lakhoua Lockheed Martin Corp., the U.S. government’s top information technology provider has suspended the email remote access to corporate application after discovering a network intrusion that is related to a major RSA attack. “As a result of the swift and deliberate actions taken to protect the network and increase IT security, our systems remain secure,” Jennifer [...]
May 28th, 2011 Mourad Ben Lakhoua Sniffers are very important tools for analyzing and capturing all packets in real time. If you want to understand what Malware change on the network level here you can find some useful sniffing utilities: Wireshark’s GUI Fantastic packet analyzer tool for Windows, Linux, Mac OS X, and various other platforms, at first this tool is [...]
Posted in Malwares, Network security, Open-Source Tags: Malware, Malware Research, Network Monitoring, open source, Snort, TCPDump, Wireshark 58 Comments » February 17th, 2009 Mourad Ben Lakhoua A new tool promises to detect illegal files without slowing network traffic. A new technique has been developed for detecting and tracking illegal content transferred using the BitTorrent file-trading protocol. According to its creators, the approach can monitor networks without interrupting the flow of data and provides investigators with hard evidence of illicit file transfers. [...]
February 13th, 2009 Mourad Ben Lakhoua With the widespread reliance on Information Technologies and in today’s computing environment, enterprise-wide monitoring of security events is very important and critical , not only for tracking malicious activity, but also to meet compliance requirements. It is essential to make the security deployment process and ongoing maintenance as easy and cost-effective as possible. Type80 Security [...]
