1.- Announcing StackDefender v1.00:
-----------------------------------

Stackdefender is an IPS (Intrusion Prevention System) , for WIN32, that
will deny shellcodes from executing in User Stack and Writable memory
regions. Stackdefender will protect your windows server from successful
exploitation of buffer overflows, 0-days, worms...

Buffer Overflows are very common and difficult to avoid in closed source
programs. The only chance for end users to protect these programs was to
trust the programmers skills. From now on, with StackDefender you have
the solution. With its unique technology, StackDefender will protect
transparently all the installed programs in your windows server,
preventing buffer overflow exploitation.

Sample list of stopped worms/overflows:

* Slammer exploiting an MS SQL overflow.
* CodeRed exploiting an IIS overflow.
* MS-Blaster exploiting RPC-DCOM overflow.
* IIS WebDav buffer overflow.
* MS SQL multiple buffer overflows.
* SunONE heap overflow.
* Microsoft RPC-DCOM multiple buffer overflows.

Find further info at:

http://www.ngsec.com/ngproducts/stackdefender/
I just recieved a newsletter from Next Generation Security Technologies and it had mention of this software. I haven't seen it mentioned on here, so I thought I'd throw this up. Both to inform other AO members and to see if anyone has heard of it/used it before? It has a rather hefty price tag ($849 USD) but there is a trial available on the website, which I'm thinking of giving a try. It seems like it'd be a great step towards securing a system if it actually works properly. The website has a few screenshots and a document on how it stopped Blaster. It's definately worth checking out in my opinion. After I've given it a try, I'll mention it here and let y'all know how it went for me....