Paros 3.2.8 release

From: contact@parosproxy.org
Date: Fri Nov 18 2005 - 11:14:22 EST

Next message: Erin Carroll: "New SecurityFocus article on rootkits"
Previous message: Chris Fahey: "RE: Nmap scanning speed"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

('binary' encoding is not supported, stored as-is) Paros 3.2.8 is released. This version contains a major bug fix with an experiemental native browser view feature added. All users are recommended to upgrade to this version.

The new verison is available at http://www.parosproxy.org.

Bug reports and comments on Paros can be sent to [contact at parosproxy org]. Please feel free to send any comments to us!

[Installation]

If you have installed the old version on or after 3.2.4, you can directly install this new version.

If you are using version prior to 3.2.4, you should uninstall the old version first.

The default installation is changed to use the 64M VM. For large site testing, you may adjust it depending on your need
and the memory you have (eg 128M)

[introduction]

Paros is a man-in-the-middle proxy and application vulnerability scanner. It allows
users to intercept, modify and debug HTTP and HTTPS data on-the-fly between web
server and client browser. It also supports spidering, proxy-chaining, filtering
and application vulnerability scanning.

[License] - Clarified Artistic License (open source and GPL-compatible license)

[Details/new features]

3.2.8
=====
New
- Major rewrite on proxy code for reducing memory overhead when proxy over HTTPS. This improves proxy performance over SSL, especially when there are lots of concurrent requests.

- An experimental feature to support viewing selected history message in browser. This will open native browser to obtain cached result from the proxy. Right now only Windows platform is supported. Note that the default browser (eg IE) must be configured to proxy via Paros. For request unavailable from cache, it'll send out the new requests for display.

This feature can be useful for post analysis.

- Improved accuracy on autocomplete plugin check.
- Use newest HSQLDB library (version 1.8.0.2).

Fix
- Major bug fix that config.xml may grow on each option save. The bug is introduced since V3.2.3. This may cause OutofMemoryError when the application starts due to prolonged use of the application with frequent option change (eg several weeks).
- Minor visual tuning, fix and rearrangement of pop-up menus.

------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner:

Hackers are concentrating their efforts on attacking applications on your
website. Up to 75% of cyber attacks are launched on shopping carts, forms,
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
futile against web application hacking. Check your website for vulnerabilities
to SQL injection, Cross site scripting and other web attacks before hackers do!
Download Trial at:

http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------

Next message: Erin Carroll: "New SecurityFocus article on rootkits"
Previous message: Chris Fahey: "RE: Nmap scanning speed"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:55:11 EDT