Veel mensen zullen nu vreemd staan te kijken , met de nieuwe versie Blackice, en dat doen wij ook. IBM zou eigenlijk stoppen met de verkoop van BlackICE, toch kunnen wij u deze nieuwe versie aanbieden. Hieronder is een uitgebreide lijst te vinden, van de veranderingen in Blackice 3.6.cqn.

Security Content Improvements

Corrected a false negative in the HTTP URL whitelist cache.
Fixed a false positive in PE_DotNet_Loader_Exec
Removed a false positive with HTTP_PHP_Transfer_XSS.
Updated Event Coalescer to discriminate between IP address tuples with different 802.1QA VLAN IDs. The Event Coalescer intelligently combines events having the same characteristics, such as issueID, victim/intruder IP, and victim/intruder port into one event
Proventia G sensors supporting advanced event reporting no longer appends 'vlan' attribute value pair (AVP) because field is sent natively to SiteProtector. Advanced event reporting contains an internal VLAN ID field.
Fixed a false negative in MSRPC_Invalid_Request.
Updated Event Coalescer to support VLAN ID to discriminate between duplicate IP address tuples
Removed a false positive in SSL_Hello_Msg_DoS by completely parsing Server Key Exchanges.
Fixed a PAM Internal Error which could occur in response to specific malformed FTP server responses.
Corrected a false positive and a mis-report of the overflow length in Email_VCF_Overflow and Email_VCF_Mozilla_Overflow.

Blocking was added for the following events:

SMTP_Exchange_Verb_BO
Oracle_AuthAlterSession_SqlExec
IMAP_Mdaemon_Foldername_DoS
JavaScript_XML_CoreSvc_Code_Execution
Blocking was removed for the following events:

SMTP_Exchange_Verb_DoS