Copy Link
Add to Bookmark
Report

Net-Sec Issue 031

eZine's profile picture
Published in 
Net Sec newsletter
 · 5 years ago

  

HNS Newsletter
Issue 31 - 25.09.2000
http://net-security.org

Net-Sec is a newsletter delivered to you by Help Net Security. It covers weekly
roundups of security events that were in the news the past week.
Visit Help Net Security for the latest security news - http://www.net-security.org.


Subscribe to this weekly digest on:
http://www.net-security.org/text/newsletter

Table of contents:

1) General security news
2) Security issues
3) Security world
4) Featured articles
5) Security books
6) Security software
7) Defaced archives



============================================================
Sponsored by Dialego - Online Market Research
============================================================
We conduct the first world-wide online survey for IT-security specialists.
Please click http://www.dialego.de/1033_it/_e/sman.php3?co=e , fill in the
online questionnaire and you may be one of the lucky people to win prizes in
the amount of altogether € [EURO] 1500:
1st prize: Casio Digital Camera
2nd prize: 3Com Palm Personal Digital Assistant
3rd prize: Tandem parachute jump
plus 50 personal firewalls as individual protection for your computer plus
50 programs for boot protection and hard disk encryption
============================================================



General security news
---------------------

----------------------------------------------------------------------------

GUIDE - BUILDING A DHCP SERVER
A DHCP server is incredibly easy to set up in Linux. This guide at
FrankenLinux.com will help you do it in 12 minutes. Also, we have
an article dealing with DHCP in our Articles section.
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.frankenlinux.com/guides/dhcpserver.html
Link: http://www.net-security.org/text/articles/lg_3.shtml


NEW BLOW TO INTERNET BANKING SECURITY
The future of internet banking was thrown into chaos last night
after a British computer expert accessed bank account details of
millions of Americans from his home in the Isle of Man during a
routine check on his US bank account. Ralph Dressel, a 28-year-old
software analyst at Royal Skandia lnvestment bank, contacted
The Observer having obtained bank security details that allowed
him to "walk" straight into internet bank accounts at institutions
across the US.
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.guardian.co.uk/internetnews/story/0,7369,372676,00.html


E-MAIL TAMPERING
A Singaporen man was sentenced to five months in jail for illegally
accessing the e-mail account of his former girlfriend, making him the
first to be convicted of such a crime in the city-state, the Straits
Times reported several days ago.
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://web.lexis-nexis.com/more/cahners-chicago/11407/6341404/2


THE :CUECAT PRIVACY ADVISORY
The Privacy Foundation has released an advisory this morning
calling for changes in the way the :CueCat bar code scanner
is tracking users. The full text of the advisory is
available on the following link
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.privacyfoundation.org/advisories/advCueCat.html


CARNIVORE FAQ
Our affiliates at LinuxSecurity.com host a rather large Carnivore
FAQ (Frequently Asked Questions). Document provides some answers
to common questions posted about Carnivore.
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.linuxsecurity.com/resource_files/documentation/carnivore-faq.html


PRIVACY CONCERNS OVER AUSTRALIAN E-HEALTH NETWORK RISE
There have been a number of calls for a slow-down in the
implementation of an Australia-wide electronic health network as consumer
groups and privacy advocates become concerned over the security and uses
made of patients' medical information.
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.computeruser.com/news/00/09/23/news8.html


ATTACKERS
Two attackers, who allegedly entered the National Aeronautics and
Space Agency (NASA) and other government and university computers,
are feeling the real-time pinch of the long arm of the law.
Link: http://www.32bitsonline.com/article.php3?file=news/200009/nb200009221&page=1


PHONE.COM TAKES AIM AT WAP SECURITY HOLE
In current WAP transmissions, data must use two security protocols -
WTLS during the wireless part of the journey and SSL once the data
hits the wires. There is a split second when the data must decrypt and
re-encrypt to switch from one protocol to the other. A security flaw
could occur if someone was able to crash the machine in the split
second between decryption and re-encryption, causing a memory
dump to the disk.
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.zdnet.co.uk/news/2000/38/ns-18063.html


WAP VERSION OF HELP NET SECURITY
Help Net Security is available for viewing via WAP enabled GSM
appliances. With a script created by Gordan Gledec you can read
latest security news on your GSM phone or any other device that
uses WAP. If you are interested how it looks like visit the following
link (powered by Gelon Wapalizer).
Link: http://wap.net-security.org/wap/


"COMRADE" SENTENCED TO 6 MONTHS
A 16-year-old Miami male pleaded guilty to two acts of juvenile
delinquency for computer hacking and was sentenced to six months
in a detention facility, said attorney general Janet Reno Thursday.
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.techweb.com/wire/story/TWB20000921S0023


HERBLESS INTERVIEWED
PhantasmP of HWA-Security yesterday interviewed one of the names
that were in the news for the past few days - Herbless. He is
connected to some defacements where he put his opinions on DeCSS
and fuel situation and if you saw the item below, he announced he
quits defacing.
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://hwa-security.net/herbless.txt


HERBLESS QUITS
Herbless, who defaced the websites of HSBC, Legoland and 450 others
as part of the fuel protest in the last month, has announced his sudden
exit from the scene. Speaking exclusively to vnunet.com, Herbless said:
"For various reasons that may or may not become apparent, I have left
the hacking scene for good. You won't hear of any more defacements
by Herbless. Let's just say that it is the price of freedom, and is worth
paying."
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.vnunet.com/News/1111333


AOL'S LOOSE CANNON: JUSTIN FRANKEL
The programmer's an employee of America Online, but the creator of
Gnutella's has a funny way of saying thank you. Frankel has, in fact,
devised some software, but not the kind AOL was expecting. The latest
creation of the 21-year-old programmer enables users of AOL's wildly
popular Instant Messenger to delete the ads from the online chat program.
What's more, a Web site owned by Nullsoft, and ultimately AOL, has been
giving away the software.
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.zdnet.com/zdnn/stories/news/0,4586,2630789,00.html


VIDEO INTERVIEW
Mudge, @stake's Vice President of Research & Development, gives us
his thoughts on the state of computer security today and why, as time
has gone by, we still have a long way to go.
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.securityfocus.com/media/64


WHITE HAT HACKERS BREAK INTO VA BENEFITS COMPUTERS
At a House oversight subcommittee hearing today, the VA's inspector
general's office said it had contracted with a private security company
to conduct penetration tests of the department's computer systems,
tests that led hired hackers to gain "high level" access to VA records.
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.telekomnet.com/news/9-21-00_hackers_vacomputers.asp


MP3.COM OFFERS SECURE PAYMENTS SERVICE
Online music service provider MP3.com is offering a secure and
convenient payment system with eCharge Corp. MP3.com customers
can now purchase CDs and MP3.com merchandise online with an
eCharge Net Account, which uses proprietary encryption technology
and digital certificates.
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.techweb.com/wire/story/TWB20000921S0012


COMPANIES CAPITALISE ON WEB FRAUD FEARS
US credit card companies portray themselves as watchdogs guarding
customers against Internet fraud, but some of their security measures
are just clever marketing tools to win new customers. Credit card theft
occurs three to ten times more online than it does in stores, and such
card companies as American Express are rushing to devise online security
measures to protect people.
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.zdnet.co.uk/news/2000/37/ns-18024.html



THIS EMAIL WILL SELF-DESTRUCT
"SafeMessage is the electronic answer to the shredding machine. It is
the first industrial-strength, secure messaging product of its kind for
not only large corporations, but also individuals," said Graham Andrews,
chief executive officer of AbsoluteFuture, which developed the product.
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.wired.com/news/technology/0,1282,38936,00.html


TARGETING US-RUSSIAN EXERCISE
Hackers in the US attempted to disrupt a combined US-Russian exercise
aimed at dealing with major natural disasters, reported AFP quoting the
ITAR-TASS news agency. Looks fishy...
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.theregister.co.uk/content/6/13420.html


VBS.DISABLED.WORM
VBS.Disabled.Worm is a script worm that is similar in function to
VBS.NewLove.Worm. It uses Microsoft Outlook to send itself. Upon
execution, it deletes all files from your hard drive except for files in the
root directory. The body of the email message is in French.
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.symantec.com/avcenter/venc/data/vbs.disabled.worm.html


COPA READIES ITS REPORT
A federally created commission studying online child protection will recommend
to Congress that an independent research bureau be created to review
filtering software and may also push for a special kid-friendly Internet
zone, its chairman says.
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.mercurycenter.com/svtech/news/breaking/ap/docs/420529l.htm


ONLINE PRIVACY
Industry watchers say growing consumer concerns over the use of
personal online data is a huge obstacle for e-commerce. So far, lawmakers
have refrained from regulating general online privacy.
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.techweb.com/wire/story/TWB20000920S0013


GERMAN HACKER BIDS TO JOIN INTERNET BOARD
Andy Mueller-Maguhn, spokesman of the Chaos Computing Club, is one
of seven candidates from Europe hoping to be elected to the board of
the Internet Corporation for Assigned Names and Numbers (Icann). He
is emerging as the surprise favourite with 2866 endorsements - more
than any other candidate worldwide.
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.vnunet.com/News/1111267


NTBUGTRAQ ACQUIRED BY ICSA.NET
One of the places where NT hackers and security experts post their
opinions and vulnerabilities has been acquired. Russ Cooper, moderator
of the popular e-mail list NTBugTraq, sold the list to ICSA.net. He will
stay aboard as the moderator of the list.
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.msnbc.com/news/459092.asp

----------------------------------------------------------------------------



============================================================
Sponsored by Dialego - Online Market Research
============================================================
We conduct the first world-wide online survey for IT-security specialists.
Please click http://www.dialego.de/1033_it/_e/sman.php3?co=e , fill in the
online questionnaire and you may be one of the lucky people to win prizes in
the amount of altogether € [EURO] 1500:
1st prize: Casio Digital Camera
2nd prize: 3Com Palm Personal Digital Assistant
3rd prize: Tandem parachute jump
plus 50 personal firewalls as individual protection for your computer plus
50 programs for boot protection and hard disk encryption
============================================================




Security issues
---------------

All vulnerabilities are located at:
http://net-security.org/text/bugs


----------------------------------------------------------------------------

MAJOR VULNERABILITY IN ALABANZA CONTROL PANEL
This is serious enough since you can delete all resold domains for a particular
webhosting company. You can also change the default MX and CNAME records
of all associated domains.
Link: http://www.net-security.org/text/bugs/969896875,69779,.shtml


E*TRADE LOGINS/PASSWORDS REMOTELY RECOVERABLE
Due to flaws in E*TRADE's software, a remote third party can recover the
usernames and plain-text passwords of any E*TRADE user. The vector of attack
can be a malicious (but innocent looking) web site, an email, or a variety of more
obscure methods. A local compromise of the user's machine is not required. The
attacker only needs to seek out known or likely E*TRADE users and contact them.
The result of the attack is that the attacker will have the user's username and
password. This will allow the attacker arbitrary access to the account, including
banking, securities trading, and other valuable access.
Link: http://www.net-security.org/text/bugs/969714869,69820,.shtml


MULTIPLE VULNERABILITIES IN CISCOSECURE ACS
Multiple vulnerabilities have been identified and fixed in CiscoSecure ACS for
Windows NT Server:
- The CSAdmin software module can be forced to crash by sending it an
oversized URL.
- CiscoSecure ACS for Windows NT Server can be placed into an unstable state
by sending it an oversized TACACS+ packet.
- The enable password can be bypassed to gain unauthorized privileges on a
router or switch when CiscoSecure ACS for Windows NT Server is used in
conjunction with an LDAP server that allows users to have null passwords.
Link: http://www.net-security.org/text/bugs/969635524,66062,.shtml


DOS IN BROWSEGATE (HOME) V2.80
Delphis Consulting Internet Security Team discovered that it's possible to cause
Browsegate to crash with an invalid read error.
Link: http://www.net-security.org/text/bugs/969580439,75618,.shtml


RED HAT LINUX - GLINT SYMLINK VULNERABILITY
If a specific symlink exists in /tmp, glint will open it and write to it when run by
root - so destruction of any file is possible. Note that glint does not work with
RPM 3.0 or higher. If you have RPM 3.0 or higher installed, just uninstall the glint
package to remove this vulnerability.
Link: http://www.net-security.org/text/bugs/969580219,81985,.shtml


EXTENT RBS DIRECTORY TRANSVERSAL
Extent RBS allows users to register a new subscription via Credit Card through
their web browser. The problem is that the web server does not check for
directory transversal when reading image files. Thus any file available on the
same partition (in WinNT or any file on the *NIX system) which Extent RBS has
permissions to read, can be read by a malicious user.
Link: http://www.net-security.org/text/bugs/969579949,36863,.shtml


EXPLOIT USING EUDORA AND THE GUNINSKI HOLE
Eudora saves all attachments in a single directory upon receiving the mail; a mail
message need not be open for its attachment to be decoded and saved in that
common directory. An intruder need only send an e-mail with a trojaned DLL as
described in the Guninski advisory, along with or followed by an e-mail containing
a Word document.
Link: http://www.net-security.org/text/bugs/969408551,99330,.shtml


WINCOM LPD DOS
A continuos stream of LPD options, sent to the LPD port (default TCP port 515)
on the host running WinCOM, will eventually consume all the memory on that
host. Systems Affected: WinCOM LPD V1.00.90 for Windows NT
Link: http://www.net-security.org/text/bugs/969406272,66800,.shtml


DIGITAL UNIX KDEBUGD REMOTE VULNERABILITY
The kdebug daemon can be exploited by remote users to open and display the
contents of any file on the system. It can also be used to write to the beginning
of any file on the system overwriting data which was previously there. Affected:
Digital UNIX 4.0F, other versions believed to be as well but untested.
Link: http://www.net-security.org/text/bugs/969406252,65377,.shtml

----------------------------------------------------------------------------



Security world
--------------

All press releases are located at:
http://net-security.org/text/press

----------------------------------------------------------------------------

DIGITAL:CONVERGENCE EXPERIENCES SECURITY BREACH - [20.09.2000]

Internet technology company Digital:Convergence Corporation experienced a
security breach that may have exposed certain members' names and email
addresses. The company was alerted of breach efforts by Peter Thomas at
Securitywatch.com. The company has secured the site and is conducting a
thorough security examination.

Press release:
< http://www.net-security.org/text/press/969275944,52786,.shtml >

----------------------------------------------------------------------------

XCERT PROVIDES SECURITY FOR SMART VISA PLATFORM - [20.09.2000]

Xcert, a leading provider of software products for securing Internet transactions
and communications, announced that its Sentry CA public key infrastructure
software is being offered as part of Visa U.S.A.'s newly introduced smart Visa
Technology Platform. Xcert's technology, a component of the smart Visa
Access application provides the foundation for secure Internet access using a
smart Visa card.

Press release:
< http://www.net-security.org/text/press/969318536,94967,.shtml >

----------------------------------------------------------------------------

INTEL BRINGS NETWORK SECURITY TO MOBILE PCs - [20.09.2000]

Addressing a gap in network security solutions, Intel Corporation announced the
industry's first high-speed, security network adapters for mobile PCs. Intel also
introduced updated LAN security connections for desktop PCs and servers. The
new connections help protect confidential information, such as intellectual
property, financial transactions, human resource records and customer
demographics, transmitted across a local area network (LAN).

Press release:
< http://www.net-security.org/text/press/969318710,4731,.shtml >

----------------------------------------------------------------------------

PDS 2100 SECURITY APPLIANCE FROM INTRUSION.COM - [20.09.2000]

Intrusion.com, Inc., a leading provider of enterprise security solutions for the
information-driven economy, announced a new class of low-cost security
appliances targeted at small offices. The SecureCom PDS 2100 appliance series,
designed for maximum flexibility and ease of use, will initially feature Check Point
Software's VPN-1/FireWall-1 SmallOffice security software, also announced
by Check Point, for a combined price starting under $1,800.

Press release:
< http://www.net-security.org/text/press/969318830,3134,.shtml >

----------------------------------------------------------------------------

FREE SECURITY MANAGEMENT SOLUTION FOR LINUX - [20.09.2000]

Solsoft, Inc., the leading provider of policy management for e-Business security,
announced immediate availability of the newest version of its free Linux security
management solution. Following the success of its first release of Solsoft-NP-Lite
for Linux in July, the new version, called Solsoft NP-Lite 4.0, offers robust
functionality including: a new visual interface for easier definition of the security
policies, an enhanced compiler for optimized filters and performance, and a new
Policy Audit function for a better view of defined policies and existing breaches.

Press release:
< http://www.net-security.org/text/press/969378146,17801,.shtml >

----------------------------------------------------------------------------

ICSA.NET ACQUIRES NTBUGTRAQ - [20.09.2000]

ICSA.net, the global leader in Internet security, has acquired NTBugtraq, the
leading source for Microsoft-related security intelligence, and hired its owner,
Russ Cooper, to continue managing the service. NTBugtraq is an Internet-based
forum that encourages security technicians to discuss and notify other
professionals about Windows-based vulnerabilities.

Press release:
< http://www.net-security.org/text/press/969407614,32192,.shtml >

----------------------------------------------------------------------------

PROTEGRITY ADDS PKI FUNCTIONALITY TO SECURE.DATA - [20.09.2000]

Protegrity, Inc., the leading provider of solutions that protect franchise data,
announced at the Baltimore Technologies Global e/Security 2000 Convention
that it has licensed Baltimore KeyTools to enable public key infrastructure (PKI)
interoperability in its Secure.Data information-privacy solution.

Press release:
< http://www.net-security.org/text/press/969409157,9537,.shtml >

----------------------------------------------------------------------------

FIREWALL AND IPSEC COMPLIANT VPN FROM ELRON - [20.09.2000]

Cayman Systems, Inc., a global provider of broadband gateway solutions,
announced a joint business initiative with Elron Software. As the first step in
the initiative to offer value added services, Cayman adds Elron's Internet
Manager Firewall(TM) and IPSEC compliant VPN security software to its 3220
and 2E500 gateway product families, further strengthening the security
capabilities already packed into the products.

Press release:
< http://www.net-security.org/text/press/969409232,14973,.shtml >

----------------------------------------------------------------------------

SYMANTEC ANNOUNCES PRODUCT SUPPORT FOR WIN2000 - [20.09.2000]

Symantec Corp., a world leader in Internet security, announced product support
for the new Windows Millennium Edition operating system. With the new OS
focusing heavily on the connected consumer experience, many of Symantec's
best-of-breed solutions will provide users the safety and protection they require
while surfing the Internet. The following Symantec solutions are Windows Me
compatible: Norton SystemWorks 2001, Norton SystemWorks 2001 Professional
Edition, Norton Internet Security 2001, Norton Internet Security 2001 Family
Edition, Norton Personal Firewall 2001, Norton AntiVirus 2001, Norton Utilities
2001, Norton CleanSweep 2001 and Norton Ghost 2001.

Press release:
< http://www.net-security.org/text/press/969409302,92874,.shtml >

----------------------------------------------------------------------------

SMARTGUARD RELEASED BY V-ONE - [20.09.2000]

V-ONE Corporation, a leading provider of Virtual Private Networks, released the
latest version of its award-winning SmartGuard Security Appliance, which now
includes Secure Multiple Unit Management over the Internet and IPSec for
Site-to-Site using IKE. These features enhance the robust VPN capabilities
already included in SmartGuard version 1.0

Press release:
< http://www.net-security.org/text/press/969409654,65302,.shtml >

----------------------------------------------------------------------------

WATCHGUARD LIVESECURITY SERVICE - [20.09.2000]

Further expanding the reach of its LiveSecurity Service, WatchGuard Technologies
announced that its Internet security software and services will be automatically
available in wired homes using Leviton's new Vestal Router. Leviton will market
the Vestal Router to builders and contractors nationwide, as well as to individual
homeowners doing remodeling projects or upgrading their homes to support
computer networks and Internet access. WatchGuard will operate the LiveSecurity
Service, delivering firewall protection to owners of these "wired homes."

Press release:
< http://www.net-security.org/text/press/969450519,49878,.shtml >

----------------------------------------------------------------------------

CYLINK SECURES BLUETOOTH WIRELESS NET TECHNOLOGY - [20.09.2000]

Secure e-business pioneer Cylink Corporation announced that its SAFER+
encryption algorithm is being used for user authentication within Bluetooth, a
protocol that is rapidly growing in use for wireless communications. More than
1,700 companies support the Bluetooth protocol. With Bluetooth-enabled devices,
a wireless personal area network (PAN) for mobile commerce can easily be created
using peripheral devices, notebooks or handheld computers, smart telephones,
and even vending machines. The SAFER+ algorithm is one section of the Bluetooth
protocol. The algorithm enables one user to send a test message to a recipient for
encryption and compare the returned encrypted message with his own encryption
of the test message. A perfect match verifies the recipient’s authenticity.

Press release:
< http://www.net-security.org/text/press/969460501,25978,.shtml >

----------------------------------------------------------------------------

SECURE COMPUTING SECURES ERICSSON R380 SMARTPHONE - [21.09.2000]

Secure Computing and Ericsson today announced that the Ericsson R380
smartphone is available on GSM markets with Secure Computing's SafeWord
authentication token. Now, SafeWord users can use the R380 smartphone to
authenticate to networks and applications protected by SafeWord.

Press release:
< http://www.net-security.org/text/press/969549592,49689,.shtml >

----------------------------------------------------------------------------

WATCHGUARD RECEIVES COMMON CRITERIA CERTIFICATION - [21.09.2000]

WatchGuard Technologies, Inc., a leader in Internet security solutions, announced
that its LiveSecurity System and the Firebox II firewall appliance have been
awarded Common Criteria Certification. WatchGuard's Firebox II is the first firewall
appliance for the small to medium size enterprise market to receive this certification.
Some U.S. government agencies and certain countries require that Internet security
products they purchase meet Common Criteria Certification.

Press release:
< http://www.net-security.org/text/press/969549687,31372,.shtml >

----------------------------------------------------------------------------

ONLINE CREDIT CARD FRAUD-ELIMINATING TECHNOLOGY - [22.09.2000]

What is the biggest barrier to the growth of e-commerce and the Internet and
prevents more than half of the world's Internet users from making an online
purchase? Fears of online credit card fraud and security and privacy issues.
iShopSecure, Inc., a privately-held company based in Davie, Florida, has
launched a patent-pending technology and business process that eliminates
credit card fraud and allows consumers to shop from more than 750,000 web
sites without putting their credit card or other personal information online.

Press release:
< http://www.net-security.org/text/press/969585687,91319,.shtml >

----------------------------------------------------------------------------

IDENTIX COMBINES TWO SECTORS INTO SECURITY DIVISION - [22.09.2000]

Identix Inc., a worldwide leader in providing user authentication, security and
identification solutions, Friday announced that it has established a new
organizational structure for its commercial market products, combining its
Physical Access and IT divisions into one division, Security.

Press release:
< http://www.net-security.org/text/press/969635824,19544,.shtml >

----------------------------------------------------------------------------

PRIVACY FOUNDATION'S OPINION ON CUECAT ISSUE - [23.09.2000]

Marketers of the :CueCat, a new consumer electronics device that attaches to
PCs and TV sets, should disable a personal tracking feature and disclose more
details about how information collected will be used, the Privacy Foundation
requested today. "The Privacy Foundation has serious privacy concerns with the
:CueCat,’’ said Richard M. Smith, chief technology officer of the foundation.
"We are asking the company to fix the service now, before it is in widespread use."

Press release:
< http://www.net-security.org/text/press/969715210,80941,.shtml >

----------------------------------------------------------------------------

VISA PARTNERS WITH SECURIFY - [24.09.2000]

Securify, a leading eSecurity services provider, announced its appointment by
Visa U.S.A. to manage smart Visa Access, a key component of the smart Visa
Technology Platform. The smart Visa Technology Platform is a new payment
card platform with multi-function capabilities powered by cutting edge chip
technology. The smart Visa card enables Visa financial institutions to combine
the purchasing power of traditional payment cards with smart chip technology
to offer added security, utility and convenience to consumers. The smart Visa
Access system, a critical component of the smart Visa Technology Platform,
authenticates Visa cardholders, thus allowing banks to offer secure,
personalized services delivered through the Internet.

Press release:
< http://www.net-security.org/text/press/969750752,5714,.shtml >

----------------------------------------------------------------------------



Featured articles
-----------------

All articles are located at:
http://www.net-security.org/text/articles

Articles can be contributed to staff@net-security.org

Listed below are some of the recently added articles.

----------------------------------------------------------------------------

ISSUES: HIRING HACKERS, THE FINE LINE BETWEEN CULT AND CRIMINAL by Thejian

Obviously there are a lot of technically talented individuals running around in the
hacking scene nowadays. There always have, it's the root of its existence. This
has given birth to another interesting issue. Besides hacking being marketable
and trendy, the underground today has the full attention of the corporate world
where the skills are recognized (in some) and could be put to good use as well.
In short, hiring hackers, if not good for profits at least is the trendy thing to do.
And looking at the security problems some companies are having that definately
is a good thing. However, it also raises the question of trust.

Article:
< http://www.net-security.org/text/articles/thejian/hiring.shtml >

----------------------------------------------------------------------------

SECURING A REDHAT LINUX 6.2 MACHINE (BASICS) by bokuden

This article covers the basics of making a virgin redhat install more or less
secure before putting it on the internet. Remember all of this work should be
done before the box is put online, as machines can be rooted in minutes of
being on the net.

Article:
< http://www.net-security.org/text/articles/srh.shtml >

----------------------------------------------------------------------------

THE SECRETS OF SNOOP by Lance Spitzner

How to best leverage the network sniffer snoop, with various command line
examples. Included are examples on how to analyze network traffic and improve
your network security.

Article:
< http://www.net-security.org/text/articles/spitzner/snoop.shtml >

----------------------------------------------------------------------------

DETECTION OF AN UNKNOWN VIRUS by Kaspersky Lab

In this chapter we discuss the situations which user faces when he suspects,
that his computer is infected, but none of the anti-viruses known to him tested
positive. How and where to look for virus? What tools are needed for that, what
methods to use and what rules to follow?

Article:
< http://www.net-security.org/text/articles/viruses/detection.shtml >

----------------------------------------------------------------------------

VIRUS ALGORITHM ANALYSIS by Kaspersky Lab

"To my mind the most suitable object for keeping and analyzing the virus is a file
containing the virus body. In practice to analyze the file virus it is convenient to
have several infected files of different, but not too large, size. Except that it is
desirable to have infected files of all kinds (COM, EXE, SYS, BAT, NewEXE) that
this virus can infect..."

Article:
< http://www.net-security.org/text/articles/viruses/analysis.shtml >

----------------------------------------------------------------------------

RECOVERY OF AFFECTED OBJECTS by Kaspersky Lab

In most cases of viral infection the procedure of recovery of infected files and
disks means running a suitable anti-virus capable of disarming the system.
However, in the virus is not known to any anti-virus, it is enough to send the
infected file to anti-virus developer companies, and in some time (usually
several days or weeks) receive the cure updates for this virus. But if time
presses, you will have to disarm the virus yourself.

Article:
< http://www.net-security.org/text/articles/viruses/recovery.shtml >

----------------------------------------------------------------------------

PACIFIC BELL ALERTS CUSTOMERS TO 90# SCAM

Pacific Bell is alerting consumers and advising them how to protect themselves
from a telephone scam that is once again generating e-mail traffic on the
Internet. If consumers receive a call from someone claiming to be a telephone
technician, seeking to test the phone line and requesting that consumers dial
90#, consumers should hang up immediately without dialing the requested
numbers. Residential and business customers are targeted.

Article:
< http://www.net-security.org/text/articles/bell.shtml >

----------------------------------------------------------------------------

ANTI-VIRUS PROGRAMS by Andrew Krukov, AVP Team

I would like to point out that there are no anti-viruses guaranteeing 100 percent
protection from viruses. Any declarations about their existence may be considered
to be either an advertising trick or a sign of incompetence. Such systems do not
exist because for each anti-virus algorithm it is always possible to suggest virus
counter algorithm, making this particular virus invisible for this particular anti-virus
(fortunately the opposite is also true: for any anti-virus algorithm it is always
possible to create an anti-virus).

Article:
< http://www.net-security.org/text/articles/viruses/programs.shtml >

----------------------------------------------------------------------------

KASPERSKY LAB MAKES LINUX EVEN MORE SECURE

Kaspersky Lab, an international anti-virus software development company,
announces a new version of Kaspersky Anti-Virus (AVP) for Linux. This latest
version combines unique functionality, significantly simplifying the program’s use
and the world's first anti-virus solution to integrate into the popular e-mail
gateways Sendmail and Qmail.

Article:
< http://www.net-security.org/text/articles/viruses/linux.shtml >

----------------------------------------------------------------------------

"JAVANIZATION" OF MOBILE PHONES: A GREEN LIGHT FOR MALICIOUS PROGRAMS?

On 19 August, Sun Microsystems and some of its partners announced the
shipment of Mobile Information Device (MID) standard, based on the Java
programming language (Java™ 2 Platform Micro Edition – J2ME) for use on
mobile phones. At the same time, Motorola, one of the biggest companies
for the development of wireless technologies, released an application
programming interface (API), allowing for the development of additional
programs for its wireless devices.

Article:
< http://www.net-security.org/text/articles/viruses/javanization.shtml >

----------------------------------------------------------------------------




Featured books
----------------

The HNS bookstore is located at:
http://net-security.org/various/bookstore

Suggestions for books to be included into our bookstore
can be sent to staff@net-security.org

----------------------------------------------------------------------------

ENHANCED IP SERVICES FOR CISCO NETWORKS: A PRACTICAL RESOURCE FOR
DEPLOYING QUALITY OF SERVICE, SECURITY, IP ROUTING, AND VPN SERVICES

The book provides a useful and instructive breakdown of each enhanced service:
what it is, why you need it, how it works, how to deploy it, how to validate it.
This book offers a practical guide to implementing IPsec, the IOS Firewall, and
IOS Intrusion Detection System. Also included are advanced routing principles
and quality of service features that focus on improving the capability of your
network. A good briefing on cryptography fully explains the science that makes
VPNs possible. Rather than being another routing book, this is a guide to
improving you network's capabilities by understanding and using the
sophisticated features available to you in Cisco's IOS software.

Book:
< http://www.amazon.com/exec/obidos/ASIN/1578701066/netsecurity >

----------------------------------------------------------------------------

JAVA SECURITY

This book is extraordinary both for its technical depth and its readability. It
provides the Java programmer with a complete overview of the Java security
architecture and security classes, plus a wealth of detailed information and code
examples for specific implementations. The following chapters look in depth at the
elements of the Java security architecture: language rules, class loaders, the
security manager, the access controller, and permission objects. All these
chapters provide detailed information on implementation, as well as an excellent
explanation of the role of each feature within the entire security picture. The
second half of the book covers cryptographic features in the Java security
package and how Java programs work with code that performs authentication
and encryption. Here, you'll find detailed chapters on message digests, keys and
certificates, key management, digital signatures, and the Java Cryptography
Extensions. Anyone who needs to understand Java security, but especially those
who will implement security features in Java applications, will want this book.

Book:
< http://www.amazon.com/exec/obidos/ASIN/1565924037/netsecurity >

----------------------------------------------------------------------------

JAVA 2 NETWORK SECURITY

Rather than focusing on how a Java system can be broken, the authors show
managers, network administrators, developers, and security professionals how
Java can be made secure and how to exploit its strengths. Topics include the
pros and cons of each Java security alternative; architectural techniques for
maximizing security; securing Web and intranet applications; deploying or limiting
Java across firewalls; integrating Java and SSL; and using Java's Cryptography
APIs. The disk contains source code and links to Java security Web sites.

Book:
< http://www.amazon.com/exec/obidos/ASIN/0130155926/netsecurity >

----------------------------------------------------------------------------

LINUX SYSTEM SECURITY: THE ADMINISTRATOR'S GUIDE TO OPEN SOURCE
SECURITY TOOLS

The introduction of Linux System Security acknowledges that there's no magic
bullet as far as security is concerned. Security-minded system administration is
a process of constant revision. It promises, though, that "if you follow the
procedures outlined, you will certainly reduce your level of vulnerability." The
book delivers on that promise in spades. Using Red Hat Linux as the
demonstration environment, the authors explain how to use a suite of publicly
available tools to analyze, protect, and monitor your machines and networks.
They approach the subject from a practical standpoint, emphasizing software
and its use while referring the reader (using copious bibliographic notes) to
more specialized works for detailed information on cryptography, firewall
configuration, and other subjects.

Book:
< http://www.amazon.com/exec/obidos/ASIN/0130158070/netsecurity >

----------------------------------------------------------------------------

IMPLEMENTING AS/400 SECURITY

A concise, practical guide to implementing, evaluating, and auditing an AS/400
security strategy. This edition (first was 1992) brings together the fundamental
AS/400 security tools and experience-based recommendations, and includes the
security enhancements available in OS/400 Version 3 Release 1.

Book:
< http://www.amazon.com/exec/obidos/ASIN/1882419782/netsecurity >

----------------------------------------------------------------------------



Security Software
-------------------

All programs are located at:
http://net-security.org/various/software

----------------------------------------------------------------------------

AMAVIS 0.2.1-PRE3

AMaViS (A Mail Virus Scanner) scans e-mail attachments for viruses using
third-party virus scanners available for UNIX environments. It resides on a UNIX
(Linux) machine and looks through the attached files arriving via e-mail,
generates reports when a virus is found and sets the delivery on hold.

Link:
< http://net-security.org/various/software/969754025,36384,.shtml >

----------------------------------------------------------------------------

PHPSECUREPAGES 0.19B

phpSecurePages is a PHP module to secures pages with a login name and
password. It can handle multiple user groups (each with their own viewing rights),
store data in a MySQL database or a configuration file, and be used to identify
your Web site viewers. It also has multiple language support and session support
for both PHP3 and PHP4.

Link:
< http://net-security.org/various/software/969753951,18916,.shtml >

----------------------------------------------------------------------------

KILL THE SPAMS V.1.03

From the developer: "Kill The Spams is anti-spam software using a unique
algorithm to detect unsolicited emails. If you're tired of unsolicited commercial
e-mail clogging your inbox, you're not alone. Surveys have proven again and
again that most Internet users detest it. The main goal is to filter your e-mail
box without the pain of building complex filters. Unlike other similar products,
KTS does not need to maintain a list of spammers."

Link:
< http://net-security.org/various/software/969380297,16138,.shtml >

----------------------------------------------------------------------------

SPAMMOTEL V.1.2

This is a Web-based antispam program that gives you complete control of your
email address without using filters. SpamMotel lets you attach reminder notes
each time you give out an email address online, so you'll know exactly when and
where the spammer got your email address, and then lets you stop spam from
that sender. This free program works with your existing email account. A small
downloadable interface makes access easy, and requires no installation on your
computer. A handy online Log Page lets you view all your SpamMotel activity.
This program is also useful in organizing your email folders more effectively.

Link:
< http://net-security.org/various/software/969379780,9260,.shtml >

----------------------------------------------------------------------------

PC DOORS GUARD V.1.0.1.6

PC Doors Guard is a complete anti-Trojan solution for your office and home PCs.
The program consists of three main utilities, which can provide you with stable
and reliable protection. A Trojan needs to get through this three-folded barrier
in order to infect your PC. While online updates keep PC Doors Guard up to date,
the built-in heuristic analyzer can detect a Trojan without using any virus
database. The Monitor utility constantly verifies the files you download, get via
ICQ, or receive by e-mail; the Executor checks any file before it is executed;
and the Scanner provides you with a virus search engine so that stealth,
phantom, and worm viruses do not get away.

Link:
< http://net-security.org/various/software/968808468,3315,.shtml >

----------------------------------------------------------------------------

INTERSCAN WEBPROTECT V2.2

InterScan WebProtect is a real-time virus scanning package that works with
Microsoft Proxy server. It protects proxy server traffic from computer virus
infections and malicious JAVA and ActiveX code. It auto-cleans infected files
transferred via HTTP or FTP. WebProtect has additional security features that
let you selectively control the type of material that are downloaded from the
Internet.

Link:
< http://net-security.org/various/software/968808271,26573,.shtml >

----------------------------------------------------------------------------



Defaced archives
------------------------

[18.09.2000] - Sandia National Laboratories
Original: http://samt4831.sandia.gov/
Defaced: http://www.attrition.org/mirror/attrition/2000/09/18/samt4831.sandia.gov/

[18.09.2000] - Idaho State Government
Original: http://www.sapd.state.id.us/
Defaced: http://www.attrition.org/mirror/attrition/2000/09/18/www.sapd.state.id.us/

[18.09.2000] - Gujarat (GOV)
Original: http://mail.gujarat.gov.in/
Defaced: http://www.attrition.org/mirror/attrition/2000/09/18/mail.gujarat.gov.in/

[19.09.2000] - The Temple of Yehwe
Original: http://www.vodou.org/
Defaced: http://www.attrition.org/mirror/attrition/2000/09/19/www.vodou.org/

[20.09.2000] - The Colorado Springs Gazette Telegraph
Original: http://www.appeal-democrat.com/
Defaced: http://www.attrition.org/mirror/attrition/2000/09/20/www.appeal-democrat.com/

[20.09.2000] - The Orange County Register
Original: http://www.freedom.com/
Defaced: http://www.attrition.org/mirror/attrition/2000/09/20/www.freedom.com/

[21.09.2000] - Ministry of Foreign Affairs, Albania
Original: http://www.mfa.gov.al/
Defaced: http://www.attrition.org/mirror/attrition/2000/09/21/www.mfa.gov.al/

[21.09.2000] - Journal des Finances
Original: http://www.jdf.com/
Defaced: http://www.attrition.org/mirror/attrition/2000/09/21/www.jdf.com/

[22.09.2000] - Planet Quake (Germany)
Original: http://www.planetquake.de/
Defaced: http://www.attrition.org/mirror/attrition/2000/09/22/www.planetquake.de/

[22.09.2000] - Sigma Computer Training & Consulting, Inc.
Original: http://www.sigmactc.com/
Defaced: http://www.attrition.org/mirror/attrition/2000/09/22/www.sigmactc.com/

[23.09.2000] - NetAgent
Original: http://www.crack-contest.com/
Defaced: http://www.attrition.org/mirror/attrition/2000/09/23/www.crack-contest.com/

[23.09.2000] - The George Washington University Hospital
Original: http://www.gwhospital.com/
Defaced: http://www.attrition.org/mirror/attrition/2000/09/23/www.gwhospital.com/

[23.09.2000] - National Library of Ireland
Original: http://www.nli.ie/
Defaced: http://www.attrition.org/mirror/attrition/2000/09/23/www.nli.ie/

[0.09.2000] - University of USA
Original: http://www.usa.edu.ph/
Defaced: http://www.attrition.org/mirror/attrition/2000/09/23/www.usa.edu.ph/

----------------------------------------------------------------------------



Questions, contributions, comments or ideas go to:

Help Net Security staff

staff@net-security.org
http://net-security.org

← previous
next →
loading
sending ...
New to Neperos ? Sign Up for free
download Neperos App from Google Play
install Neperos as PWA

Let's discover also

Recent Articles

Recent Comments

Neperos cookies
This website uses cookies to store your preferences and improve the service. Cookies authorization will allow me and / or my partners to process personal data such as browsing behaviour.

By pressing OK you agree to the Terms of Service and acknowledge the Privacy Policy

By pressing REJECT you will be able to continue to use Neperos (like read articles or write comments) but some important cookies will not be set. This may affect certain features and functions of the platform.
OK
REJECT