Copy Link
Add to Bookmark
Report
Net-Sec Issue 041
HNS Newsletter
Issue 41 - 11.12.2000
http://net-security.org
This is a newsletter delivered to you by Help Net Security. It covers weekly
roundups of security events that were in the news the past week. Visit Help
Net Security for the latest security news - http://www.net-security.org.
Subscribe to this weekly digest on:
http://www.net-security.org/text/newsletter
Table of contents:
1) General security news
2) Security issues
3) Security world
4) Featured books
5) Security software
6) Defaced archives
General security news
---------------------
----------------------------------------------------------------------------
TURKISH PM WEBSITE DEFACED
BBC reports that the website of the Turkish Prime Minister's office was defaced
in protest against the government's economic policies.
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://news.bbc.co.uk/hi/english/world/europe/newsid_1053000/1053031.stm
SNOOP POWERS
Civil liberty campaigners yesterday warned Home Secretary Jack Straw not to
grant police and the secret services new "snoop" powers. A proposal, which
would create a database of every phone call, e-mail and Internet connection
made in the UK, could see Britain hauled up before the European Court of
Human Rights, warned Liberty.
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.record-mail.co.uk/shtml/NEWS/P2S2.shtml
JOHNS HOPKINS TO LAUNCH IT SECURITY CENTER
Johns Hopkins University announced Monday that, thanks to a $10 million gift
from an anonymous donor, it would open a center to study computer and
information security issues.
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.infoworld.com/articles/hn/xml/00/12/04/001204hnjohnshopkins.xml
SECURITY MARKET
The worldwide market for security consulting, implementation, management
and training services will increase at a compound annual growth rate of 26
percent, from $5.5 billion in 1999, to $17.2 billion in 2004, according to a
new study from IDC.
Link: http://www.esj.com/breaknewsdisp.asp?ID=3761
YET ANOTHER DoS ALERT
The FBI's cybercrime unit has warned web users to be vigilant during the
Christmas holidays. Yes, as you guessed, they are alerting on Denial of
Service attacks...
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.ananova.com/news/story/sm_134941.html
KURT SEIFRIED INTERVIEW
LinuxSecurity Brasil did an interview with Kurt Seifried from SecurityPortal. Kurt
is the author of the well known Linux Administrator's Security Guide (LASG) and
is working now at SecurityPortal.com...
English version: http://www.linuxsecurity.com.br/sections.php?op=viewarticle&artid=2
Portuguese version: http://www.linuxsecurity.com.br/sections.php?op=viewarticle&artid=1
ATTRITION STAFFERS FEATURED AT IDG
IDG interviewed Cancer Omega, Jericho and Null - Attrition staffers. Questions
go from "What made you decide to take a legitimate job in computer security?"
to "How easy is it to break into the typical Fortune 500 company site?"
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.idg.net/ic_302972_1794_9-10000.html
PRIVACY SITUATION AND MORE
Marketing companies have begun to embed invisible HTML "beacons" in their
e-mail. Because these tiny one-pixel images must be retrieved from the
sender's server when the message is opened, they can tell the sender
when and how often a recipient looks at a message.
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.infoworld.com/articles/hn/xml/00/12/05/001205hnwebbug.xml
FROM CISCO WITH LOVE
Cisco has advised users to update the software used in its 600 family of routers
following the identification of what it admits are multiple security vulnerabilities.
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.theregister.co.uk/content/5/15246.html
PROLIN DOES LITTLE HARM
IDG.net reports that the newly discovered Prolin worm appears to be doing
less damage than originally feared.
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.idg.net/ic_304085_1794_9-10000.html
LAST LINE OF PREVENTION
The Israel Land Administration (ILA) was forced to close most of its Internet
site last Fridey, due to damage caused by hostile cyber attacks.
Link: http://new.globes.co.il/serveEN/globes/docView.asp?did=454769&fid=947
UPDATE ON MAFIABOY CASE
Nearly a year after all those DDoS attacks, prosecutors and lawyers
representing a defendant known as "Mafiaboy" are locked in a high
stakes game of chicken over whether the case will go to trial.
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.usatoday.com/usatonline/20001205/2888098s.htm
ENCRYPTION EXPERTS SET TO BUST RIP RULES
Mathematician Peter Fairbrother has launched a project called M-o-o-t, which
would make it physically impossible to surrender encryption keys - or for
security services to track e-mails.
Link: http://www.computerweekly.com/cwarchive/daily/20001206/cwcontainer.asp?name=C5.HTML&SubSection=6&ct=daily
SCHWAB SITE VULNERABLE
Charles Schwab & Co.'s Web site is vulnerable to a well-known attack that
could allow anyone to gain access to sensitive account information, the
financial services company acknowledged yesterday. More information
about the problem could be found here (http://www.net-security.org/text/bugs/976159213,50588,.shtml)
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.zdnet.com/zdnn/stories/news/0,4586,2662137,00.html
COMPUTER CRIME LAWS
Criminal laws in most countries have not been extended into cyberspace yet,
potentially making prosecution difficult on computer-related crimes such as
hacking and distributing viruses on the Internet, a 52-country survey says.
Link: http://thestar.com.my/tech/story.asp?file=/2000/12/7/technology/07nolaws&sec=technology
HOSPITAL RECORDS HACKED HARD
A sophisticated hacker took command of large portions of the University of
Washington Medical Centre's internal network earlier this year and downloaded
computerized admissions records for four thousand heart patients,
SecurityFocus has learned.
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.theregister.co.uk/content/6/15285.html
HV2K MEMBER SENTENCED
A high school senior who allegedly co-founded an international computer
hacking group was sentenced to five years' probation after he pleaded guilty
to defacing several government Web sites.
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www0.mercurycenter.com/svtech/news/breaking/merc/docs/064296.htm
CZECH GOVERNMENT WEBSITE ATTACKED
Czech interior ministry's website got defaced on Wednesday by inserting a
modified picture of Interior Minister Stanislav Gross, a spokesman said.
Link: http://thestar.com.my/tech/story.asp?file=/2000/12/7/technology/07hack&sec=technology
PERSONAL FIREWALLS FAIL THE LEAK TEST
In an attempt to show that personal firewalls may afford their users little
protection against serious threats, a respected PC security expert Steve
Gibson has released a new software tool that pokes holes in many of the
leading desktop security packages.
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.internetnews.com/intra-news/article/0,,7_529661,00.html
SAFENET 2000
Bill Gates kicked off the company's first-ever security summit in Redmond,
dubbed SafeNet 2000, calling for industry-wide involvement and hinting at
some of the security features the company is developing.
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://abcnews.go.com/sections/tech/DailyNews/microsoft_summit001207.html
FTSE WEB SITE DEFACED
The FTSE web site at FT-SE.co.uk has been hacked by a group calling
themselves "kat krew." The FTSE confirmed that the front page had been
hacked in the early hours of this morning, at around four AM.
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.theregister.co.uk/content/6/15345.html
IDENTIFYING ICMP HACKERY TOOLS USED IN THE WILD TODAY
Several tools exist in the wild today that allow a malicious computer attacker to
send crafted ICMP datagrams. Those datagrams can be used for various tasks:
host detection, advanced host detection, Operating System Fingerprinting and
more. This article by Ofir Arkin will examine whether we can identify the different
tools used for ICMP hackery that are available in the wild today. If we can
identify the tool, we may be able to identify the underlying operating system
or a number of operating systems that this tool might be running on top of.
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.securityfocus.com/focus/ids/articles/icmptools.html
HOLIDAY ALERT: PART 4
Yet another "alert" about Christmas attacks - this time a leading Scottish
internet security company Buchanan International, has predicted that a
major online retailer will be shut down by hackers in the run up to Christmas...
Link: http://www.thescotsman.co.uk/business.cfm?id=28490&keyword=the
VERIZON SPAMMED
Verizon Communications worked Saturday to clear a backlog of millions of
junk messages that slowed email for as many as 200,000 of its Internet
customers on the East Coast.
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://news.cnet.com/news/0-1004-200-4076405.html
ENTRANCE TO FBI AND FTC WEB SITES
One of the HIT2000 members says that he discovered a potential security
hazard in two U.S. government Web sites that use Netscape Communications
Enterprise Server, including the online home of the U.S. Federal Bureau of
Investigation (FBI).
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.infoworld.com/articles/hn/xml/00/12/08/001208hnfbiftc.xml
PERSONAL FIREWALLS NOT SO SAFE
It's one thing to rush an application to market without thinking about security.
It's another to rush a security application to market. But that's what's happened
with several personal firewalls - a product category that was a virtual nonentity
a year ago but is now standard fare for anyone on a broadband connection,
including telecommuters.
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.zdnet.com/eweek/stories/general/0,11011,2663028,00.html
SECURING YOUR BUSINESS IN THE AGE OF THE INTERNET
Information technology is permeating all aspects of modern life and business.
The growth of the Internet and in particular of the World Wide Web presents
increasing challenges to information technology and business managers.
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://securityportal.com/cover/coverstory20001204.html
INSIDE THE STAGES WORM
Recent e-mail worm incidents have attracted so much media coverage that one
might expect users to be more wary of running emailed attachments. However,
the June 2000 in-the-wild appearance of Argentinian virus writer Zulu's
VBS.Stages worm demonstrated the folly of this assumption. In this article in
SecurityFocus's Virus Focus Area, Szappanos Gabor gives an interesting
overview of the Stages worm. The article discusses a variety of aspects
of the threat, including its activation and propagation, and the role of shell
scraps in its life cycle. The author also touches on additional concerns such
as polymorphism and hidden extensions, and how they affect the Stages worm.
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.securityfocus.com/focus/virus/articles/stages/stages.html
LINUX NETWORK SECURITY
There are several methods remote attackers can use to break into your machine.
Usually they are exploiting problems with existing programs. The Linux community
always quickly spots these 'exploits' and releases a fix. Linux fixes are usually out
long before the equivalent programs in other operating systems are mended. The
issue here though is how to prevent your machine from suffering any sort of
problem of this sort.
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.linuxplanet.com/linuxplanet/tutorials/211/1
THE FIFTH ESTATE
In its investigative documentary, Hackers, the fifth estate explores the inherent
tension between the convenience and speed with which people conduct their
personal, social and corporate affairs via the internet, and the high price in
personal security exacted by the technology they use. The internet is a global
web of interconnected computers which make it possible for people and
companies to complete transactions at the speed of light. But it is the very
interconnectedness of the web that leaves virtually every machine attached
to it vulnerable to unwanted intrusions.
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://cbc.ca/news/indepth/hackers/
----------------------------------------------------------------------------
Security issues
---------------
All vulnerabilities are located at:
http://net-security.org/text/bugs
----------------------------------------------------------------------------
BYPASSING ADMIN AUTHENTICATION IN PHPWEBLOG
In common.inc.php, $CONF is not properly initialized as an array, thus allowing
users to alter the contents in it, wich can leed to bypass administrator
authentication.
Link: http://www.net-security.org/text/bugs/976014942,58296,.shtml
XITAMI WEBSERVER MULTIPLE VULNERABILITES
Xitami Webservers default installation /Cgi-Bin directory has a Vulnerability
that allows remote users to View information regarding your system and
Webserver's Directory by executing TestCgi.exe using your browser sample:
http://www.Target.com/cgi-bin/testcgi
Link: http://www.net-security.org/text/bugs/976016727,49445,.shtml
IIS 4.0/5.0 PHONE BOOK SERVER BUFFER OVERRUN
The Phone Book Service was created by Microsoft to help provide dial in
services to the corporation and ISPs. As part of the functionality of the
service when users dial in their client software can be configured to download
phone book updates from a web server. The ISAPI application that serves the
update is pbserver.dll. This DLL contains a buffer overrun vulnerability that can
allow the execution of arbitrary code or at best crash the Interner Information
Server process, inetinfo.exe.
Link: http://www.net-security.org/text/bugs/976067413,42776,.shtml
PHONE BOOK SERVER BUG PATCHED
Microsoft has released a patch that eliminates a security vulnerability in an
optional service that ships with Microsoft Windows NT 4.0 and Windows 2000
Servers. The vulnerability could allow a malicious user to execute hostile code
on a remote server that is running the service.
Link: http://www.net-security.org/text/bugs/976067428,968,.shtml
CHARLES SCHWAB ONLINE TRADING BUGS
Through cross-site scripting, an attacker can gain control of the account of a
Charles Schwab customer who uses the online trading service. The attacker
can choose to either gain interactive use of the service, or to cause the
account holder to perform inadvertent unwanted actions on the attacker's
behalf.
Link: http://www.net-security.org/text/bugs/976159213,50588,.shtml
APCUPSD 3.7.2 DENIAL OF SERVICE
During startup apcupsd creates a PID-file named "apcupsd.pid" in /var/run
(system specific, maybe other directory) with the ID of the daemon process,
this PID-file is used by the shutdown-script to kill the daemon process.
Unfortunatly this PID-file ist world-writeable (Mode 666, -rw-rw-rw). A
malicious user can overwrite the file with arbitrary process ID's, these
processes will be killed instead of the apcupsd process during restart or
stop of the apcupsd daemon and during system shutdown or restart, the
whole system can be crashed this way.
Link: http://www.net-security.org/text/bugs/976208482,77278,.shtml
PHP AND APACHE VULNERABILITY
CHINANSL security team has found a security problem in Apache web server
where using php3. Exploitation of this vulnerability, A malicious user can
access the content of file in the machine where Apache web server is runing.
Link: http://www.net-security.org/text/bugs/976208520,99957,.shtml
ULTRASEEK SERVER 3.0 VULNERABILITY
CHINANLS security team has found a security problem in Ultraseek Server 3.0.
Exploitation of this vulnerability, It is possible that a malicious user can get the
absolute path and source code of Ultraseek Server addons.
Link: http://www.net-security.org/text/bugs/976208502,82387,.shtml
----------------------------------------------------------------------------
PHPGROUPWARE VULNERABILITIES
phpGroupWare makes insecure calls to the include() function of PHP which can
allow the inclusion of remote files, and thereby the execution of arbitrary
commands on the remote web server with the permissions of the web
server user, usually 'nobody'
Link: http://www.net-security.org/text/bugs/976208568,21880,.shtml
IBM DB2 SQL DOS
DB2 Universal Database (UDB) is IBM's relational database server solution for
the UNIX, OS/2 and Windows NT/2000 operating environments.And More than
70% of the world's major companies rely on DB2 to manage their mission-critical
business applications. There is a bug when you excute a special sql include time
and varchar ,which will make the database crash.
Link: http://www.net-security.org/text/bugs/976208595,66917,.shtml
LEXMARK MARKVISION DRIVERS ROOT COMPROMISE
Several of the utilities that make up the Unix printer drivers contain command
line buffer overflows. As some of these utilities are installed setuid root, a local
attacker can trivially exploit the vulnerabilities to execute arbitrary code as root.
Link: http://www.net-security.org/text/bugs/976306427,15975,.shtml
HOMESEER DIRECTORY TRAVERSAL VULNERABILITY
Adding the string "../" to an URL allows an attacker to files outside of the
webserver's publishing directory. This allows read access to any file on the
server. Example: http://localhost:80/../../../autoexec.bat reads the file
"autoexec.bat" from the partition's root dir.
Link: http://www.net-security.org/text/bugs/976306486,83751,.shtml
BROADVISION ONE-TO-ONE ENTERPRISE BUG
BroadVision One-To-One Enterprise contains a vulnerability which reveals
server information . Requesting a non-existent file,the server will reveal the
physical path of server files as following:
"Script /appl/bv1to1/bv1to1_var/script-root/login/benjurry.jsp failed, reason unknown "
Link: http://www.net-security.org/text/bugs/976306619,90744,.shtml
ADMINISTRATION REGISTRY KEY VULNERABILITY
The registry key in Windows NT 4.0 that handles the administration of Remote
Access Service (RAS) third-party tools is not properly configured to deny write
access to unprivileged users. Such lenient permissions assigned to this particular
registry key would allow any user that could log on locally to a system with a
RAS server installed to modify the value of the key to an arbitrary DLL file that
would be executed upon startup of RAS. The DLL in the RAS registry key is run
under LocalSystem privileges. Therefore, the malicious user would be able to
perform any action under the LocalSystem security context which would
basically yield full control over the local machine. The location of the RAS r
egistry key is HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RAS.
Link: http://www.net-security.org/text/bugs/976306634,8269,.shtml
VULNERABILITIES IN KTH KERBEROS IV
The KTH Kerberos IV implementation (http://www.pdc.kth.se/kth-krb/) contains
the following vulnerabilities:
1) Honoring certain environment variables
2) Buffer overflow in protocol parsing code
3) File system race when writing ticket files
The vulnerabilities may lead to local and remote root compromise if the system
supports Kerberos authentication and uses the KTH implementation (as is the
case with e.g. OpenBSD per default). The system needn't be specifically
configured to use Kerberos for all of the issues to be exploitable; some of
the vulnerabilities are exploitable even if Kerberos is disabled by commenting
out the realm name in the "krb.conf" file.
Link: http://www.net-security.org/text/bugs/976410064,99928,.shtml
----------------------------------------------------------------------------
Security world
--------------
All press releases are located at:
http://net-security.org/text/press
----------------------------------------------------------------------------
ARGANTE PROJECT ANNOUNCED - [03.12.2000]
We - a small group of computer security and programming enthusiasts - are
proud to present a result of our hard work on making secure, functional,
portable and effective environment, called "Argante". Although Argante is
introducing completely new standards, architecture concepts and design
basis, we believe it can find its place, both in dedicated and hybrid solutions,
where Argante code is mixed with traditional components - especially in
server software, secure distributed solutions / network monitoring and
analysis software, distributed self-organizing clusters (at management /
request propagation layer), virtual routers (for easy building of complex,
fault-tolerant private networks from scratch) and so on, making such
solutions simpler, more secure and stable - and, very often, more effective.
Press release:
< http://www.net-security.org/text/press/975813054,97593,.shtml >
----------------------------------------------------------------------------
CONEXANT CHIPSET OFFERS WATCHGUARD PROTECTION - [04.12.2000]
WatchGuard Technologies, Inc. announced that Conexant Systems, Inc. will be
the first semiconductor company to offer WatchGuard's firewall and LiveSecurity
Services with their new CX82100 home networking processor for Internet
enabled devices. The Conexant CX82100 will offer a reference design with a
built-in WatchGuard firewall and access to WatchGuard's suite of LiveSecurity
Services where end users can enhance their protection by subscribing to
additional services, such as WatchGuard's IPSec VPN (Virtual Private Network).
Press release:
< http://www.net-security.org/text/press/975948103,25179,.shtml >
----------------------------------------------------------------------------
NETWORK-1 CITED IN RECENT IDC AND GARTNER REPORTS - [04.12.2000]
Network-1 Security Solutions, Inc., a leader in distributed intrusion prevention
solutions for e-Business networks, announced that it continues to gain in
awareness and market recognition among industry analysts that follow the
network security industry. In October, the company was cited as one of the
original manufacturers of Distributed Firewalls, a market segment IDC
characterizes as "hot." A subsequent report issued in November by the
Gartner Group, "Firewall Market Magic Quadrant Update 2000," now includes
Network-1 within the quadrant and refers to the company under the "New
Entrants" section.
Press release:
< http://www.net-security.org/text/press/975949007,19004,.shtml >
----------------------------------------------------------------------------
"NAPTHA" SECURITY VULNERABILITY UNCOVERED - [04.12.2000]
BindView Corporation, a leading provider of IT security management solutions,
announced that it has identified Naptha, a cluster of new security vulnerabilities
that threatens at least seven major operating systems including Microsoft,
Novell, Solaris and Linux. Naptha is comprised of a variety of denial-of-service
vulnerabilities that exploit the TCP protocol and cause a variety of service
degradation effects. Results could range from a slow down or disruption of
services to total operating system failure. Applications including DNS servers,
Web servers, and e-mail servers as well as entire operating systems are at
risk of attack from Naptha.
Press release:
< http://www.net-security.org/text/press/975949798,67328,.shtml >
----------------------------------------------------------------------------
NETSCREEN INTRODUCES GIGABIT SECURITY SYSTEM - [05.12.2000]
NetScreen Technologies, Inc., a leading developer of ASIC-based Internet
security systems and appliances, announced a new version of the NetScreen
1000 Gigabit Security System. The NetScreen-1000ES (Enterprise System) is
a gigabit speed firewall/VPN security system specially configured to meet the
high-bandwidth security needs of enterprise intranets, e-business operations,
and broadband Internet access.
Press release:
< http://www.net-security.org/text/press/976015420,90988,.shtml >
----------------------------------------------------------------------------
I-WORM.XTC TARGETS NEW YEAR'S DAY - [06.12.2000]
Central Command, a leading provider of PC anti-virus software and computer s
ecurity services, and its partners' announced the discovery of I-Worm.XTC, a
new Internet worm that infects Windows 95/98/Me/NT/2000 computers and
masquerades itself as a virus protection update. This new worm uses a new
technique for replication, and can be remotely controlled through the Internet.
Press release:
< http://www.net-security.org/text/press/976066755,63640,.shtml >
----------------------------------------------------------------------------
DON'T LET A DOT.COM BECOME A DOT.CON - [06.12.2000]
Little compares with the convenience of pointing and clicking through holiday
shopping lists, but consumers could pay a steep price for cyber shopping if
they don't protect personal data. Experts estimate that 55 million Americans
will spend $12.5 billion online this holiday season, nearly double last year's
total and a record for any year.
Press release:
< http://www.net-security.org/text/press/976066825,98721,.shtml >
----------------------------------------------------------------------------
JAWZ announced Cyber Crime Response Unit - [06.12.2000]
JAWZ Inc. announced details of its newly formed Cyber Crime Response Unit.
This group will be part of JAWZ's Professional Security Services division, and
will focus on providing JAWZ's clients with Computer Incident Response Team
(CIRT) capabilities, Computer Crime Investigation and Forensic Analysis, and
Forensic Training and Certification.
Press release:
< http://www.net-security.org/text/press/976066908,92668,.shtml >
----------------------------------------------------------------------------
RAINBOW ANNOUNCES 2001 EXPANSION - [06.12.2000]
Rainbow Technologies, Inc. announced an aggressive growth strategy,
commencing in January 2001, which places Rainbow's core competencies into
four business units. This move includes the creation of IVEA Technologies for
products in eCommerce acceleration and performance enhancement, and the
Digital Rights Management Group that focuses on hardware and software
authentication and security products.
Press release:
< http://www.net-security.org/text/press/976122378,87105,.shtml >
----------------------------------------------------------------------------
Featured books
----------------
The HNS bookstore is located at:
http://net-security.org/various/bookstore
Suggestions for books to be included into our bookstore
can be sent to staff@net-security.org
----------------------------------------------------------------------------
FROM ACCESS TO SQL SERVER
The book begins by discussing SQL Server and by carefully explaining the areas
in which it differs from Access. Sinclair reviews the SQL Server technology,
including its architecture and application environment. He also provides
coverage of key topics, including security; data storage; system databases;
database objects such as tables, views, and stored procedures; and, of course,
how to query and view the data in the database. After reviewing SQL Server,
Sinclair discusses the potential reasons for an upgrade and the planning process
necessary to complete a successful migration. He covers core migration issues
and helps to provide a framework for decisionmaking. The author then turns to
the working issues of the migration process itself. Among the topics covered:
Microsoft's Upsizing Wizards, use of SQL Server's Data Transformation Services,
options for connecting Access databases directly to SQL Server, differences and
similarities between Tables and Views in Access and in SQL Server, how to write
SQL Server stored procedures, and even how to convert existing Access reports
to stored procedures.
Book:
< http://www.amazon.com/exec/obidos/ASIN/1893115240/netsecurity >
----------------------------------------------------------------------------
LINUX PROGRAMMING: A BEGINNER'S GUIDE
Learn the fundamentals of Linux programming by following the steps and
examples in this easy-to-use guide. Linux expert Richard Petersen uses
hands-on exercises to teach you how to program the BASH and TCSH
shells, customize Linux using Perl, Tcl, and Gawk, and write GUI programs
in Tk. You'll also learn GUI programming techniques for interfaces such as
the Gnome and KDE desktop environments.
Book:
< http://www.amazon.com/exec/obidos/ASIN/0072127430/netsecurity >
----------------------------------------------------------------------------
A BRIEF HISTORY OF THE FUTURE: ORIGINS OF THE INTERNET
This book is Naughton's attempt to educate the uninitiated in how the Internet
came to be. Although its development occurred in starts and stops over a half-
century, the Internet came into its own only in the 1990s, with the arrival of
the World Wide Web and widely available software to negotiate it. Each of
those innovations, though, drew on work that sometimes extends deep into
the past, and Naughton does a good job of tracing technical lineages. Though
studded with geekspeak, his narrative doesn't presuppose much background
knowledge on his readers' part, unlike Stephen Segaller's worthy Nerds 2.0.1.,
which covers some of the same ground. Naughton's cast of characters includes
such scientific and administrative luminaries as Norbert Wiener, Vannevar Bush,
Paul Baran, Bill Gates, Linus Torvalds, and Tim Berners-Lee (but, sad to say,
not Al Gore), each of whom made contributions large and small to what
Naughton insists is a technological revolution with endless possibilities
for the common good.
Book:
< http://www.amazon.com/exec/obidos/ASIN/1585670324/netsecurity >
----------------------------------------------------------------------------
DEBUGGING ASP: TROUBLESHOOTING FOR PROGRAMMERS
Author Derek Ferguson has compiled a list of bugs from his work at a regional
ISP, a perfect laboratory for uncovering the most common problems that ASP
developers face every day. First and foremost are his suggestions for
configuring Internet Information Server (IIS) for development systems. A
number of valuable tips help you improve the feedback that you get from Web
server logs. You also learn about several options that will simplify debugging of
new scripts and components over old ones. (In short, Debugging ASP will help
you make sure, when you deploy a new script or component, that it gets
displayed in your Web page, instead of the out-of-date version.) A really
useful section points out common gotchas in ASP development, and there
are tips on the right ways to include other files in ASPs and how to redirect
HTTP requests correctly. The book also explains how to maintain state with
Session objects, while balancing performance and security considerations.
Book:
< http://www.amazon.com/exec/obidos/ASIN/0072125349/netsecurity >
----------------------------------------------------------------------------
REMOVING THE SPAM: EMAIL PROCESSING AND FILTERING
No one likes unsolicited electronic mail. Even though you can easily delete
messages describing ways to MAKE MONEY FAST, they take a toll on network
bandwidth and reduce your productivity. The key to gaining the upper hand in
the battle against spam is to understand the tools at your disposal. In Removing
the Spam, Geoff Mulligan names those tools and then describes how to use
several of them. Mulligan begins explaining the operation and management of
two widely distributed Unix e-mail tools: Sendmail and Procmail. In his section
on Sendmail, the author answers the question asked by everyone who's ever
been harassed on e-mail: How do I automatically trash mail from X? He shows
you how to block mail based on mail attributes like sender, subject line, message
size and several other parameters. Coverage of Procmail in Removing the Spam
includes the essentials of recipe files, but more ready-to-use mail-management
recipes would be welcome. In addition to covering Sendmail and Procmail, the
author addresses mailing lists under Majordomo and SmartList. He also provides
a handy guide to the user and administrator commands that control these
popular programs--just the thing you need the next time you're on a list and
want to unsubscribe.
Book:
< http://www.amazon.com/exec/obidos/ASIN/0201379570/netsecurity >
----------------------------------------------------------------------------
Security Software
-------------------
All programs are located at:
http://net-security.org/various/software
----------------------------------------------------------------------------
LIBMIX (LINUX)
LibMix is a library that provides an API for various useful functions, including an
AES encryption interface, various network front-ends and low level datagram
functions, as well as functions for string manipulations and other miscellaneous
utility functions. It also includes functions to transmit encrypted data via
stateless spoofed datagrams (tfntransmit/tfnread).
Info/Download:
< http://net-security.org/various/software/976015993,7246,.shtml >
----------------------------------------------------------------------------
NETWATCH V.0.9
Netwatch allows monitoring of an Ethernet segment or PPP line and examine
activity on the network, highlighting hostnames in colors to indicate activity
on the bus network based on time. The monitor includes packet statistics
and a TOP mode which allows a sorted list of hosts based on IP usage. All
info is updated on a per second basis.
Info/Download:
< http://net-security.org/various/software/976016083,31197,.shtml >
----------------------------------------------------------------------------
FORMS 2.0 CONTROL SECURITY PATCH
This patch addresses a vulnerability that occurs when the Forms 2.0 Control
(Fm20*.dll) is available on a user's system. Forms 2.0 is an ActiveX control
that allows users to create customized dialog boxes. A malicious hacker could
use the Forms 2.0 Control to read or export text on a user's Clipboard when
that user visits a Web site set up by the malicious hacker or opens an email
created by the hacker. The Forms 2.0 Control Security Patch prevents a
hacker from exploiting this vulnerability.
Info/Download:
< http://net-security.org/various/software/976411977,7441,.shtml >
----------------------------------------------------------------------------
BIG CROCODILE 1.4
Big Crocodile is a powerful, secure password manager. It provides storage
for all your passwords, logins, and hyperlinks in a securely encrypted file.
It enables generation of new, random passwords. It has a multi-file interface,
a hierarchical database, and several other features. It also has command-line
and file-association support and export to spreadsheet files, support of local
(2GB) and network drives, and small improvements (two dialogs).
Info/Download:
< http://net-security.org/various/software/976412174,64936,.shtml >
----------------------------------------------------------------------------
FOLDER GUARD 4.14
Folder Guard allows the user to selectively hide folders and restrict user
access to system resources. It makes folders invisible or read-only in
applications, including Explorer, MS Office, and MS-DOS, as well as in
common dialogs. It also provides password protection, user-dependent
configurations, and user validation at login. Protect individual files within
folders. Separate passwords may be set up for each file or folder, letting
you unlock only the password-protected items, leaving the rest of the
system protected. Folder Guard also lets you restrict access to whole
classes of files according to the file names, folders they are located in,
and modules by which they are accessed.
Info/Download:
< http://net-security.org/various/software/976412419,54644,.shtml >
----------------------------------------------------------------------------
Defaced archives
------------------------
[04.12.2000] - Tokyo Metropolitan Institute of Technology
Original: http://buofu7.tmit.ac.jp/
Defaced: http://www.attrition.org/mirror/attrition/2000/12/04/buofu7.tmit.ac.jp/
[05.12.2000] - Lebanese Armed Forces
Original: http://www.lebarmy.gov.lb/
Defaced: http://www.attrition.org/mirror/attrition/2000/12/05/www.lebarmy.gov.lb/
[06.12.2000] - www.elortondo.gov.ar
Original: http://www.elortondo.gov.ar/
Defaced: http://www.attrition.org/mirror/attrition/2000/12/06/www.elortondo.gov.ar/
[06.12.2000] - www.chabas.gov.ar
Original: http://www.chabas.gov.ar/
Defaced: http://www.attrition.org/mirror/attrition/2000/12/06/www.chabas.gov.ar/
[06.12.2000] - www.firmat.gov.ar
Original: http://www.firmat.gov.ar/
Defaced: http://www.attrition.org/mirror/attrition/2000/12/06/www.firmat.gov.ar/
[06.12.2000] - NLP Gov (PK)
Original: http://www.nlp.gov.pk/
Defaced: http://www.attrition.org/mirror/attrition/2000/12/06/www.nlp.gov.pk/
[06.12.2000] - Geeknews
Original: http://www.geeknews.net/
Defaced: http://www.attrition.org/mirror/attrition/2000/12/06/www.geeknews.net/
[06.12.2000] - University of Oklahoma Health Sciences Center
Original: http://admin-scb.ouhsc.edu/
Defaced: http://www.attrition.org/mirror/attrition/2000/12/06/admin-scb.ouhsc.edu/
[07.12.2000] - The Ministry of Foreign Affairs, Republic of Macedonia
Original: http://www.mnr.gov.mk/
Defaced: http://www.attrition.org/mirror/attrition/2000/12/07/www.mnr.gov.mk/
[08.12.2000] - Exchange Bank
Original: http://www.exchangebank.com/
Defaced: http://www.attrition.org/mirror/attrition/2000/12/08/www.exchangebank.com/
[08.12.2000] - D-Link Systems, Inc.
Original: http://www.dlink.com/
Defaced: http://www.attrition.org/mirror/attrition/2000/12/08/www.dlink.com/
[10.12.2000] - Department of Civil Aviation, United Arab Emirates
Original: http://www.dcaauh.gov.ae/
Defaced: http://www.attrition.org/mirror/attrition/2000/12/10/www.dcaauh.gov.ae/
----------------------------------------------------------------------------
Questions, contributions, comments or ideas go to:
Help Net Security staff
staff@net-security.org
http://net-security.org