Copy Link
Add to Bookmark
Report
Net-Sec Issue 049
HNS Newsletter
Issue 49 - 05.02.2001
http://net-security.org
This is a newsletter delivered to you by Help Net Security. It covers weekly
roundups of security events that were in the news the past week. Visit Help
Net Security for the latest security news - http://www.net-security.org.
Subscribe to this weekly digest on:
http://www.net-security.org/text/newsletter
Archive of the newsletter in TXT and PDF format is available here:
http://www.net-security.org/news/archive/newsletter
Current subscriber count to this digest: 1889
Table of contents:
1) General security news
2) Security issues
3) Security world
4) Featured books
5) Security software
6) Defaced archives
General security news
---------------------
----------------------------------------------------------------------------
INTERVIEW WITH WIETSE VENEMA
This week brings us something a bit different, an interview with Wietse Venema,
author of TCP_Wrappers and Postfix.
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://securityportal.com/closet/closet20010131.html
CHASING THE WIND, EPISODE FOUR
SecurityFocus.com presents the fourth installation in the highly popular "Chasing
the Wind" series, entitled "Through a Glass, Darkly". In this episode, while Jake,
the exhausted system administrator, is sleeping obliviously at home, our ambitious
script-kiddie and aspiring hacker, Ian, successfully defaces the Acme Ailerons site,
hoping to impress his heartthrob, if not the vaunted Br04dB4ndits. Meanwhile, Bob
travels to the high-security Command, Control, Communications, Computers, and
Intelligence (C4I) center for a very high-level, very secretive meeting...
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.securityfocus.com/focus/ih/articles/chasing4.html
HEARING ON ECHELON IN DUTCH PARLIAMENT
Monday the Dutch Parliament held a public hearing on Echelon. Last Friday, the
Dutch government confirmed the existence of Echelon. Duncan Campbell told the
members of parliament of recent developments in his research into the global
spying system Echelon. He has just finished a report for the temporary committee
on Echelon of the European Parliament, in which more evidence of economical
spying is revealed.
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.heise.de/tp/english/inhalt/te/4747/1.html
SENATOR PROPOSES SPYWARE SECURITY BILL
John Edwards, a Democrat from North Carolina, refiled the legislation that would
uncloak so-called spyware programs that use encrypted codes to monitor users'
online activity and later share that usage information with advertisers,
telemarketers or other businesses, according to a statement. Edwards
initially filed the Spyware Control and Privacy Protection Act bill in Oct.
2000, but Congress failed to take action on it.
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.idg.net/ic_394071_1794_9-10000.html
COMPUTER SYSTEMS AT RISK
Computer systems at more than 60 agencies in the District of Columbia remain
at risk because of shoddy computer security practices at the DC Department
of Public Works, the General Accounting Office (GAO) said today. In a
comprehensive audit of security practices at the department released today,
the GAO found that the District had not adequately limited computer access
granted to employees. The report also said the District had improperly managed
the majority of its employees' user IDs and passwords, and failed to maintain
software controls or sufficiently protect its networks and other computer
systems from unauthorized use.
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.newsbytes.com/news/01/161307.html
INSTALLING TRIPWIRE
In the first part of this series we had a laid the ground work that took us a step
further towards understanding the necessity of a full fledged Intrusion Detection
system. A good policy is to mix and match the best to form a security grid that
should be difficult enough even for the expert cracker to penetrate. The various
IDS systems of interest to us throughout this series will be purely Tripwire and
Snort.
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.freeos.com/articles/3405/
CRYPTO REGS STILL TRICKY
Over a year after the US government first announced the liberalization of
encryption export rules, a tangle of vestigial regulations might still trip up
unwary developers, experts say. "Never work under the belief that encryption
is not controlled," said Susan Kotila, project manager with Apple's export license
department. "I've run into a lot of developers where I've had to tell them, I've
got the name of a good lawyer, but you're in violation right now."
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.theregister.co.uk/content/6/16527.html
INTERNET HYGIENE
If you surf the Web and read email, you must be brave enough to connect your
computer to the Internet. But are you aware of the threats out there, and have
you guarded yourself against losing your files and your privacy?
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://securityportal.com/articles/hygiene20010201.html
NETWORK ASSOCIATES WEATHERS DOS ATTACK
Security firm Network Associates was subject to a denial of service attack last
night after crackers posted a Trojan horse on security mailing list, BugTraq. An
anonymous posting to the full-disclosure security mailing list, which has 85 000
readers, that appeared to be an exploit of recently discovered vulnerability in
BIND name server program, was in fact cleverly disguised malicious code that
attacked Network Associates' web site, Nai.com.
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.theregister.co.uk/content/6/16544.html
NSA LOOKS TO LINUX FOR VIRTUAL SECURITY
Software emulation firm VMware announced it has teamed up with researchers
at the National Security Agency to create a nearly crack-proof computer that
can place sensitive data in virtual vaults inside the PC. The concept, assuming
it works, would streamline the methods intelligence agencies use to manage
data. At present, the NSA - the military surveillance arm of the United States
intelligence community - physically separates networks carrying data of a
particular classification. For example, top-secret data might be kept on a
different computer than data classified merely as sensitive material. Sometimes,
for workers to have access to the information they need, up to six different
computers can be on a single desk.
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://news.cnet.com/news/0-1003-200-4682851.html
MEDIUM RISK PASSWORD GRABBER
Software security firm McAfee.com Corp. said the worm, which it said spreads
through e-mail and installs itself on users systems, posed a medium-risk for
AOL users, and cautioned them to be careful with attachments to e-mails.
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://abcnews.go.com/sections/scitech/DailyNews/aolvirus010201.html
EBAY FIGHTING SPAMMERS
Online auction portal eBay has announced it will soon begin masking its users'
e-mail addresses in an effort to stop spammers from harvesting them.
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.it.fairfax.com.au/breaking/20010202/A18689-2001Feb2.html
EXTREME SECURITY FOR WEB SERVERS
To enter the vaults inside the windowless bunker-like compound requires
punching in key codes and slipping your fingers into a series of scanners
similar to those used at the U.S. Navy's nuclear facilities. The scanners
leave little to chance. Their sensitive glass touch pads read thumbprints
and detect body heat and pulse. "So if someone cuts your thumb off, they
can't use it to get in," Patrick Sweeney said. Welcome to ServerVault.
Sweeney, its founder, hopes the Dulles facility he opened in January will
be a standout among the increasingly crowded field of Web-hosting centers.
Such centers were built to provide the pipes, power and space needed to
house computers that manage Web sites. But their proliferation during the
past few years has left many of them competing for a niche market. The
security paranoid seems to be the target of choice in the scramble for
customers.
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.newsbytes.com/news/01/161402.html
FORMER SYSTEM ADMINISTRATOR SENTENCED
A former network administrator for the US District Court in Alaska has been
sentenced for launching a series of denial-of-service attacks against a New
York District Court Web site. According to information released today by the
FBI, Anchorage resident Scott Dennis was sentenced Jan. 19 to three months
in jail for launching three denial-of-service attacks against the US District
Court for the Eastern District of New York.
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.newsbytes.com/news/01/161394.html
VIGILANCE IS KEY TO SECURITY, EXPERTS SAY
Companies hiring services to protect their corporate data from hackers may not
be doing enough to protect themselves, say security professionals. Businesses
must be vigilant in continually evaluating their security, representatives of five
leading security companies said at the ComNet Expo in Washington, D.C. this
week. Denial of service attacks, website vandalism, identity theft, loss of
customer information, and theft of credit card numbers are now everyday
occurrences. It seems as soon as one kind of attack is thwarted, another
crops up.
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.techweb.com/wire/story/TWB20010202S0020
JUNO'S SUPERCOMPUTER PROVOKES PRIVACY GUARDS
Juno Online Service's jump into the supercomputing business has alarmed
consumer and privacy advocates, who fear the move could open subscribers'
computers to vulnerabilities - including snooping by third parties such as the
government.
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://news.cnet.com/news/0-1005-201-4700390-0.html
GRANICK: HACKERS ARE PEOPLE, TOO!
In a recent interview on the Stanford campus, Granick talked about the Center
for Internet and Society, the future of law on the Internet, and the important
cases of 2001. BTW, Granick is now defending Jerome Heckenkamp, the 21
year-old Los Alamos National Laboratory employee accused of breaking into
eBay's computer systems.
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.zdnet.com/zdnn/stories/news/0,4586,2681901,00.html
WORLD ECONOMIC FORUM SYSTEM PENETRATED
The World Economic Forum said today that hackers managed to breach its
computer system during its annual meeting in Davos, Switzerland, last week.
Link: http://www.reuters.com/news_article.jhtml;$sessionid$TRZ2S0QAAWX5CCRBADLCFFAKEEANOIV2?type=internet&Repository=INTERNET_REP&RepositoryStoryID=%2Fnews%2FIDS%2FInternet%2FNET-FORUM-HACKERS-DC_TXT.XML
----------------------------------------------------------------------------
Security issues
---------------
All vulnerabilities are located at:
http://net-security.org/text/bugs
----------------------------------------------------------------------------
SUSE SECURITY ANNOUNCEMENT - BIND8
bind-8.x in all versions of the SuSE distributions contain a bug in the transaction
signature handling code that can allow to remotely over-flow a buffer and
thereby execute arbitrary code as the user running the nameserver (this is user
named by default on SuSE systems). In addition to this bug, another problem
allows for a remote attacker to collect information about the running bind
process (this has been found by Claudio Musmarra).
Link: http://www.net-security.org/text/bugs/980911660,3523,.shtml
DOS VULNERABILITY IN SLIMSERVE HTTPD
If an extraoridinarily long string of 'A's is sent to the server in a GET request,
the server crashes.
Link: http://www.net-security.org/text/bugs/980911767,20695,.shtml
IMMUNIX OS SECURITY ADVISORY - BIND
The people at COVERT Labs have discovered a number of security problems
with all previous versions of Bind. Packages have been created and released
for Immunix 6.2 and 7.0-beta to fix these problems.
Link: http://www.net-security.org/text/bugs/980911850,52686,.shtml
FINGERPRINTING BIND 9.1.0
The BIND 9.1.0beta releases and now BIND 9.1.0 include another hard coded
chaos record called "authors". So now even if an admin changes or suppresses
their version reply string, a remote user can still determine whether the server
is running BIND 9.x. With the recent discovery of the tsig bug in BIND there will
probably be a huge rise in version queries. Some attackers may remove ambiguity
by skipping servers that reply to authors.bind (inferring that it's bind 9.1.0 and
not vulnerable).
Link: http://www.net-security.org/text/bugs/980911986,49684,.shtml
HYPERSEEK 2000 SEARCH ENGINE VULNERABILITY
Standart perl problem is in the statistic module - file: hsx.cgi, script does not
filter ../ and %00. Through this bug, you can remotely read any file and make
listing of directory. ../ - directory up, %00 hex symbol, that means end of line.
Link: http://www.net-security.org/text/bugs/980912263,68944,.shtml
LINUX MANDRAKE - XEMACS SECURITY UPDATE
Previous versions of XEmacs had a problem with the gnuserv application.
Versions prior to 21.1.14 could allow arbitrary code to be executed by
overrunning the magic cookie buffer, as well as accepting the prefix of
valid magic cookies (i.e. "12" is accepted if the cookie is "12345678").
Link: http://www.net-security.org/text/bugs/981062616,18583,.shtml
GOAHEAD WEBSERVER VULNERABILITY
An Attacker can get any file from the drive where the web-server was installed.
Try the following request:
http://www.somehost.com/..\..\..\..\..\..\autoexec.bat
Link: http://www.net-security.org/text/bugs/981258388,21071,.shtml
NETSCAPE E.S. WEB PUBLISHER ACL VULNERABILITIES
Vulnerability Briefing: A very wide problem with ACL settings and default settings
with Netscape Enterprise Server (Publisher). Here are descriptors which provides
a criteria of what should be considered vulnerable:
-The default Enterprise Server index is public
-http://www.poorperms.null/publisher is publicly available
-Proper and more secure ACL selections
Link: http://www.net-security.org/text/bugs/981258483,27716,.shtml
WEBSPHERE - MINOR CSS ISSUE
"Something i came across while testing some of our WebSphere installations
(these have been fixed in the current versions of vanilla Apache, so i assume
these are just an inherited problem from the old Apache codebase.. Makes
you wonder what else there is?"
Link: http://www.net-security.org/text/bugs/981258546,70905,.shtml
----------------------------------------------------------------------------
Security world
--------------
All press releases are located at:
http://net-security.org/text/press
----------------------------------------------------------------------------
TINY PERSONAL FIREWALL RELEASED - [29.01.2001]
Tiny Software, Inc., a leader in router and firewall software solutions for
networks, announced the full release of its Tiny Personal Firewall, the
world's first personal firewall that protects PCs before Windows launches.
In conjunction with CNET (Nasdaq:CNET), the full release of Tiny Personal
Firewall will be available for free to home users exclusively at CNET's popular
Download.com.
Press release:
< http://www.net-security.org/text/press/980775614,5572,.shtml >
----------------------------------------------------------------------------
OFFERING SECURE CONNECTIVITY TO LAW FIRMS - [30.01.2001]
DataCert, a leading provider of e-Billing services, and Elite Information Systems,
Inc., a worldwide leader in practice and financial management systems for
professional service firms, announced a partnership to provide e-Billing solutions
and e-Business connectivity for Elite's product lines. This partnership provides
Elite clients a clear path for connectivity to each of its corporate clients,
enabling them to send electronic invoices, documents and other information
seamlessly through a single, secure connection.
Press release:
< http://www.net-security.org/text/press/980828491,5404,.shtml >
----------------------------------------------------------------------------
POINTSECURE COMPLETES ACQUISITION OF OPENVMS - [30.01.2001]
PointSecure Inc. announced today that it has acquired all rights to the System
Detective AO, System Detective IS and ChalkTalk products from Network
Catalyst Inc. Through this acquisition PointSecure clients will include Fortune
500 companies in the banking, manufacturing and technology sectors. "The
acquisition of these products will allow us to provide mature and proven
products to our customers that audit, secure and detect intrusion of their
valuable business data," said Rod Endo, PointSecure founder and CEO.
Press release:
< http://www.net-security.org/text/press/980828618,86752,.shtml >
----------------------------------------------------------------------------
VYNAMIC ANNOUNCES PARTNERSHIP WITH XCERT - [30.01.2001]
Vynamic, the exclusive provider of security solutions engineered for the
e-learning marketplace, today announced a strategic partnership with
Xcert, a leading provider of software products for securing business-to-
business transactions and communications over the Internet. Under the
partnership agreement, Vynamic will integrate Xcert's Sentry 4.5 Public
Key Infrastructure (PKI) technology into its proprietary, e-learning security
solution. Vynamic will utilize Xcert's Sentry 4.5 to enhance its existing
offering of user authentication and intellectual property protection designed
to meet the specific needs of the e-learning marketplace.
Press release:
< http://www.net-security.org/text/press/980881899,50500,.shtml >
----------------------------------------------------------------------------
NETWORK-1 ANNOUNCED CYBERWALLPLUS 6.1 - [31.01.2001]
Network-1 Security Solutions, Inc., a leader in distributed intrusion prevention
solutions for e-Business networks, announced the availability of CyberwallPLUS
6.1 for Windows 2000 and Windows NT desktops, workstations, and servers. The
new version of Network-1's host-resident, distributed firewalls features enhanced
centralized enterprise management and intrusion prevention capabilities.
Press release:
< http://www.net-security.org/text/press/980949445,14312,.shtml >
----------------------------------------------------------------------------
SATYAM INFOWAY LAUNCHES SIFYSECURE - [31.01.2001]
Satyam Infoway Ltd. (Nasdaq:SIFY), India's premier Internet and eCommerce
company, announced the launch of SIFYSECURE, a service focusing on
comprehensive solutions for Internet and Network Security. Mr. Lalit Bhojwani,
President, E-Commerce Business, Satyam Infoway Ltd., said, "SIFYSECURE
provides services that include Security Consulting, Security Audits,
Implementation Services and Security Management Services that are
designed to provide end-to-end security solutions in an increasingly
networked world."
Press release:
< http://www.net-security.org/text/press/980949525,10863,.shtml >
----------------------------------------------------------------------------
SIGABASECURE SOLUTIONS FOR HEALTHCARE ORG'S - [31.01.2001]
Sigaba(TM) Corporation, a secure Internet communications company,
announced the availability of its SigabaSecure and Sigaba Email Encryption
Gateway products that enable healthcare organizations to meet the patient
privacy requirements mandated by the Healthcare Insurance Portability and
Accountability Act of 1996 (HIPAA), including the Security and Electronic
Signature Standards.
Press release:
< http://www.net-security.org/text/press/980949637,54324,.shtml >
----------------------------------------------------------------------------
TREND MICRO EARNS ISO 9002 CERTIFICATION - [31.01.2001]
Trend Micro, a leading provider of network antivirus and Internet content security
solutions, announced that it has earned ISO 9002 certification for its global 24x7
antivirus research and support center, TrendLabs. The certification attests that
the facility meets internationally accepted standards of quality assurance in its
management and service procedures.
Press release:
< http://www.net-security.org/text/press/980949637,54324,.shtml >
----------------------------------------------------------------------------
ASTONSOFT ANNOUNCES RELEASE OF PC DOORGUARD 2 - [31.01.2001]
Astonsoft Ltd today announced the new release of PC DoorGuard 2, a windows
software that securely protects your computer from trojan horses and malicious
scripts. PC DoorGuard features extensive and thorough intrusion scanner that
scans any media on PC for backdoors and trojan horses. PDG easily removes any
found trojan with a click of a button, together with any elements it may have left
in registry/system files/memory.
Press release:
< http://www.net-security.org/text/press/980967781,95452,.shtml >
----------------------------------------------------------------------------
TOP TEN VIRUSES IN JANUARY 2001 - [01.02.2001]
This is the latest in a series of monthly charts counting down the ten most
frequently occurring viruses as compiled by Sophos, a world leader in
corporate anti-virus protection.
Press release:
< http://www.net-security.org/text/press/980994244,55750,.shtml >
----------------------------------------------------------------------------
FOUNDSCAN MANAGED SECURITY SERVICES - [01.02.2001]
Foundstone Inc., the premier provider of security assessment services and
education, announced FoundScan Managed Security Services (MSS). Delivering
automated, continuous security assessments, FoundScan MSS is a subscription
service that provides year-round intrusion protection.
Press release:
< http://www.net-security.org/text/press/981058938,5412,.shtml >
----------------------------------------------------------------------------
FINJAN SOFTWARE AWARDED SECOND U.S. PATENT - [02.02.2001]
Finjan Software, Inc., the leader in proactive Internet security software for
active Web content, announced that the U.S. Patent and Trademark Office
has awarded Finjan patent 6,167,520 for the code-inspection technology in
its personal computer (PC) security product, SurfinShield Corporate. Active
Web content, including ActiveX, Java, scripts and executables, presents a
security risk due to its ability to transparently steal, damage or erase files
of unsuspecting computer users.
Press release:
< http://www.net-security.org/text/press/981077744,26548,.shtml >
----------------------------------------------------------------------------
CHEKPOINT LEADERSHIP POSITION IN AUSTRALIAN MARKET - [.0.2001]
Checkpoint Systems, Inc., a leading provider of supply chain management and
security solutions worldwide, has further expanded its presence in the Australian
market with mandates to install its RF EAS security systems in retailers Tandy,
Adairs and Australian Unity.
Press release:
< http://www.net-security.org/text/press/981077806,54498,.shtml >
----------------------------------------------------------------------------
AOL PASSWORD STEALER - MEDIUM RISK TROJAN - [02.02.2001]
McAfee.com, a leading security Application Service Provider, announced that it
has tracked a large and increasing number of password-stealing trojans infecting
America Online users over the last 30 days. The most virulent strain, "APStrojan.qa,"
spreads through email and installs itself on users systems, while attempting to
steal AOL version 4.0 and 5.0 user account names and passwords, and forward
them. It then attempts to replicate itself to active AOL screen names listed in
the infected users "Buddy List." This trojan was designed to provide unauthorized
access to victims AOL user accounts, including email.
Press release:
< http://www.net-security.org/text/press/981078317,85810,.shtml >
----------------------------------------------------------------------------
SOPHOS AND MAILGATE TO PROTECT K-INTERNATIONAL - [03.02.2001]
Sophos Anti-Virus, one of the world's leading developers of corporate anti-virus
solutions, and Mailgate Plc, a premier provider of Internet access and mail server
products, announced that K-International has chosen their solutions to protect
themselves from virus attack.
Press release:
< http://www.net-security.org/text/press/981165243,32314,.shtml >
----------------------------------------------------------------------------
AOL TROJAN NO THREAT TO SOPHOS USERS
Sophos, a world leader in corporate anti-virus protection, announced that its
users had nothing to fear from the AOL password-stealing Trojan horse called
APSTrojan.qa which typically arrives in an email titled "Hey you".
Press release:
< http://www.net-security.org/text/press/981165411,78507,.shtml >
----------------------------------------------------------------------------
Featured books
----------------
The HNS bookstore is located at:
http://net-security.org/various/bookstore
Suggestions for books to be included into our bookstore
can be sent to staff@net-security.org
----------------------------------------------------------------------------
LINUX ESSENTIAL REFERENCE (ESSENTIAL REFERENCE SERIES)
Linux Essential Reference is a resource for system administrators and other
professional Linux users. Clear, concise instructions for such administrative
and managerial tasks as implementing frequently used commands, dealing
with shell scripting, and utilizing effective security measures are presented
in a carefully structured format, making this book an efficient source of
answers to questions about working with Linux commands. Aware of the
need in time-sensitive environments for quick access to accurate information,
author Ed Petron has organized the contents of this book to make it fast and
easy to use. And he has filled it with information not available in any other
single volume - from programming to network configuration, user management
to file management, text-processing utilities to kernel modules. Linux Essential
Reference is the professional's guide to Linux expertise.
Book:
< http://www.amazon.com/exec/obidos/ASIN/0735708525/netsecurity >
----------------------------------------------------------------------------
LINUX SOCKET PROGRAMMING BY EXAMPLE
This guide for beginning to intermediate programmers offers step-by-step
instructions as well as advice on protecting servers from attack, writing
programs to determine socket buffer sizes, setting the TCP/IP keep-alive
feature, understanding the differences between connection and
connectionless-oriented protocols, and selecting the most effective
client and server interface.
Book:
< http://www.amazon.com/exec/obidos/ASIN/0789722410/netsecurity >
----------------------------------------------------------------------------
CORE PYTHON PROGRAMMING
This is written in the style of Bruce Eckel's books on C++ and Java. If you liked
those, then you will probably like this one. Written in an accessible prose style,
it covers the language syntax in exhaustive detail.
Book:
< http://www.amazon.com/exec/obidos/ASIN/0130260363/netsecurity >
----------------------------------------------------------------------------
PHP 4 DEVELOPER'S GUIDE
This book provides the tools and information needed to build dynamic Web
applications and datababses with PHP 4. Covers installation, configuration,
database connectivity, working with XML and CGL, and much more. The
book also Includes details on the new features in PHP 4, including shared
memory support, the new Zend engine, and XML support.
Book:
< http://www.amazon.com/exec/obidos/ASIN/0072127317/netsecurity >
----------------------------------------------------------------------------
TELECOM & NETWORKING GLOSSARY
An alphabetical listing of terms and definitions for small organizations
and non-technical people who need to make sense out of the evolving
telecommunications industry. Provides information on evaluating competing
technologies and the latest technological advances.
Book:
< http://www.amazon.com/exec/obidos/ASIN/1890154199/netsecurity >
----------------------------------------------------------------------------
Security Software
-------------------
All programs are located at:
http://net-security.org/various/software
----------------------------------------------------------------------------
LOMAC v.1.0.2
LOMAC is a security enhancement for Linux that uses Low Water-Mark
Mandatory Access Control to protect the integrity of processes and data
from viruses, Trojan horses, malicious remote users, and compromised root
daemons. LOMAC is implemented as a loadable kernel module - no kernel
recompilations or changes to existing applications are required. Although
not all the planned features are currently implemented, it presently
provides sufficient protection to thwart script-kiddies, and is stable
enough for everyday use.
Info/Download:
< http://www.net-security.org/various/software/980270619,15596,linux.shtml >
----------------------------------------------------------------------------
ENCRYPTONITE 1.0 BETA
Encryptonite is a simple Java application that offers encryption and decryption.
It is a basic text editor, much like Windows Notepad, but offers an easy way to
encrypt and decrypt your text. This beta version is best used to encrypt files
made up of mostly text.
Info/Download:
< http://www.net-security.org/various/software/980270930,24724,windows.shtml >
----------------------------------------------------------------------------
SUB 7 STOP! 0.1.07
This is a sub7 fake server that listens to the default port (27374) of the Trojan
horse waiting for connections. If someone tries to connect, the program will
accept the connection and will send to the sub7 client a fake message. This
program does not have any of the real sub7 server functions, it is totally secure.
The program does not give any protection to infected PCs, the main idea is to
confuse the attacker. Note: This version is in Spanish; an English version will
be available soon.
Info/Download:
< http://www.net-security.org/various/software/980271053,74098,windows.shtml >
----------------------------------------------------------------------------
4T NOX 2.6
4T Nox is a full-featured password and account management application that
utilizes a 448-bit data encryption algorithm. It allows you to store information
pertaining to bank accounts, credit cards, email, phone cards, and much more.
Pull-down menus are used throughout to make data entry simple. Other features
include user-customizable categories, a customizable password generator, a
quick-lock icon, and login screen password protection.
Info/Download:
< http://www.net-security.org/various/software/980271243,57459,palm.shtml >
----------------------------------------------------------------------------
NETVIEW SCANNER SUITE 1.0.0.6
NetView is a suite of three security applications that allows Webmasters and
system administrators to audit a site for security vulnerabilities. NetView scans
a range of IP addresses for shared resources that have been shared via
Microsoft File and Printer Sharing, to see what types of resources are shared
on a network and to warn the computer users if any unsecured resources are
displayed. PortScan scans for listening TCP ports, allowing system administrators
to determine what types of services are running on computers under their care.
WebBrute attempts a brute-force user ID and password attack on an HTTP
Authenticated Web site that is using "Basic Authentication," so a webmaster
can verify that no security-compromising user ID and password combinations
are in use on a site.
Info/Download:
< http://www.net-security.org/various/software/980388356,14809,windows.shtml >
----------------------------------------------------------------------------
MAILGUARDIAN PRO 2.2
From the Developer: "We would like to introduce to you the MAILguardian
Enterprise, which enables any organization to send its email safely and
confidential through the Internet. The benefits of the MGE solutions we
offer to your e-business are as following:
1. Every email you are sending is according to Policy Based Management and
user authenticated. This means that both you and the person you are sending
mail to will receive authentication that the mail had been delivered by you.
2. We offer a strong end-to-end security solution. This means that your mail
will be encrypted on your desktop and channeled through the internet and
decrypted on target desktop securely.
3. We offer a secure E-mail Intranet solution, where other people from your
organization and your outbound business partners won't be able to read the
mail you are sending.
4. Our product is very easy to install, transparent to end user, simple to use
and to maintain. For example, no password is required to remember upon
sending or receiving email.
5. We offer content screening on the desktop. For example, the manager can
decide that emails with certain words or file extensions would not be sent by
his employees!
Info/Download:
< http://www.net-security.org/various/software/980388543,68234,windows.shtml >
----------------------------------------------------------------------------
SHIFT KEY SUITE 1.0.4
Shift Key Suite is a collection of applications intended to extend the functionality
of password-protection systems for Macintosh computers. Many of the password
protection systems for the Mac function as extensions or control panels that can
be bypassed by holding down the Shift key during start-up. Shift Key Suite gives
you the option of disabling the Shift key for the duration of start-up. If you
frequently experience start-up crashes from incompatible extensions and control
panels, this software is probably not something you would want on your computer.
However, if your system is running smoothly, Shift Key Suite may be just what
you need to protect your computer's privacy.
Info/Download:
< http://www.net-security.org/various/software/980388817,39374,mac.shtml >
----------------------------------------------------------------------------
ETTERCAP 0.1.0 BETA
Ettercap is a network sniffer/interceptor/logger for switched LANs. It uses ARP
poisoning and the man-in-the-middle technique to sniff all the connections
between two hosts. Features character injection in an established connection -
you can inject characters to server (emulating commands) or to client (emulating
replies) while maintaining the connection alive! Integrated into a easy-to-use
and powerful ncurses interface.
Info/Download:
< http://www.net-security.org/various/software/980734569,48245,linux.shtml >
----------------------------------------------------------------------------
TINY PERSONAL FIREWALL 2.0
From the developer: "Tiny Personal Firewall represents smart, easy-to-use
personal security technology that fully protects personal computers against
hackers. It is built on the proven WinRoute Pro, ICSA certified security
technology. Tiny Personal Firewall is also an integral part to Tiny Software's
new Centrally Managed Desktop Security (CMDS) system awarded a contract
by the US Air Force to encompass about 500,000 dekstop computers."
Info/Download:
< http://www.net-security.org/various/software/980776618,29116,windows.shtml >
----------------------------------------------------------------------------
Defaced archives
------------------------
[01.02.2001] - Guatemala Embassy
Original: http://www.guatemala-embassy.org/
Defaced: http://www.attrition.org/mirror/attrition/2001/02/01/www.guatemala-embassy.org/
[01.02.2001] - Hokkaido Institute of Technology
Original: http://stream.hit.ac.jp/
Defaced: http://www.attrition.org/mirror/attrition/2001/02/01/stream.hit.ac.jp/
[01.02.2001] - Lions Clubs Hong Kong
Original: http://www.lionsclubs.org.hk/
Defaced: http://www.attrition.org/mirror/attrition/2001/02/01/www.lionsclubs.org.hk/
[01.02.2001] - Office of the Human Rights Ombudsperson for Bosnia
Original: http://www.ohro.ba/
Defaced: http://www.attrition.org/mirror/attrition/2001/02/01/www.ohro.ba/
[03.02.2001] - Africans Worldwide
Original: http://www.africansworldwide.com/
Defaced: http://www.attrition.org/mirror/attrition/2001/02/03/www.africansworldwide.com/
[03.02.2001] - Amnesty Internationaly, Canadian Section
Original: http://www.amnesty.ca/
Defaced: http://www.attrition.org/mirror/attrition/2001/02/03/www.amnesty.ca/
[03.02.2001] - Tasmania Online
Original: http://www.tas.gov.au/
Defaced: http://www.attrition.org/mirror/attrition/2001/02/03/www.tas.gov.au/
----------------------------------------------------------------------------
Questions, contributions, comments or ideas go to:
Help Net Security staff
staff@net-security.org
http://net-security.org
