what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New

netsec27.txt

netsec27.txt
Posted Aug 28, 2000
Site net-security.org

Weekly Newsletter from Help Net Security - Covers weekly roundups of security events that were in the news the past week. In this issue: The FrontPage Server Extensions are vulnerable to a remote denial of service, a buffer overflow memory problem in the rpc module of the Pragma TelnetServer 2000, webserver Pro 2.3.7 vulnerability, Mandrake Linux Xchat update, ld.so problem that allows local users to obtain super user privilege, IIS Cross-Site Scripting patched, Microsoft Money password vulnerability patched, MGetty local compromise, and Kerberos password authentication issues.

tags | remote, denial of service, overflow, local, xss
systems | linux, mandrake
SHA-256 | 41a3d0d05b3290fcc821f93f043a30e580de167d85445843559dbda0f11021ee

netsec27.txt

Change Mirror Download
Net-Sec newsletter
Issue 27 - 28.08.2000
http://net-security.org

Net-Sec is a newsletter delivered to you by Help Net Security. It covers weekly
roundups of security events that were in the news the past week.
Visit Help Net Security for the latest security news - http://www.net-security.org.


Subscribe to this weekly digest on:
http://www.net-security.org/text/newsletter

Table of contents:

1) General security news
2) Security issues
3) Security world
4) Featured articles
5) Security books
6) Security software
7) Defaced archives



============================================================
In association with Kaspersky Lab (www.kasperskylabs.com), HNS staff
created a new section of the site, with about 400 descriptions of well known and
not so know viruses. Specially interesting part of that section are screenshots
of 50 virus infections. All viruses are well categorized and easy to browse.

Point your browser to this URL:
http://www.net-security.org/text/viruses
============================================================




General security news
---------------------


----------------------------------------------------------------------------

TROJAN USERS CAUGHT IN CHINA
Three local high school students were arrested on Monday for allegedly running
Trojan programs to steal dial-up account passwords from compromised computer
systems. Reporter speaks about SunSeven trojan program, but it is obvious
that SubSeven was used...
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.chinatimes.com.tw//english/esociety/89082202.htm


ATTACKING WEB SITES TO GET THE MESSAGE OUT
Several sites around the world were reportedly broken into and changed last
week by one or more people claiming to be calling attention to the fight
between the music industry and the digital music-swapping Web site Napster.
A manifesto of sorts was posted in support of Napster's fight against music
industry labels, titled "The Save Napster Hack Attack."
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.cnn.com/2000/TECH/computing/08/21/napster.hacks.idg/index.html


HIRING HACKERS - RANT
"Palante", who works in an unnamed Fortune 500 company's infosec consulting
division, posted his opinion on all those struggles that some companies started
with saying that people shouldn't hire hackers.
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.globetechnology.com/archive/gam/News/20000822/ROUTS.html


PRETENDER
Someone tried to dupe several Malaysian Internet users into giving away their
private financial information by posing as an online executive at Maybank
company. The article has a standard mistake - trojans are connected with the
word hacker.
Link: http://thestar.com.my/tech/story.asp/2000/8/22/technology/22hack&sec=technology


TREND MICRO ITALIA SITE DEFACED
Italian branch of anti virus company Trend Micro (www.trendmicro.it), got its
site defaced yesterday for two times. A note was left for the admins -
"secure yourself man, *hint - securityfocus.com".
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.attrition.org/mirror/attrition/2000/08/21/www.trendmicro.it/

WRISTWATCHES COULD PROVIDE THE KEY TO BETTER IT SECURITY
A US company has devised a plan to make IT security as simple as telling
the time - by incorporating an automated PC locking device into wristwatches.
Michigan-based Ensure technologies argue that despite the furore about
attackers, most breaches of security occur in-house - namely in users'
complacency in leaving PCs switched on or divulging their passwords to
others.
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.ananova.com/news/story/technology_us-gadgets-privacy_942524.html


SECURE MESSAGING OFFERED
VeriSign and Slam Dunk Networks are teaming up to offer a message
delivery infrastructure that will guarantee business-to-business transaction
participants that their messages will be protected, delivered, and properly
accepted at their rightful destinations.
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.infoworld.com/articles/hn/xml/00/08/22/000822hnverslam.xml


AUSTRALIA FEARS HACKERS MAY TARGET GAMES
Computer experts will work around the clock during the Sydney Olympics
to keep out cyber hackers who might try to vandalize Games Web sites.
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.mercurycenter.com/svtech/news/breaking/internet/docs/334890l.htm


THE WORLD'S MOST SECURE OPERATING SYSTEM
"OpenBSD is probably one of the most secure operating systems out there,"
says Chris Brenton, author of Mastering Network Security. "The crew does
a fantastic job of locking down and being responsive when vulnerabilities
are found." Such a good job that the U.S. Department of Justice uses 260
copies of OpenBSD to store and transmit its most sensitive data..."
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.thestandard.com/article/article_print/1,1153,17541,00.html


BT WEB SITE SECURITY BLUNDER
The Insight Interactive portion of the BT.com Web site has a gaping hole
in its security. Any registered user's details can be accessed by entering
their user name and password. The trouble is, the same password works
whichever username you use.
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.theregister.co.uk/content/6/12794.html


WILL 3G DEVICES BE SECURE?
While anticipating the delights of 3G, be aware of the inherent dangers.
According to computer security experts, all this connectivity and
functionality will inevitably mean an increased risk of attack by mobile
viruses and worms as well as malicious attackers. Evidence of potential
for new threats can already be seen. Earlier this month Japan's highly
successful mobile broadband standard i-mode ran into its first major
security issue highlighting the dangers ahead.
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.zdnet.co.uk/news/2000/33/ns-17466.html


YET ANOTHER CONTEST
Noted Chinese consumer electronics production company, Hisense, has
challenged everybody to penetrate a server equipped with its newly
developed firewall products before September 1 to win 500,000 yuan.
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://english.peopledaily.com.cn/200008/23/eng20000823_48861.html

PIMPSHIZ INTERVIEWED BY HWA
HWA Security has an interview with 16 year old 'pimpshiz' who reportedly
defaced over 60 sites in a pro-napster social disobedience action.
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.hwa-security.net/pimpshiz.txt


BIG BROTHER DATABASE APPARENTLY COMPROMIZED
An unknown attacker has apparently gained unauthorized access to
the main database of contestants for Spain's version of Big Brother,
called Gran Hermano in Spain. According to reports, the database
contains details including credit history, IQs, and mental health on
over 1,700 would-be contestants.
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.geek.com/news/geeknews/q22000/gee2000824002209.htm


NASTY PGP BUG
Ralf Senderek has found a nasty bug in PGP versions 5 and 6. It's of
scientific interest because it spectacularly confirms a prediction made
by a number of researchers in the paper on `The Risks of Key Recovery,
Key Escrow, and Trusted Third-Party Encryption' that key escrow would
make it much more difficult than people thought to build secure systems.
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://cryptome.org/pgp-badbug.htm


PIKACHU WORM SPREADING
A computer worm featuring the cuddly Japanese cartoon character
Pikachu has been found in computers in the United States, leaving
some operating systems devastated, an anti-virus software firm said
on Thursday. The worm was found by Trend Micro near two months ago.
Link: http://net-security.org/text/viruses/962474496,16084,.shtml


HOW TO SPY ON YOUR EMPLOYEES
Companies that want to spy on employees' Internet usage already
have an array of tools. Research firm IDC predicts that in four years,
the industry will generate $562 million in revenue. But employers fixated
on monitoring employees may be wasting time and killing morale. Moreover,
they may be setting themselves up to be sued.
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.msnbc.com/news/449233.asp?cp1=1


YAHOO TO OFFER ENCRYPTED EMAIL OPTION
Yahoo plans to let its email account holders use data scrambling to protect
the privacy of their messages, marking a potentially significant advance
for the mainstream use of encryption.
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://news.cnet.com/news/0-1005-200-2605437.html


TRUSTE PRIVACY SITUATION
Interhack Corporation has issued a report stating that visitors to the
TRUSTe website have themselves unknowingly been tracked and were
having pseudonymous information about them being directed to a third
party, TheCounter.com.
Link: http://www.securitywatch.com/scripts/news/list.asp?AID=3697


RSA UPGRADING SECURITY SOFTWARE
RSA Security next week will unveil an upgraded version of its PKI software,
adding support for digital certificates from multiple vendors and making it
easier for security administrators to register users to receive certificates
through an automated download process.
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.infoworld.com/articles/hn/xml/00/08/25/000825hnrsa.xml


HOAX HITS EMULEX
Shares of Emulex tumbled to $43 from their previous close of $113.063
after false news circulated that the California-based company was
restating its earnings, that its CEO had quit, and that it was under
investigation by the Securities and Exchange Commission.
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.techserver.com/noframes/story/0,2294,500243647-500360148-502111278-0,00.html


NEW PGP RELEASE
MIT Distribution Center for PGP software has the new version of the
program posted on-line. This release corrects a security-related bug
with Additional Decryption Keys (ADKs) that may allow sophisticated
attackers to add unauthorized ADK key IDs to the unhashed areas of
PGP public keys.
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://web.mit.edu/network/pgp.html


KOREAN MINISTRY WEBSITE HIT BY DOS
The Ministry of Information and Communication fell prey to attackers
who managed to bring the Web site to a standstill for 10 hours Saturday.
The Web site was downed at 12 but all services were restored by 10 p.m.
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://koreaherald.co.kr/news/2000/08/__10/20000828_1038.htm


MAC OS X SERVER - SECURITY GUIDELINES
This document outlines some security measures for the Mac OS X Server
1.0 - 1.2 platform. While Mac OS X Server (OSXS) is a fairly secure
environment out of the box, these basic measures help create a more
secure computing environment.
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.securemac.com/osxsecurity.cfm


ARACHNE BROWSER ARCHITECT DISMISSES VIRUS CHARGE
Michael Polak, a Czech scientist whose browser has been causing so many
problems for its users that he was accused of disseminating a virus, issued
an explanation on his Web site this week. Polak, who offers Arachne free
of charge for non-commercial use, had received numerous complaints from
people who had their files wiped out after they installed the browser.
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.computeruser.com/news/00/08/28/news1.html


BUG HUNTERS
Associated Press has an article entitled "Bug hunters consider whether to
reveal software flaws" which speaks of bug reporting to software vendors.
The interesting part is that they have quotes from bug hunters and several
companies about reacting to security issues.
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.techserver.com/noframes/story/0,2294,500244316-500361480-502123615-0,00.html


----------------------------------------------------------------------------




Security issues
---------------

All vulnerabilities are located at:
http://net-security.org/text/bugs


----------------------------------------------------------------------------


FRONTPAGE SERVER EXTENSIONS SHTML.EXE DOS
The FrontPage Server Extensions are vulnerable to a remote denial of service
attack that will disable all FrontPage operations on a web site. By requesting a
URL that includes a DOS device name, the server extensions will hang and will
not service any further requests. To re-enable the server extensions requires
restarting IIS or rebooting the server.
Link: http://www.net-security.org/text/bugs/967048516,37265,.shtml


REMOTE DOS IN PRAGMA TELNETSERVER 2000
The Ussr Labs team has recently discovered a buffer overflow memory problem
in the rpc module of the Pragma TelnetServer 2000. What happens is by
performing an attack with a malformed request to port 512 it will cause
the process containing the services to crash.
Link: http://www.net-security.org/text/bugs/967122232,16999,.shtml


WEBSERVER PRO 2.3.7 VULNERABILITY
The vulnerability (or bad server administration) allow any user to create
arbitrary files with arbitrary text on the victim machine, from the Internet
Web Browser.
Link: http://www.net-security.org/text/bugs/967214843,48495,.shtml


[MANDRAKE LINUX] XCHAT UPDATE
XChat 1.3.9 and later allow users to right-click on a URL appearing in an
IRC discussion and select the "Open in Browser" option. To open the URL in
a browser, XChat passes the command to /bin/sh. This allows a malicious
URL the ability to execute arbitrary shell commands as the user that is running
XChat. This update changes the functionality of XChat to bypass the shell
and execute the browser directly. Thanks go to Red Hat for providing the patch.
Link: http://www.net-security.org/text/bugs/967214951,8515,.shtml


[CALDERA LINUX] LD.SO UNSETENV PROBLEM
A bug has been discovered in ld.so that could allow local users to obtain super
user privilege. The dynamic loader ld.so is responsible for making shared libraries
available within a program at run-time. Normally, a user is allowed to load
additional shared libraries when executing a program; they can be specified
with environment variables like LD_PRELOAD.
Link: http://www.net-security.org/text/bugs/967215087,33684,.shtml


"IIS CROSS-SITE SCRIPTING" VULNERABILITIES PATCHED
Microsoft has released a patch that eliminates security vulnerabilities in Microsoft
Internet Information Server. The vulnerabilities could allow a malicious web site
operator to misuse another web site as a means of attacking users.
Link: http://www.net-security.org/text/bugs/967298521,30706,.shtml


"MONEY PASSWORD" VULNERABILITY PATCHED
Microsoft has released a patch that eliminates a security vulnerability in
Microsoft Money. The vulnerability could allow a malicious user to obtain
the password of a Money data file.
Link: http://www.net-security.org/text/bugs/967298631,3545,.shtml


ADVISORY: MGETTY LOCAL COMPROMISE
Faxrunqd follows symbolic links when creating certain files. The default location
for the files is /var/spool/fax/outgoing, which is a world-writable directory. Local
users can destroy the contents of any file on a mounted filesystem because
faxrunqd is usually run by root
Link: http://www.net-security.org/text/bugs/967304131,68635,.shtml


KERBEROS PASSWORD AUTHENTICATION ISSUES
Kerberized programs that perform password authentication may be vulnerable
to an attacker with the ability to spoof KDC responses (either as a race
condition on the LAN, or via DNS cache poisoning, spoofed ICMP redirects
or router advertisments, etc.).
Link: http://www.net-security.org/text/bugs/967488533,33506,.shtml


----------------------------------------------------------------------------




Security world
--------------

All press releases are located at:
http://net-security.org/text/press


----------------------------------------------------------------------------

PKI-BASED DIGITAL SIGNING OF WEB PAGES - [22.08.2000]

Celo Communications, a global innovator in the development and deployment of
digital signatures, announced a unique digital signature product for secure
Internet transactions. CeloCom eSigner is based on Public Key Infrastructure,
and enables digital signing of entire web pages. The CeloCom eSigner allows
complex legal documents and contracts to be digitally signed, authenticated
and validated, bringing e-business transaction security to new levels.

Press release:
< http://www.net-security.org/text/press/966913616,96346,.shtml >

----------------------------------------------------------------------------

CERTIFICATION FOR CHECK POINT VPN-1/FIREWALL-1 - [22.08.2000]

Foundry Networks, Inc., a leader in high-performance end-to-end switching and
routing solutions, announced that Foundry's ServerIron Internet traffic and
content management switches are the first to receive OPSEC (Open Platform
for Security) Certification from Check Point Software Technologies Ltd., for Check
Point VPN-1/FireWall-1 high availability with load balancing. Check Point certified
that Foundry's award winning ServerIronXL switches are the first to provide load
balancing and fail-over of all active sessions, including VPN-1 sessions, for Check
Point's VPN-1/FireWall-1 4.1 products.

Press release:
< http://www.net-security.org/text/press/966913668,25089,.shtml >

----------------------------------------------------------------------------

NORTON INTERNET SECURITY WITH INTEL DESKTOP BOARDS - [22.08.2000]

Symantec Corp., a world leader in Internet security, announced that Intel Corp.,
the leader in desktop PC technology, has chosen Norton Internet Security
Family Edition to ship with selected Intel Desktop Boards. The combination of
Symantec's award-winning security software with the performance and quality
of Intel Desktop Boards provides a solid foundation with superior Internet
protection for the consumers' home office and small business environments.

Press release:
< http://www.net-security.org/text/press/966913803,24061,.shtml >

----------------------------------------------------------------------------

NEW ONLINE ANTI-VIRUS SCANNER CERTIFICATION - [23.08.2000]

ICSA.net announced an expansion of its anti-virus product certification-testing
suite with the introduction of the new Online Anti-Virus Scanner Certification
Program. The Internet security leader also announced that HouseCall from
Trend Micro Inc. is the first product to achieve the certification. Trend Micro is
a leading provider of tools to detect and block viruses, malicious code and
related Internet security threats. The new certification program's criteria initially
will include monthly testing for 100 percent of viruses currently found "in the
wild," as well as for 100 percent of the current common infectors list.

Press release:
< http://www.net-security.org/text/press/966994207,5238,.shtml >

----------------------------------------------------------------------------

WAVE SYSTEMS ANNOUNCES TRUST @ THE EDGE - [23.08.2000]

Wave Systems Corp., announced a strategic new security architectural model
for creating multi-party trust in user devices. Trust @ the Edge specifies the
integration of strong security in every user device, a major breakthrough in the
challenge of creating trusted and private digital relationships while enabling
reliable electronic exchange and commerce over the Internet.

Press release:
< http://www.net-security.org/text/press/966994343,19617,.shtml >

----------------------------------------------------------------------------

NEW BOOK BY BRUCE SCHNEIER - [23.08.2000]

Bruce Schneier, computer security expert, CTO and founder of Counterpane
Internet Security, Inc., has written a new book specifically for corporate
managers. Secrets and Lies: Digital Security in a Networked World is a practical,
straightforward guide to understanding and achieving security throughout
computer networks. Schneier draws on his extensive field experience to dispel
myths as well as help business executives assess corporate security risks to
choose the right solutions and implement the right processes.

Press release:
< http://www.net-security.org/text/press/966994526,44171,.shtml >

----------------------------------------------------------------------------

TREND MICRO LAUNCHES ANTIVIRUS AFFILIATE PROGRAM - [23.08.2000]

Trend Micro, Inc., announced the launch of an affiliate marketing program that
further enables mutually beneficial relationships between Trend Micro and on-line
service providers including ISPs. The Affiliate Program is part of Trend Micro's
eDoctor Global Network, a worldwide Internet security initiative comprised of
service providers that offer virus scanning and information as a value-added
service to their customers. Through the Antivirus Affiliate Program Trend Micro
is inviting U.S. and Canadian ISPs and other on-line service providers to add
valuable content and links to their web sites to help their visitors and customers
to enjoy a safer Internet experience including:
- Virus alerts and other informational content
- Hot links to Trend Micro's "Virus Encyclopedia"
- Options to link or frame Trend Micro's HouseCall online virus scanner
- 10% commissions on Trend Micro product sales to their Websites'

Press release:
< http://www.net-security.org/text/press/967047592,24761,.shtml >

----------------------------------------------------------------------------

ADVANCED VIRUS PROTECTION FOR MAIL.COM - [25.08.2000]

Mail.com, Inc., a leading Messaging Service Provider to businesses, announced
the next generation in its scalable, fully outsourced e-mail firewall services -
enhanced MailWatch solution- providing innovative and robust protection for
corporate e-mail systems against viruses, spam, offensive or threatening
content, and inappropriate attachments. The advanced MailWatch service
features are available to businesses as a stand-alone service or can work in
conjunction with Mail.com's leading edge business e-mail services. As an
additional layer of security, customers of Mail.com's business e-mail services
are protected through SSL encryption for all user authentication and messaging.

Press release:
< http://www.net-security.org/text/press/967215417,80712,.shtml >

----------------------------------------------------------------------------

SECURANT TECHNOLOGIES PARTNERS WITH BALTIMORE TECH - [25.08.2000]

Securant Technologies, the access management company that secures
e-business, announced its partnership with Baltimore Technologies, a global
leader in e-security solutions. Through the Baltimore PKI World program,
Securant will deliver integrated solutions for protecting eBusiness resources
based on the award winning ClearTrust SecureControl access management
system and Baltimore UniCERT Certificate Management system. This will allow
enterprises, government agencies and service providers to centrally control and
personalize access to Web-based and Web-presented applications, content and
transactions by marrying Baltimore e-security with Securant's dynamic,
rules-based authorization and access management platform.

Press release:
< http://www.net-security.org/text/press/967215503,81794,.shtml >

----------------------------------------------------------------------------




Featured articles
-----------------

All articles are located at:
http://www.net-security.org/text/articles

Articles can be contributed to staff@net-security.org

Listed below are some of the recently added articles.

----------------------------------------------------------------------------

CONSOLE IOCTLS UNDER LINUX by Shok (Matt Conover)

Console IOCTLs can be very useful and powerful. These are the IOCTls that
involve the console. They are the user interface to manipulation of the console.
I am going to go over these console IOCTLs and give you examples of them.
You can make some pretty powerful programs, whether they be general utilities
or security programs, with these (such as Auto Console Switching and Console
Access Protection). The structure of this article will be the name of the IOCTL,
and then example source code to uses of the IOCTL.

Article:
< http://www.net-security.org/text/articles/console.shtml >

----------------------------------------------------------------------------

LKM: KERNEL HACKING MADE EASY by Nicolas Dubee - w00w00.org

The following applies to the Linux i86 2.0.x kernel series. It may also be
accurate for previous releases, but has not been tested. 2.1.x kernels
introduced a bunch of changes, notably in the memory managment routines,
and are not discussed here.

Article:
< http://www.net-security.org/text/articles/kernel.shtml >

----------------------------------------------------------------------------




Featured books
----------------

The HNS bookstore is located at:
http://net-security.org/various/bookstore

Suggestions for books to be included into our bookstore
can be sent to staff@net-security.org

----------------------------------------------------------------------------

SECRETS AND LIES: DIGITAL SECURITY IN A NETWORKED WORLD

Internationally recognized computer security expert Bruce Schneier offers a
practical, straightforward guide to achieving security throughout computer
networks. Schneier uses his extensive field experience with his own clients to
dispel the myths that often mislead IT managers as they try to build secure
systems. This practical guide provides readers with a better understanding of
why protecting information is harder in the digital world, what they need to
know to protect digital information, how to assess business and corporate
security needs, and much more.

Book:
< http://www.amazon.com/exec/obidos/ASIN/0471253111/netsecurity >

----------------------------------------------------------------------------

WINDOWS 2000 SYSTEM ADMINISTRATION HANDBOOK

>From the Inside Flap: Welcome to the Windows 2000 Systems Administration
Training Course. As IT professionals, we have watched Windows 2000 slowly
mature from a very rough NT5 beta 1 to a robust, polished Windows 2000
released product. As authors, we have attempted to bring you a collection of
the topics most relevant to systems administration while adding insight from
our own personal experiences implementing and administering Windows 2000
throughout the lengthy beta period, up to and including the final release. We
hope that you will find this multimedia training course useful as you study and
develop your Windows 2000 system administration skills.

Book:
< http://www.amazon.com/exec/obidos/ASIN/0130270105/netsecurity >

----------------------------------------------------------------------------

WINDOWS 2000 AND MAINFRAME INTEGRATION

The following topics are covered for both Windows 2000 and OS/390 (except
the topics that are inherently Windows 2000 specific): History of the operating
systems; overview of the operating systems; system architecture; memory
management; multitasking (multiprogramming); i/o device management; file
system; how programs are loaded and managed by the OS; job and task
management; Windows Scripting Host; catalogs and directories (including,
briefly, Windows 2000 Active Directory Service); DNS; printer management;
operator control of OS features; security; networking; transaction, database,
and message processing; communicating with OS/390 using terminal emulation
or an SNA server; SNA subdomains; overview of integrating Windows 2000 and
mainframe applications; using Mainframe Express to create a mainframe
development environment on a workstation; scalability; and availability.

Book:
< http://www.amazon.com/exec/obidos/ASIN/1578702003/netsecurity >

----------------------------------------------------------------------------

TRUST ON TRIAL: HOW THE MICROSOFT CASE IS REFRAMING THE RULES
OF COMPETITION

Is Microsoft truly a classic monopoly, whose aggressive pursuit of markets for
Internet browsers and operating systems is harmful to consumers and worthy
of government intervention? Or has it actually been a victim of aggressive rivals
(led by Sun, Novell, Oracle, and IBM) who called in high-level favors to keep Bill
Gates & Company out of the lucrative market for network servers? Richard
McKenzie, a noted economist and the author of more than 20 books, is
convinced of the latter. He advances a formidable argument on that behalf in
Trust on Trial, which maintains "the Microsoft case has shown--and not for the
first time - how politics can taint the antitrust enforcement process." Starting
with copies of major U.S. antitrust laws, McKenzie shows how cases such as
this eventually may affect consumers in both the short and long term.

Book:
< http://www.amazon.com/exec/obidos/ASIN/0738203319/netsecurity >

----------------------------------------------------------------------------

PROFESSIONAL WAP

Wireless Application Protocol and its related technologies are emerging as the
standard way of creating network-wise software for wireless computing devices,
such as mobile telephones. Wrox Press's crack team of programmer-writers have
put together a winner in Professional WAP. To a greater extent than any other
WAP book on the market, this volume shows its readers how to do real work by
using WAP, Wireless Markup Language (WML), WMLScript, and various toolkits
and servers that ease wireless application development. Best of all, the authors
realize that most folks working as WAP developers have Web roots; they explain
their subjects in terms that anyone with a bit of HTML and Web-scripting
(JavaScript or VBScript) background should be able to follow easily.

Book:
< http://www.amazon.com/exec/obidos/ASIN/1861004044/netsecurity >

----------------------------------------------------------------------------

DESIGNING SECURE WEB-BASED APPLICATIONS FOR MICROSOFT WINDOWS 2000

"Web-based applications" is getting to be a redundant term, but that only
highlights the fact that up-to-date programmers need to be familiar with the
strategies and practices used to build modern networked software. Designing
Secure Web-Based Applications for Microsoft Windows 2000 explains precisely
what its title specifies: the mechanisms for allowing Windows programs to
communicate over the network while maintaining security, plus their ways of
fitting into complete product architectures. It's an engineering document
with considerable information on identifying security threats, giving them
relative weight, and deciding how to deal with them in the designs of your
systems. The author has both done his homework and worked in the industry,
and it's a pleasure to read his distilled knowledge.

Book:
< http://www.amazon.com/exec/obidos/ASIN/0735609950/netsecurity >

----------------------------------------------------------------------------




Security Software
-----------------

All programs are located at:
http://net-security.org/various/software

----------------------------------------------------------------------------

FIRESTARTER 0.4.1 (LINUX)

The goal of FireStarter is to provide an easy to use, yet powerful, GUI tool for
setting up, administrating and monitoring firewalls for Linux machines. FireStarter
is made for the GNOME desktop. It can actively monitor your firewall and list any
unauthorized connection attempts made to your machine in a readable table
format. Changes: Better service determination, can launch firewall on PPP
connect, and bug fixes.

Link:
< http://net-security.org/cgi-bin/file.cgi?firestarter-0.4.1.tar.gz >

----------------------------------------------------------------------------

APPSTRAKA 3.10

AppsTraka is a powerful security program you can use to paint a very clear
picture of how others are using your computer. You can set it up to log all
open windows, including title, time, and duration, and to save screenshots of
your desktop at a regular interval of your choosing. Beyond surveillance,
AppsTraka allows you to deny access to any programs on your computer,
based on the current user. You can simply deny access altogether, impose a
time limit, or require a password to access any program you add to the secured
list. You can also hide items from the Start menu and select drives. You can run
AppsTraka in stealth mode, making the program all but undetectable, or make it
as visible as you wish, complete with warning messages.
This download expires after 30 days. The cost to register is $30.

Link:
< http://net-security.org/cgi-bin/file.cgi?appstraka310.exe >

----------------------------------------------------------------------------

QMAIL-SCANNER 0.92 (LINUX)

Qmail-Scanner (also known as Scan4Virus) is an addon that enables a Qmail
e-mail server to scan all gatewayed e-mail for certain characteristics. It is
typically used for its anti-virus protection functions, in which case it is used in
conjunction with commercial virus scanners. But it also enables a site to react
to e-mail that contains specific strings in particular headers, or particular
attachment filenames or types. Qmail-Scanner is integrated into the mail server
at a lower level than some other Unix-based virus scanners, resulting in better
performance. It is capable of scanning not only locally sent/received e-mail, but
also e-mail that crosses the server in a relay capacity.

Link:
< http://net-security.org/cgi-bin/file.cgi?qmail-scanner-0.92.tgz >

----------------------------------------------------------------------------

WINFINGERPRINT 227

Advanced remote windows OS detection. Current Features: Determine OS using
SMB Queries, PDC (Primary Domain Controlller), BDC (Backup Domain Controller),
NT MEMBER SERVER, NT WORKSTATION, SQLSERVER, NOVELL NETWARE SERVER,
WINDOWS FOR WORKGROUPS, WINDOWS 9X, Enumerate Servers, Enumerate
Shares including Administrative ($), Enumerate Global Groups, E numerate Users,
Displays Active Services, Ability to Scan Network Neighborhood, Ability to
establish NULL IPC$ session with host, Ability to Query Registry (currently
determines Service Pack Level & Applied Hotfixes.

Link:
< http://net-security.org/cgi-bin/file.cgi?winfingerprint-227.zip >

----------------------------------------------------------------------------

SPYTECH NETARMOR 1.0.2

Spytech NetArmor is a secure Internet protection utility for your Windows PC.
NetArmor's main objective is to detect possible malicious hacker intrusions and
alert you so you can safely shutdown your machine, log off, or disconnect from
the Internet. NetArmor is not a firewall, but a connection monitoring utility -
good for personal and corporate protection. NetArmor can detect attacks from
over 350 common backdoors. The unregistered version limits monitoring sessions
to 10 minutes. Registration costs $19.95.

Link:
< http://net-security.org/cgi-bin/file.cgi?netarmor.zip >

----------------------------------------------------------------------------

NMAP 2.54 BETA (LINUX)

Nmap is a utility for port scanning large networks, although it works fine for
single hosts. Sometimes you need speed, other times you may need stealth. In
some cases, bypassing firewalls may be required. Not to mention the fact that
you may want to scan different protocols (UDP, TCP, ICMP, etc.). Nmap
supports Vanilla TCP connect() scanning, TCP SYN (half open) scanning, TCP
FIN, Xmas, or NULL (stealth) scanning, TCP ftp proxy (bounce attack) scanning,
SYN/FIN scanning using IP fragments (bypasses some packet filters), TCP ACK
and Window scanning, UDP raw ICMP port unreachable scanning, ICMP scanning
(ping-sweep), TCP Ping scanning, Direct (non portmapper) RPC scanning, Remote
OS Identification by TCP/IP Fingerprinting, and Reverse-ident scanning. Nmap
also supports a number of performance and reliability features such as dynamic
delay time calculations, packet timeout and retransmission, parallel port scanning,
detection of down hosts via parallel pings.

Link:
< http://net-security.org/cgi-bin/file.cgi?nmap-2.54BETA3.tgz >

----------------------------------------------------------------------------





Defaced archives
------------------------

[21.08.2000] - Compunet Engineering
Original: http://www2.cne-kc.com/
Defaced: http://www.attrition.org/mirror/attrition/2000/08/21/www2.cne-kc.com/

[21.08.2000] - Computer multimedia and internet technology Pvt.Ltd
Original: http://www.visionindia.net/
Defaced: http://www.attrition.org/mirror/attrition/2000/08/21/www.visionindia.net/

[21.08.2000] - National Oceanic and Atmospheric Administration
Original: http://vortex.cmdl.noaa.gov/
Defaced: http://www.attrition.org/mirror/attrition/2000/08/21/vortex.cmdl.noaa.gov/

[21.08.2000] - Malaysian Department of Immigration
Original: http://www.imi.gov.my/
Defaced: http://www.attrition.org/mirror/attrition/2000/08/21/www.imi.gov.my/

[21.08.2000] - Atlantic City Free Public Library LibGate
Original: http://libgate.atlantic.city.lib.nj.us/
Defaced: http://www.attrition.org/mirror/attrition/2000/08/21/libgate.atlantic.city.lib.nj.us/

[21.08.2000] - Interactive Media, Inc.
Original: http://www.iowa.com/
Defaced: http://www.attrition.org/mirror/attrition/2000/08/21/www.iowa.com/

[21.08.2000] - Trend Micro Italy
Original: http://www.trendmicro.it/
Defaced: http://www.attrition.org/mirror/attrition/2000/08/21/www.trendmicro.it/

[22.08.2000] - Ars Electronica Center FORCE Server
Original: http://force.aec.at/
Defaced: http://www.attrition.org/mirror/attrition/2000/08/22/force.aec.at/

[22.08.2000] - Machine Intelligent System International
Original: http://misasia.com.sg/
Defaced: http://www.attrition.org/mirror/attrition/2000/08/22/misasia.com.sg/

[22.08.2000] - Linux Malaga
Original: http://www.linux-malaga.org/
Defaced: http://www.attrition.org/mirror/attrition/2000/08/22/www.linux-malaga.org/

[22.08.2000] - Gridlink Internet Services (primary nameserver)
Original: http://ns1.gridlink.com/
Defaced: http://www.attrition.org/mirror/attrition/2000/08/22/ns1.gridlink.com/

[22.08.2000] - South Georgia Business Systems
Original: http://www.sogbs.com/
Defaced: http://www.attrition.org/mirror/attrition/2000/08/22/www.sogbs.com/

[22.08.2000] - Ticketmaster UK Ltd
Original: http://www.ticketmaster.co.uk/
Defaced: http://www.attrition.org/mirror/attrition/2000/08/22/www.ticketmaster.co.uk/

[23.08.2000] - American Association for Higher Education
Original: http://aahe.org/
Defaced: http://www.attrition.org/mirror/attrition/2000/08/23/aahe.org/

[24.08.2000] - Highgate & Islington Internet
Original: http://www.digitalcertificate.co.uk/
Defaced: http://www.attrition.org/mirror/attrition/2000/08/24/www.digitalcertificate.co.uk/

[24.08.2000] - APG SA
Original: http://linux.atomis.com/
Defaced: http://www.attrition.org/mirror/attrition/2000/08/24/linux.atomis.com/

[25.08.2000] - JPL Space Exploration Post 509
Original: http://www.post509.org/
Defaced: http://www.attrition.org/mirror/attrition/2000/08/25/www.post509.org/

[26.08.2000] - Net Deamon
Original: http://www.netdeamon.net/
Defaced: http://www.attrition.org/mirror/attrition/2000/08/26/www.netdeamon.net/

[26.08.2000] - Eutelsat
Original: http://www.euteltracs.org/
Defaced: http://www.attrition.org/mirror/attrition/2000/08/26/www.euteltracs.org/

[26.08.2000] - Solution Bankcard
Original: http://www.solutionbankcard.com/
Defaced: http://www.attrition.org/mirror/attrition/2000/08/26/www.solutionbankcard..com/

[26.08.2000] - Gamescentral.com
Original: http://www.gamescentral.com/
Defaced: http://www.attrition.org/mirror/attrition/2000/08/26/www.gamescentral.com/

----------------------------------------------------------------------------



Questions, contributions, comments or ideas go to:

Help Net Security staff

staff@net-security.org
http://net-security.org



---------------------------------------------------------------------
To unsubscribe, e-mail: news-unsubscribe@net-security.org
For additional commands, e-mail: news-help@net-security.org

Login or Register to add favorites

File Archive:

May 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    44 Files
  • 2
    May 2nd
    5 Files
  • 3
    May 3rd
    11 Files
  • 4
    May 4th
    0 Files
  • 5
    May 5th
    0 Files
  • 6
    May 6th
    28 Files
  • 7
    May 7th
    3 Files
  • 8
    May 8th
    4 Files
  • 9
    May 9th
    54 Files
  • 10
    May 10th
    12 Files
  • 11
    May 11th
    0 Files
  • 12
    May 12th
    0 Files
  • 13
    May 13th
    17 Files
  • 14
    May 14th
    11 Files
  • 15
    May 15th
    17 Files
  • 16
    May 16th
    13 Files
  • 17
    May 17th
    22 Files
  • 18
    May 18th
    0 Files
  • 19
    May 19th
    0 Files
  • 20
    May 20th
    0 Files
  • 21
    May 21st
    0 Files
  • 22
    May 22nd
    0 Files
  • 23
    May 23rd
    0 Files
  • 24
    May 24th
    0 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close