HNS Newsletter
Issue 31 - 25.09.2000
http://net-security.org

Net-Sec is a newsletter delivered to you by Help Net Security. It covers weekly 
roundups of security events that were in the news the past week. 
Visit Help Net Security for the latest security news - http://www.net-security.org.


Subscribe to this weekly digest on:
http://www.net-security.org/text/newsletter

Table of contents:

1) General security news
2) Security issues
3) Security world
4) Featured articles
5) Security books
6) Security software
7) Defaced archives



============================================================
Sponsored by Dialego - Online Market Research
============================================================
We conduct the first world-wide online survey for IT-security specialists.
Please click http://www.dialego.de/1033_it/_e/sman.php3?co=e , fill in the 
online questionnaire and you may be one of the lucky people to win prizes in 
the amount of altogether € [EURO] 1500:
   1st prize: Casio Digital Camera
     2nd prize: 3Com Palm Personal Digital Assistant
        3rd prize: Tandem parachute jump
plus 50 personal firewalls as individual protection for your computer plus
50 programs for boot protection and hard disk encryption
============================================================



General security news
---------------------

----------------------------------------------------------------------------

GUIDE - BUILDING A DHCP SERVER
A DHCP server is incredibly easy to set up in Linux. This guide at 
FrankenLinux.com will help you do it in 12 minutes. Also, we have 
an article dealing with DHCP in our Articles section.
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.frankenlinux.com/guides/dhcpserver.html
Link: http://www.net-security.org/text/articles/lg_3.shtml


NEW BLOW TO INTERNET BANKING SECURITY
The future of internet banking was thrown into chaos last night 
after a British computer expert accessed bank account details of 
millions of Americans from his home in the Isle of Man during a 
routine check on his US bank account. Ralph Dressel, a 28-year-old 
software analyst at Royal Skandia lnvestment bank, contacted 
The Observer having obtained bank security details that allowed 
him to "walk" straight into internet bank accounts at institutions 
across the US.
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.guardian.co.uk/internetnews/story/0,7369,372676,00.html


E-MAIL TAMPERING
A Singaporen man was sentenced to five months in jail for illegally 
accessing the e-mail account of his former girlfriend, making him the 
first to be convicted of such a crime in the city-state, the Straits 
Times reported several days ago.
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://web.lexis-nexis.com/more/cahners-chicago/11407/6341404/2


THE :CUECAT PRIVACY ADVISORY
The Privacy Foundation has released an advisory this morning
calling for changes in the way the :CueCat bar code scanner
is tracking users. The full text of the advisory is
available on the following link
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.privacyfoundation.org/advisories/advCueCat.html


CARNIVORE FAQ
Our affiliates at LinuxSecurity.com host a rather large Carnivore 
FAQ (Frequently Asked Questions). Document provides some answers 
to common questions posted about Carnivore.
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.linuxsecurity.com/resource_files/documentation/carnivore-faq.html


PRIVACY CONCERNS OVER AUSTRALIAN E-HEALTH NETWORK RISE
There have been a number of calls for a slow-down in the 
implementation of an Australia-wide electronic health network as consumer 
groups and privacy advocates become concerned over the security and uses 
made of patients' medical information.
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.computeruser.com/news/00/09/23/news8.html


ATTACKERS
Two attackers, who allegedly entered the National Aeronautics and 
Space Agency (NASA) and other government and university computers, 
are feeling the real-time pinch of the long arm of the law.
Link: http://www.32bitsonline.com/article.php3?file=news/200009/nb200009221&page=1


PHONE.COM TAKES AIM AT WAP SECURITY HOLE
In current WAP transmissions, data must use two security protocols - 
WTLS during the wireless part of the journey and SSL once the data 
hits the wires. There is a split second when the data must decrypt and 
re-encrypt to switch from one protocol to the other. A security flaw 
could occur if someone was able to crash the machine in the split 
second between decryption and re-encryption, causing a memory 
dump to the disk.
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.zdnet.co.uk/news/2000/38/ns-18063.html


WAP VERSION OF HELP NET SECURITY
Help Net Security is available for viewing via WAP enabled GSM 
appliances. With a script created by Gordan Gledec you can read 
latest security news on your GSM phone or any other device that 
uses WAP. If you are interested how it looks like visit the following 
link (powered by Gelon Wapalizer).
Link: http://wap.net-security.org/wap/


"COMRADE" SENTENCED TO 6 MONTHS
A 16-year-old Miami male pleaded guilty to two acts of juvenile 
delinquency for computer hacking and was sentenced to six months
 in a detention facility, said attorney general Janet Reno Thursday.
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.techweb.com/wire/story/TWB20000921S0023


HERBLESS INTERVIEWED
PhantasmP of HWA-Security yesterday interviewed one of the names 
that were in the news for the past few days - Herbless. He is 
connected to some defacements where he put his opinions on DeCSS 
and fuel situation and if you saw the item below, he announced he 
quits defacing.
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://hwa-security.net/herbless.txt


HERBLESS QUITS
Herbless, who defaced the websites of HSBC, Legoland and 450 others 
as part of the fuel protest in the last month, has announced his sudden 
exit from the scene. Speaking exclusively to vnunet.com, Herbless said: 
"For various reasons that may or may not become apparent, I have left 
the hacking scene for good. You won't hear of any more defacements 
by Herbless. Let's just say that it is the price of freedom, and is worth
paying."
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.vnunet.com/News/1111333


AOL'S LOOSE CANNON: JUSTIN FRANKEL
The programmer's an employee of America Online, but the creator of 
Gnutella's has a funny way of saying thank you. Frankel has, in fact, 
devised some software, but not the kind AOL was expecting. The latest 
creation of the 21-year-old programmer enables users of AOL's wildly 
popular Instant Messenger to delete the ads from the online chat program. 
What's more, a Web site owned by Nullsoft, and ultimately AOL, has been 
giving away the software.
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.zdnet.com/zdnn/stories/news/0,4586,2630789,00.html


VIDEO INTERVIEW
Mudge, @stake's Vice President of Research & Development, gives us 
his thoughts on the state of computer security today and why, as time 
has gone by, we still have a long way to go.
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.securityfocus.com/media/64


WHITE HAT HACKERS BREAK INTO VA BENEFITS COMPUTERS
At a House oversight subcommittee hearing today, the VA's inspector 
general's office said it had contracted with a private security company 
to conduct penetration tests of the department's computer systems, 
tests that led hired hackers to gain "high level" access to VA records.
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.telekomnet.com/news/9-21-00_hackers_vacomputers.asp


MP3.COM OFFERS SECURE PAYMENTS SERVICE
Online music service provider MP3.com is offering a secure and 
convenient payment system with eCharge Corp. MP3.com customers 
can now purchase CDs and MP3.com merchandise online with an 
eCharge Net Account, which uses proprietary encryption technology 
and digital certificates.
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.techweb.com/wire/story/TWB20000921S0012


COMPANIES CAPITALISE ON WEB FRAUD FEARS
US credit card companies portray themselves as watchdogs guarding 
customers against Internet fraud, but some of their security measures 
are just clever marketing tools to win new customers. Credit card theft 
occurs three to ten times more online than it does in stores, and such 
card companies as American Express are rushing to devise online security 
measures to protect people. 
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.zdnet.co.uk/news/2000/37/ns-18024.html



THIS EMAIL WILL SELF-DESTRUCT 
"SafeMessage is the electronic answer to the shredding machine. It is 
the first industrial-strength, secure messaging product of its kind for 
not only large corporations, but also individuals," said Graham Andrews, 
chief executive officer of AbsoluteFuture, which developed the product.
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.wired.com/news/technology/0,1282,38936,00.html


TARGETING US-RUSSIAN EXERCISE
Hackers in the US attempted to disrupt a combined US-Russian exercise 
aimed at dealing with major natural disasters, reported AFP quoting the 
ITAR-TASS news agency. Looks fishy...
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.theregister.co.uk/content/6/13420.html


VBS.DISABLED.WORM 
VBS.Disabled.Worm is a script worm that is similar in function to 
VBS.NewLove.Worm. It uses Microsoft Outlook to send itself. Upon 
execution, it deletes all files from your hard drive except for files in the 
root directory. The body of the email message is in French. 
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.symantec.com/avcenter/venc/data/vbs.disabled.worm.html


COPA READIES ITS REPORT
A federally created commission studying online child protection will recommend 
to Congress that an independent research bureau be created to review 
filtering software and may also push for a special kid-friendly Internet 
zone, its chairman says.
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.mercurycenter.com/svtech/news/breaking/ap/docs/420529l.htm


ONLINE PRIVACY
Industry watchers say growing consumer concerns over the use of 
personal online data is a huge obstacle for e-commerce. So far, lawmakers 
have refrained from regulating general online privacy.
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.techweb.com/wire/story/TWB20000920S0013


GERMAN HACKER BIDS TO JOIN INTERNET BOARD
Andy Mueller-Maguhn, spokesman of the Chaos Computing Club, is one 
of seven candidates from Europe hoping to be elected to the board of 
the Internet Corporation for Assigned Names and Numbers (Icann). He 
is emerging as the surprise favourite with 2866 endorsements - more 
than any other candidate worldwide.
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.vnunet.com/News/1111267


NTBUGTRAQ ACQUIRED BY ICSA.NET
One of the places where NT hackers and security experts post their 
opinions and vulnerabilities has been acquired. Russ Cooper, moderator 
of the popular e-mail list NTBugTraq, sold the list to ICSA.net. He will 
stay aboard as the moderator of the list.
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.msnbc.com/news/459092.asp

----------------------------------------------------------------------------



============================================================
Sponsored by Dialego - Online Market Research
============================================================
We conduct the first world-wide online survey for IT-security specialists.
Please click http://www.dialego.de/1033_it/_e/sman.php3?co=e , fill in the 
online questionnaire and you may be one of the lucky people to win prizes in 
the amount of altogether € [EURO] 1500:
   1st prize: Casio Digital Camera
     2nd prize: 3Com Palm Personal Digital Assistant
        3rd prize: Tandem parachute jump
plus 50 personal firewalls as individual protection for your computer plus
50 programs for boot protection and hard disk encryption
============================================================




Security issues
---------------

All vulnerabilities are located at:
http://net-security.org/text/bugs


----------------------------------------------------------------------------

MAJOR VULNERABILITY IN ALABANZA CONTROL PANEL
This is serious enough since you can delete all resold domains for a particular 
webhosting company. You can also change the default MX and CNAME records 
of all associated domains.
Link: http://www.net-security.org/text/bugs/969896875,69779,.shtml


E*TRADE LOGINS/PASSWORDS REMOTELY RECOVERABLE
Due to flaws in E*TRADE's software, a remote third party can recover the 
usernames and plain-text passwords of any E*TRADE user. The vector of attack 
can be a malicious (but innocent looking) web site, an email, or a variety of more 
obscure methods. A local compromise of the user's machine is not required. The 
attacker only needs to seek out known or likely E*TRADE users and contact them.
The result of the attack is that the attacker will have the user's username and 
password. This will allow the attacker arbitrary access to the account, including 
banking, securities trading, and other valuable access.
Link: http://www.net-security.org/text/bugs/969714869,69820,.shtml


MULTIPLE VULNERABILITIES IN CISCOSECURE ACS
Multiple vulnerabilities have been identified and fixed in CiscoSecure ACS for 
Windows NT Server:
- The CSAdmin software module can be forced to crash by sending it an 
oversized URL.
- CiscoSecure ACS for Windows NT Server can be placed into an unstable state 
by sending it an oversized TACACS+ packet.
- The enable password can be bypassed to gain unauthorized privileges on a 
router or switch when CiscoSecure ACS for Windows NT Server is used in 
conjunction with an LDAP server that allows users to have null passwords.
Link: http://www.net-security.org/text/bugs/969635524,66062,.shtml


DOS IN BROWSEGATE (HOME) V2.80
Delphis Consulting Internet Security Team discovered that it's possible to cause 
Browsegate to crash with an invalid read error. 
Link: http://www.net-security.org/text/bugs/969580439,75618,.shtml


RED HAT LINUX - GLINT SYMLINK VULNERABILITY
If a specific symlink exists in /tmp, glint will open it and write to it when run by 
root - so destruction of any file is possible. Note that glint does not work with 
RPM 3.0 or higher. If you have RPM 3.0 or higher installed, just uninstall the glint 
package to remove this vulnerability.
Link: http://www.net-security.org/text/bugs/969580219,81985,.shtml


EXTENT RBS DIRECTORY TRANSVERSAL
Extent RBS allows users to register a new subscription via Credit Card through 
their web browser. The problem is that the web server does not check for 
directory transversal when reading image files. Thus any file available on the 
same partition (in WinNT or any file on the *NIX system) which Extent RBS has 
permissions to read, can be read by a malicious user. 
Link: http://www.net-security.org/text/bugs/969579949,36863,.shtml


EXPLOIT USING EUDORA AND THE GUNINSKI HOLE
Eudora saves all attachments in a single directory upon receiving the mail; a mail 
message need not be open for its attachment to be decoded and saved in that 
common directory. An intruder need only send an e-mail with a trojaned DLL as 
described in the Guninski advisory, along with or followed by an e-mail containing 
a Word document.
Link: http://www.net-security.org/text/bugs/969408551,99330,.shtml


WINCOM LPD DOS
A continuos stream of LPD options, sent to the LPD port (default TCP port 515) 
on the host running WinCOM, will eventually consume all the memory on that 
host. Systems Affected: WinCOM LPD V1.00.90 for Windows NT
Link: http://www.net-security.org/text/bugs/969406272,66800,.shtml


DIGITAL UNIX KDEBUGD REMOTE VULNERABILITY
The kdebug daemon can be exploited by remote users to open and display the 
contents of any file on the system. It can also be used to write to the beginning 
of any file on the system overwriting data which was previously there. Affected: 
Digital UNIX 4.0F, other versions believed to be as well but untested.
Link: http://www.net-security.org/text/bugs/969406252,65377,.shtml

----------------------------------------------------------------------------



Security world
--------------

All press releases are located at:
http://net-security.org/text/press

----------------------------------------------------------------------------

DIGITAL:CONVERGENCE EXPERIENCES SECURITY BREACH - [20.09.2000]

Internet technology company Digital:Convergence Corporation experienced a 
security breach that may have exposed certain members' names and email 
addresses. The company was alerted of breach efforts by Peter Thomas at 
Securitywatch.com. The company has secured the site and is conducting a 
thorough security examination. 

Press release:
< http://www.net-security.org/text/press/969275944,52786,.shtml >

----------------------------------------------------------------------------

XCERT PROVIDES SECURITY FOR SMART VISA PLATFORM - [20.09.2000]

Xcert, a leading provider of software products for securing Internet transactions 
and communications, announced that its Sentry CA public key infrastructure 
software is being offered as part of Visa U.S.A.'s newly introduced smart Visa 
Technology Platform. Xcert's technology, a component of the smart Visa 
Access application provides the foundation for secure Internet access using a 
smart Visa card. 

Press release:
< http://www.net-security.org/text/press/969318536,94967,.shtml >

----------------------------------------------------------------------------

INTEL BRINGS NETWORK SECURITY TO MOBILE PCs - [20.09.2000]

Addressing a gap in network security solutions, Intel Corporation announced the 
industry's first high-speed, security network adapters for mobile PCs. Intel also 
introduced updated LAN security connections for desktop PCs and servers. The 
new connections help protect confidential information, such as intellectual 
property, financial transactions, human resource records and customer 
demographics, transmitted across a local area network (LAN). 

Press release:
< http://www.net-security.org/text/press/969318710,4731,.shtml >

----------------------------------------------------------------------------

PDS 2100 SECURITY APPLIANCE FROM INTRUSION.COM - [20.09.2000]

Intrusion.com, Inc., a leading provider of enterprise security solutions for the 
information-driven economy, announced a new class of low-cost security 
appliances targeted at small offices. The SecureCom PDS 2100 appliance series, 
designed for maximum flexibility and ease of use, will initially feature Check Point 
Software's VPN-1/FireWall-1 SmallOffice security software, also announced 
by Check Point, for a combined price starting under $1,800. 

Press release:
< http://www.net-security.org/text/press/969318830,3134,.shtml >

----------------------------------------------------------------------------

FREE SECURITY MANAGEMENT SOLUTION FOR LINUX - [20.09.2000]

Solsoft, Inc., the leading provider of policy management for e-Business security, 
announced immediate availability of the newest version of its free Linux security 
management solution. Following the success of its first release of Solsoft-NP-Lite 
for Linux in July, the new version, called Solsoft NP-Lite 4.0, offers robust 
functionality including: a new visual interface for easier definition of the security 
policies, an enhanced compiler for optimized filters and performance, and a new 
Policy Audit function for a better view of defined policies and existing breaches.

Press release:
< http://www.net-security.org/text/press/969378146,17801,.shtml >

----------------------------------------------------------------------------

ICSA.NET ACQUIRES NTBUGTRAQ - [20.09.2000]

ICSA.net, the global leader in Internet security, has acquired NTBugtraq, the 
leading source for Microsoft-related security intelligence, and hired its owner, 
Russ Cooper, to continue managing the service. NTBugtraq is an Internet-based 
forum that encourages security technicians to discuss and notify other 
professionals about Windows-based vulnerabilities.

Press release:
< http://www.net-security.org/text/press/969407614,32192,.shtml >

----------------------------------------------------------------------------

PROTEGRITY ADDS PKI FUNCTIONALITY TO SECURE.DATA - [20.09.2000]

Protegrity, Inc., the leading provider of solutions that protect franchise data, 
announced at the Baltimore Technologies Global e/Security 2000 Convention 
that it has licensed Baltimore KeyTools to enable public key infrastructure (PKI) 
interoperability in its Secure.Data information-privacy solution.

Press release:
< http://www.net-security.org/text/press/969409157,9537,.shtml >

----------------------------------------------------------------------------

FIREWALL AND IPSEC COMPLIANT VPN FROM ELRON - [20.09.2000]

Cayman Systems, Inc., a global provider of broadband gateway solutions, 
announced a joint business initiative with Elron Software. As the first step in 
the initiative to offer value added services, Cayman adds Elron's Internet 
Manager Firewall(TM) and IPSEC compliant VPN security software to its 3220 
and 2E500 gateway product families, further strengthening the security 
capabilities already packed into the products. 

Press release:
< http://www.net-security.org/text/press/969409232,14973,.shtml >

----------------------------------------------------------------------------

SYMANTEC ANNOUNCES PRODUCT SUPPORT FOR WIN2000 - [20.09.2000]

Symantec Corp., a world leader in Internet security, announced product support 
for the new Windows Millennium Edition operating system. With the new OS 
focusing heavily on the connected consumer experience, many of Symantec's 
best-of-breed solutions will provide users the safety and protection they require 
while surfing the Internet. The following Symantec solutions are Windows Me 
compatible: Norton SystemWorks 2001, Norton SystemWorks 2001 Professional 
Edition, Norton Internet Security 2001, Norton Internet Security 2001 Family 
Edition, Norton Personal Firewall 2001, Norton AntiVirus 2001, Norton Utilities 
2001, Norton CleanSweep 2001 and Norton Ghost 2001.

Press release:
< http://www.net-security.org/text/press/969409302,92874,.shtml >

----------------------------------------------------------------------------

SMARTGUARD RELEASED BY V-ONE - [20.09.2000]

V-ONE Corporation, a leading provider of Virtual Private Networks, released the 
latest version of its award-winning SmartGuard Security Appliance, which now 
includes Secure Multiple Unit Management over the Internet and IPSec for 
Site-to-Site using IKE. These features enhance the robust VPN capabilities 
already included in SmartGuard version 1.0

Press release:
< http://www.net-security.org/text/press/969409654,65302,.shtml >

----------------------------------------------------------------------------

WATCHGUARD LIVESECURITY SERVICE - [20.09.2000]

Further expanding the reach of its LiveSecurity Service, WatchGuard Technologies 
announced that its Internet security software and services will be automatically 
available in wired homes using Leviton's new Vestal Router. Leviton will market 
the Vestal Router to builders and contractors nationwide, as well as to individual 
homeowners doing remodeling projects or upgrading their homes to support 
computer networks and Internet access. WatchGuard will operate the LiveSecurity 
Service, delivering firewall protection to owners of these "wired homes." 

Press release:
< http://www.net-security.org/text/press/969450519,49878,.shtml >

----------------------------------------------------------------------------

CYLINK SECURES BLUETOOTH WIRELESS NET TECHNOLOGY - [20.09.2000]

Secure e-business pioneer Cylink Corporation announced that its SAFER+ 
encryption algorithm is being used for user authentication within Bluetooth, a 
protocol that is rapidly growing in use for wireless communications. More than 
1,700 companies support the Bluetooth protocol. With Bluetooth-enabled devices, 
a wireless personal area network (PAN) for mobile commerce can easily be created 
using peripheral devices, notebooks or handheld computers, smart telephones, 
and even vending machines. The SAFER+ algorithm is one section of the Bluetooth 
protocol. The algorithm enables one user to send a test message to a recipient for 
encryption and compare the returned encrypted message with his own encryption 
of the test message. A perfect match verifies the recipient’s authenticity. 

Press release:
< http://www.net-security.org/text/press/969460501,25978,.shtml >

----------------------------------------------------------------------------

SECURE COMPUTING SECURES ERICSSON R380 SMARTPHONE - [21.09.2000]

Secure Computing and Ericsson today announced that the Ericsson R380 
smartphone is available on GSM markets with Secure Computing's SafeWord 
authentication token. Now, SafeWord users can use the R380 smartphone to 
authenticate to networks and applications protected by SafeWord.

Press release:
< http://www.net-security.org/text/press/969549592,49689,.shtml >

----------------------------------------------------------------------------

WATCHGUARD RECEIVES COMMON CRITERIA CERTIFICATION - [21.09.2000]

WatchGuard Technologies, Inc., a leader in Internet security solutions, announced 
that its LiveSecurity System and the Firebox II firewall appliance have been 
awarded Common Criteria Certification. WatchGuard's Firebox II is the first firewall 
appliance for the small to medium size enterprise market to receive this certification. 
Some U.S. government agencies and certain countries require that Internet security 
products they purchase meet Common Criteria Certification. 

Press release:
< http://www.net-security.org/text/press/969549687,31372,.shtml >

----------------------------------------------------------------------------

ONLINE CREDIT CARD FRAUD-ELIMINATING TECHNOLOGY - [22.09.2000]

What is the biggest barrier to the growth of e-commerce and the Internet and 
prevents more than half of the world's Internet users from making an online 
purchase? Fears of online credit card fraud and security and privacy issues. 
iShopSecure, Inc., a privately-held company based in Davie, Florida, has 
launched a patent-pending technology and business process that eliminates 
credit card fraud and allows consumers to shop from more than 750,000 web 
sites without putting their credit card or other personal information online. 

Press release:
< http://www.net-security.org/text/press/969585687,91319,.shtml >

----------------------------------------------------------------------------

IDENTIX COMBINES TWO SECTORS INTO SECURITY DIVISION - [22.09.2000]

Identix Inc., a worldwide leader in providing user authentication, security and 
identification solutions, Friday announced that it has established a new 
organizational structure for its commercial market products, combining its 
Physical Access and IT divisions into one division, Security. 

Press release:
< http://www.net-security.org/text/press/969635824,19544,.shtml >

----------------------------------------------------------------------------

PRIVACY FOUNDATION'S OPINION ON CUECAT ISSUE - [23.09.2000]

Marketers of the :CueCat, a new consumer electronics device that attaches to 
PCs and TV sets, should disable a personal tracking feature and disclose more 
details about how information collected will be used, the Privacy Foundation 
requested today. "The Privacy Foundation has serious privacy concerns with the 
:CueCat,’’ said Richard M. Smith, chief technology officer of the foundation. 
"We are asking the company to fix the service now, before it is in widespread use."

Press release:
< http://www.net-security.org/text/press/969715210,80941,.shtml >

----------------------------------------------------------------------------

VISA PARTNERS WITH SECURIFY - [24.09.2000]

Securify, a leading eSecurity services provider, announced its appointment by 
Visa U.S.A. to manage smart Visa Access, a key component of the smart Visa 
Technology Platform. The smart Visa Technology Platform is a new payment 
card platform with multi-function capabilities powered by cutting edge chip 
technology. The smart Visa card enables Visa financial institutions to combine 
the purchasing power of traditional payment cards with smart chip technology 
to offer added security, utility and convenience to consumers. The smart Visa 
Access system, a critical component of the smart Visa Technology Platform, 
authenticates Visa cardholders, thus allowing banks to offer secure, 
personalized services delivered through the Internet.

Press release:
< http://www.net-security.org/text/press/969750752,5714,.shtml >

----------------------------------------------------------------------------



Featured articles
-----------------

All articles are located at:
http://www.net-security.org/text/articles

Articles can be contributed to staff@net-security.org

Listed below are some of the recently added articles.

----------------------------------------------------------------------------

ISSUES: HIRING HACKERS, THE FINE LINE BETWEEN CULT AND CRIMINAL by Thejian

Obviously there are a lot of technically talented individuals running around in the 
hacking scene nowadays. There always have, it's the root of its existence. This 
has given birth to another interesting issue. Besides hacking being marketable 
and trendy, the underground today has the full attention of the corporate world 
where the skills are recognized (in some) and could be put to good use as well. 
In short, hiring hackers, if not good for profits at least is the trendy thing to do. 
And looking at the security problems some companies are having that definately 
is a good thing. However, it also raises the question of trust. 

Article:
< http://www.net-security.org/text/articles/thejian/hiring.shtml >

----------------------------------------------------------------------------

SECURING A REDHAT LINUX 6.2 MACHINE (BASICS) by bokuden

This article covers the basics of making a virgin redhat install more or less 
secure before putting it on the internet. Remember all of this work should be 
done before the box is put online, as machines can be rooted in minutes of 
being on the net. 

Article:
< http://www.net-security.org/text/articles/srh.shtml >

----------------------------------------------------------------------------

THE SECRETS OF SNOOP by Lance Spitzner

How to best leverage the network sniffer snoop, with various command line 
examples. Included are examples on how to analyze network traffic and improve 
your network security.

Article:
< http://www.net-security.org/text/articles/spitzner/snoop.shtml >

----------------------------------------------------------------------------

DETECTION OF AN UNKNOWN VIRUS by Kaspersky Lab

In this chapter we discuss the situations which user faces when he suspects, 
that his computer is infected, but none of the anti-viruses known to him tested 
positive. How and where to look for virus? What tools are needed for that, what 
methods to use and what rules to follow?

Article:
< http://www.net-security.org/text/articles/viruses/detection.shtml >

----------------------------------------------------------------------------

VIRUS ALGORITHM ANALYSIS by Kaspersky Lab

"To my mind the most suitable object for keeping and analyzing the virus is a file 
containing the virus body. In practice to analyze the file virus it is convenient to 
have several infected files of different, but not too large, size. Except that it is 
desirable to have infected files of all kinds (COM, EXE, SYS, BAT, NewEXE) that 
this virus can infect..."

Article:
< http://www.net-security.org/text/articles/viruses/analysis.shtml >

----------------------------------------------------------------------------

RECOVERY OF AFFECTED OBJECTS by Kaspersky Lab

In most cases of viral infection the procedure of recovery of infected files and 
disks means running a suitable anti-virus capable of disarming the system. 
However, in the virus is not known to any anti-virus, it is enough to send the 
infected file to anti-virus developer companies, and in some time (usually 
several days or weeks) receive the cure updates for this virus. But if time 
presses, you will have to disarm the virus yourself.

Article:
< http://www.net-security.org/text/articles/viruses/recovery.shtml >

----------------------------------------------------------------------------

PACIFIC BELL ALERTS CUSTOMERS TO 90# SCAM

Pacific Bell is alerting consumers and advising them how to protect themselves 
from a telephone scam that is once again generating e-mail traffic on the 
Internet. If consumers receive a call from someone claiming to be a telephone 
technician, seeking to test the phone line and requesting that consumers dial 
90#, consumers should hang up immediately without dialing the requested 
numbers. Residential and business customers are targeted. 

Article:
< http://www.net-security.org/text/articles/bell.shtml >

----------------------------------------------------------------------------

ANTI-VIRUS PROGRAMS by Andrew Krukov, AVP Team 

I would like to point out that there are no anti-viruses guaranteeing 100 percent 
protection from viruses. Any declarations about their existence may be considered 
to be either an advertising trick or a sign of incompetence. Such systems do not 
exist because for each anti-virus algorithm it is always possible to suggest virus 
counter algorithm, making this particular virus invisible for this particular anti-virus 
(fortunately the opposite is also true: for any anti-virus algorithm it is always 
possible to create an anti-virus).

Article:
< http://www.net-security.org/text/articles/viruses/programs.shtml >

----------------------------------------------------------------------------

KASPERSKY LAB MAKES LINUX EVEN MORE SECURE

Kaspersky Lab, an international anti-virus software development company, 
announces a new version of Kaspersky Anti-Virus (AVP) for Linux. This latest 
version combines unique functionality, significantly simplifying the program’s use 
and the world's first anti-virus solution to integrate into the popular e-mail 
gateways Sendmail and Qmail.

Article:
< http://www.net-security.org/text/articles/viruses/linux.shtml >

----------------------------------------------------------------------------

"JAVANIZATION" OF MOBILE PHONES: A GREEN LIGHT FOR MALICIOUS PROGRAMS?

On 19 August, Sun Microsystems and some of its partners announced the 
shipment of Mobile Information Device (MID) standard, based on the Java 
programming language (Java™ 2 Platform Micro Edition – J2ME) for use on 
mobile phones. At the same time, Motorola, one of the biggest companies 
for the development of wireless technologies, released an application
programming interface (API), allowing for the development of additional 
programs for its wireless devices.

Article:
< http://www.net-security.org/text/articles/viruses/javanization.shtml >

----------------------------------------------------------------------------




Featured books
----------------

The HNS bookstore is located at:
http://net-security.org/various/bookstore

Suggestions for books to be included into our bookstore 
can be sent to staff@net-security.org

----------------------------------------------------------------------------

ENHANCED IP SERVICES FOR CISCO NETWORKS: A PRACTICAL RESOURCE FOR 
DEPLOYING QUALITY OF SERVICE, SECURITY, IP ROUTING, AND VPN SERVICES

The book provides a useful and instructive breakdown of each enhanced service: 
what it is, why you need it, how it works, how to deploy it, how to validate it. 
This book offers a practical guide to implementing IPsec, the IOS Firewall, and 
IOS Intrusion Detection System. Also included are advanced routing principles 
and quality of service features that focus on improving the capability of your 
network. A good briefing on cryptography fully explains the science that makes 
VPNs possible. Rather than being another routing book, this is a guide to 
improving you network's capabilities by understanding and using the 
sophisticated features available to you in Cisco's IOS software.

Book:
< http://www.amazon.com/exec/obidos/ASIN/1578701066/netsecurity >

----------------------------------------------------------------------------

JAVA SECURITY

This book is extraordinary both for its technical depth and its readability. It 
provides the Java programmer with a complete overview of the Java security 
architecture and security classes, plus a wealth of detailed information and code 
examples for specific implementations. The following chapters look in depth at the 
elements of the Java security architecture: language rules, class loaders, the 
security manager, the access controller, and permission objects. All these 
chapters provide detailed information on implementation, as well as an excellent 
explanation of the role of each feature within the entire security picture. The 
second half of the book covers cryptographic features in the Java security 
package and how Java programs work with code that performs authentication 
and encryption. Here, you'll find detailed chapters on message digests, keys and 
certificates, key management, digital signatures, and the Java Cryptography 
Extensions. Anyone who needs to understand Java security, but especially those 
who will implement security features in Java applications, will want this book.

Book:
< http://www.amazon.com/exec/obidos/ASIN/1565924037/netsecurity >

----------------------------------------------------------------------------

JAVA 2 NETWORK SECURITY

Rather than focusing on how a Java system can be broken, the authors show 
managers, network administrators, developers, and security professionals how 
Java can be made secure and how to exploit its strengths. Topics include the 
pros and cons of each Java security alternative; architectural techniques for 
maximizing security; securing Web and intranet applications; deploying or limiting 
Java across firewalls; integrating Java and SSL; and using Java's Cryptography 
APIs. The disk contains source code and links to Java security Web sites.

Book:
< http://www.amazon.com/exec/obidos/ASIN/0130155926/netsecurity >

----------------------------------------------------------------------------

LINUX SYSTEM SECURITY: THE ADMINISTRATOR'S GUIDE TO OPEN SOURCE 
SECURITY TOOLS

The introduction of Linux System Security acknowledges that there's no magic 
bullet as far as security is concerned. Security-minded system administration is 
a process of constant revision. It promises, though, that "if you follow the 
procedures outlined, you will certainly reduce your level of vulnerability." The 
book delivers on that promise in spades. Using Red Hat Linux as the 
demonstration environment, the authors explain how to use a suite of publicly 
available tools to analyze, protect, and monitor your machines and networks. 
They approach the subject from a practical standpoint, emphasizing software 
and its use while referring the reader (using copious bibliographic notes) to 
more specialized works for detailed information on cryptography, firewall 
configuration, and other subjects.

Book:
< http://www.amazon.com/exec/obidos/ASIN/0130158070/netsecurity >

----------------------------------------------------------------------------

IMPLEMENTING AS/400 SECURITY

A concise, practical guide to implementing, evaluating, and auditing an AS/400 
security strategy. This edition (first was 1992) brings together the fundamental 
AS/400 security tools and experience-based recommendations, and includes the 
security enhancements available in OS/400 Version 3 Release 1.

Book:
< http://www.amazon.com/exec/obidos/ASIN/1882419782/netsecurity >

----------------------------------------------------------------------------



Security Software
-------------------

All programs are located at:
http://net-security.org/various/software

----------------------------------------------------------------------------

AMAVIS 0.2.1-PRE3

AMaViS (A Mail Virus Scanner) scans e-mail attachments for viruses using 
third-party virus scanners available for UNIX environments. It resides on a UNIX 
(Linux) machine and looks through the attached files arriving via e-mail, 
generates reports when a virus is found and sets the delivery on hold. 

Link:
< http://net-security.org/various/software/969754025,36384,.shtml >

----------------------------------------------------------------------------

PHPSECUREPAGES 0.19B

phpSecurePages is a PHP module to secures pages with a login name and 
password. It can handle multiple user groups (each with their own viewing rights), 
store data in a MySQL database or a configuration file, and be used to identify 
your Web site viewers. It also has multiple language support and session support 
for both PHP3 and PHP4. 

Link:
< http://net-security.org/various/software/969753951,18916,.shtml >

----------------------------------------------------------------------------

KILL THE SPAMS V.1.03

>From the developer: "Kill The Spams is anti-spam software using a unique 
algorithm to detect unsolicited emails. If you're tired of unsolicited commercial 
e-mail clogging your inbox, you're not alone. Surveys have proven again and 
again that most Internet users detest it. The main goal is to filter your e-mail 
box without the pain of building complex filters. Unlike other similar products, 
KTS does not need to maintain a list of spammers." 

Link:
< http://net-security.org/various/software/969380297,16138,.shtml >

----------------------------------------------------------------------------

SPAMMOTEL V.1.2

This is a Web-based antispam program that gives you complete control of your 
email address without using filters. SpamMotel lets you attach reminder notes 
each time you give out an email address online, so you'll know exactly when and 
where the spammer got your email address, and then lets you stop spam from 
that sender. This free program works with your existing email account. A small 
downloadable interface makes access easy, and requires no installation on your 
computer. A handy online Log Page lets you view all your SpamMotel activity. 
This program is also useful in organizing your email folders more effectively. 

Link:
< http://net-security.org/various/software/969379780,9260,.shtml >

----------------------------------------------------------------------------

PC DOORS GUARD V.1.0.1.6

PC Doors Guard is a complete anti-Trojan solution for your office and home PCs. 
The program consists of three main utilities, which can provide you with stable 
and reliable protection. A Trojan needs to get through this three-folded barrier 
in order to infect your PC. While online updates keep PC Doors Guard up to date, 
the built-in heuristic analyzer can detect a Trojan without using any virus 
database. The Monitor utility constantly verifies the files you download, get via 
ICQ, or receive by e-mail; the Executor checks any file before it is executed; 
and the Scanner provides you with a virus search engine so that stealth, 
phantom, and worm viruses do not get away. 

Link:
< http://net-security.org/various/software/968808468,3315,.shtml >

----------------------------------------------------------------------------

INTERSCAN WEBPROTECT V2.2

InterScan WebProtect is a real-time virus scanning package that works with 
Microsoft Proxy server. It protects proxy server traffic from computer virus 
infections and malicious JAVA and ActiveX code. It auto-cleans infected files 
transferred via HTTP or FTP. WebProtect has additional security features that 
let you selectively control the type of material that are downloaded from the 
Internet.

Link:
< http://net-security.org/various/software/968808271,26573,.shtml >

----------------------------------------------------------------------------



Defaced archives
------------------------

[18.09.2000] - Sandia National Laboratories
Original: http://samt4831.sandia.gov/
Defaced: http://www.attrition.org/mirror/attrition/2000/09/18/samt4831.sandia.gov/

[18.09.2000] - Idaho State Government
Original: http://www.sapd.state.id.us/
Defaced: http://www.attrition.org/mirror/attrition/2000/09/18/www.sapd.state.id.us/

[18.09.2000] - Gujarat (GOV)
Original: http://mail.gujarat.gov.in/
Defaced: http://www.attrition.org/mirror/attrition/2000/09/18/mail.gujarat.gov.in/

[19.09.2000] - The Temple of Yehwe
Original: http://www.vodou.org/
Defaced: http://www.attrition.org/mirror/attrition/2000/09/19/www.vodou.org/

[20.09.2000] - The Colorado Springs Gazette Telegraph
Original: http://www.appeal-democrat.com/
Defaced: http://www.attrition.org/mirror/attrition/2000/09/20/www.appeal-democrat.com/

[20.09.2000] - The Orange County Register
Original: http://www.freedom.com/
Defaced: http://www.attrition.org/mirror/attrition/2000/09/20/www.freedom.com/

[21.09.2000] - Ministry of Foreign Affairs, Albania
Original: http://www.mfa.gov.al/
Defaced: http://www.attrition.org/mirror/attrition/2000/09/21/www.mfa.gov.al/

[21.09.2000] - Journal des Finances
Original: http://www.jdf.com/
Defaced: http://www.attrition.org/mirror/attrition/2000/09/21/www.jdf.com/

[22.09.2000] - Planet Quake (Germany)
Original: http://www.planetquake.de/
Defaced: http://www.attrition.org/mirror/attrition/2000/09/22/www.planetquake.de/

[22.09.2000] - Sigma Computer Training & Consulting, Inc.
Original: http://www.sigmactc.com/
Defaced: http://www.attrition.org/mirror/attrition/2000/09/22/www.sigmactc.com/

[23.09.2000] - NetAgent
Original: http://www.crack-contest.com/
Defaced: http://www.attrition.org/mirror/attrition/2000/09/23/www.crack-contest.com/

[23.09.2000] - The George Washington University Hospital
Original: http://www.gwhospital.com/
Defaced: http://www.attrition.org/mirror/attrition/2000/09/23/www.gwhospital.com/

[23.09.2000] - National Library of Ireland
Original: http://www.nli.ie/
Defaced: http://www.attrition.org/mirror/attrition/2000/09/23/www.nli.ie/

[0.09.2000] - University of USA
Original: http://www.usa.edu.ph/
Defaced: http://www.attrition.org/mirror/attrition/2000/09/23/www.usa.edu.ph/

----------------------------------------------------------------------------



Questions, contributions, comments or ideas go to:

Help Net Security staff

staff@net-security.org
http://net-security.org



---------------------------------------------------------------------
To unsubscribe, e-mail: news-unsubscribe@net-security.org
For additional commands, e-mail: news-help@net-security.org