ipac is an IP accounting package for Linux which collects, summarizes, and nicely displays IP accounting data. The output of ipac can be a simple ASCII table, an ASCII graph, or even images with graphs showing traffic progression. ipac can be used for IP traffic analysis and for accounting purposes.
a6f62d6aa0e7b07dcb2ab92217170a7b58d4cfcf0f45f323683cdc5a61a31d71
Ethereal is a GTK+-based network protocol analyzer, or sniffer, that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and to give Ethereal features that are missing from closed-source sniffers. Screenshot available here.
05c361000494e7c814b3487515841ea9474cc7e29134d3ebbbf528b150cce3d2
Microsoft Security Bulletin (MS00-081) - Microsoft has released a patch that eliminates a security vulnerability in the Microsoft virtual machine (Microsoft VM) that originally was discussed in Microsoft Security Bulletin MS00-011. Like the original vulnerability, the new variant enables malicious web site operators to read files from the computer of a person who visited his site or read web content from inside an intranet. Microsoft FAQ on this issue available here.
53bcca2df1f42da2a54f88ae83696eb750ff3c84cd952521ddb5b5711ddc32fb
Godmessage 4 Revision 5 is an implementation of Georgi Guninski's recent ActiveX exploit for Internet Explorer which attempts to install a trojan on any machine which views the included HTML.
4169810d4b2ebb4d39ec0d7dcc8a86bacb18f9009719e1fafc944364097eda78
Denial of Service attack against an Intel InBusiness eMail Station. Will send a 630 char buffer to the pop server as argument of a USER command. The little box needs to be "powered off" and -on again.
097d217d961c8d8bf396fe40cca2df3a255ed805abb39c1fe873baf76da9a46a
Ntop is a very useful Unix / Windows network sniffing tool that shows the network usage, similar to what the popular top Unix command does. Has an interactive mode and a web mode for greater functionality and options, shows network traffic sorted according to various criteria, displays traffic statistics, shows IP traffic distribution among the various protocols, analyses IP traffic and sorts it according to the source/destination, displays IP Traffic Subnet matrix (who's talking to who?), reports IP protocol usage sorted by protocol type.
68f68ac1624813bc5785e9933a7196661afd840f0d98d27e7588fb330bf8e72b
Ntop -w v1.2a1 remote stack overflow exploit. Ntop in web mode (-w) contains an overflow when a long filename is requested. Fix available here.
ce04a0904b889efb589dd7afd4461f07739d833d857e3149af3cf2126d26ec8e
Internet Security Systems (ISS) X-Force has discovered a vulnerability in the listener program in Oracle Enterprise Server. It is possible for a remote attacker to gain access to the Oracle owner operating system account and the Oracle database, and to execute code in various operating systems.
56a9846b839261c36ea3bf7d4d00b3a6525142283821baca682d5ef473d0d305
Riven is a CGI scanner which uses RFP anti-IDS tactics, flase browser / referer, and a perl/GTK interface.
019a8748eaa49d241b60bb6fe6e9a2db8eba78d1cebf024f19f604827be4eb21
Patch advisory for Sun Microsystems. Please read for details.
ac5a483433c40d7b7830bdbf1e5be780f67892c00ad1b278e4bacbe27f5f7062
SysWatch is a perl / cgi script that allows you to view current system information, disk utilization, resource utilization all in your web browser.
f574e4230b263c4a6f91e5e6e427e4305fd263cec5bc31fa8c687cd738348f32
Core SDI Advisory CORE-20001023 - The "MySQL Database Engine" uses an authentication scheme designed to prevent the flow of plaintext passwords over the network and the storage of them in plaintext. For that purpose a challenge-response mechanism for authentication has been implemented on all versions of MySQL. The authentication mechanism is not cryptographically strong. Each time a user executes this mechanism, information allowing an attacker to recover this user's password is leaked. Fix available here.
0da0ee191f40700e2b923a6e12d334f1e0e930fd9cb2f89a2bfd92adeafda30e