exploit the possibilities
Showing 1 - 22 of 22 RSS Feed

Files Date: 2001-04-22

ms01-022
Posted Apr 22, 2001

Microsoft Security Advisory MS01-022 - The Microsoft Data Access Component Internet Publishing Provider provides access to WebDAV resources over the Internet. It contains an implementation flaw causing it to handle all requests in the security context of the user. As a result, if a user browsed to a web page or opened an HTML e-mail that contained script, that script could access web-based resources as the user. It is likely that at a minimum, the attacker could browse the user's intranet, and access web-based e-mail as well. Microsoft FAQ on this issue available here.

tags | web
MD5 | 3a090ba36db07de8eb1a11d8d9d09077
icqrin14.zip
Posted Apr 22, 2001
Authored by Moritz Bartl | Site headstrong.de

ICQr Information v1.4 reads out ICQ Database (DAT) files including personal data such as passwords and deletec contacts. ICQ versions 99a, 99b and 2000a/b are supported.

Changes: Drag and Drop support, several bugfixes.
MD5 | fbc4699711247552700109f53f4d5341
debian.cfingerd.txt
Posted Apr 22, 2001
Site debian.org

Debian Security Advisory DSA-048-1 - Cfingerd v1.4.1 and below contains a remote root vulnerability in the logging code. When combining this with an off-by-one error in the code that copied the username from an ident response cfingerd could exploited by a remote user.

tags | remote, root
systems | linux, debian
MD5 | d0594c2c0c58fed4871dfee1cb2ae0b2
crank-0.1.3.tar.gz
Posted Apr 22, 2001
Site crank.sourceforge.net

Crank is short for "CRyptANalysis toolKit", and its overall purpose is to provide a powerful and extensible GUI environment for solving classical (pen-and-paper) ciphers, providing as much automation as possible. Initial focus is on the cryptanalysis of monoalphabetic substitution ciphers. Screenshot here.

Changes: Includes easier plugins, added transposition.grid-controls added (rectangular grid transposition ciphers) and steganalysis.word-gaps added (hidden cipher breaker).
tags | encryption
MD5 | a4ab2ac35b326c97f78f6b7abdb7249b
zorp-0.8.3.tar.gz
Posted Apr 22, 2001
Authored by Balazs Scheidler | Site balabit.hu

Zorp is a new-generation modular proxy firewall suite to fine tune proxy decisions with its built in script language, fully analyze complex protocols (like SSH with several forwarded TCP connections), and utilize out of band authentication techniques (unlike common practices where proxy authentication had to be hacked into the protocol).

Changes: Fixed a segfault in the FTP module, and fixed some bugs in the core module including umbrella zone support, zorpctl now takes care of stale pidfiles, experimental support for Linux 2.4 netfilter.
tags | tool, tcp, firewall, protocol
systems | unix
MD5 | f82c5615a65e0a9f3cc82745e34ebf02
portfwd-0.19.tar.gz
Posted Apr 22, 2001
Authored by Everton da Silva Marques | Site nucleo.freeservers.com

Portfwd is a small C++ utility which forwards incoming TCP connections and/or UDP packets to remote hosts. Multiple forwarders can be specified in a flexible configuration file. There is support for FTP forwarding.

Changes: Some problems preventing compilation on RedHat 7.0 have been fixed. Support for GNU Autoconf/Automake has been improved.
tags | remote, udp, tcp
systems | unix
MD5 | 2ed3a11273c2638118229b1846adab9b
outguess-0.2.tar.gz
Posted Apr 22, 2001
Site outguess.org

Preserves statistical properties of the cover medium, no known statistical tests can detect steganographic content. Determines the size of a message that can be hidden safely. Uses more DCT coefficients in the JPEG format. OutGuess 0.2 is not backwards compatible with OutGuess 0.13b. Please upgrade to OutGuess 0.2.

tags | encryption, steganography
MD5 | 321f23dc0badaba4350fa66b59829064
stegdetect-0.1.tar.gz
Posted Apr 22, 2001
Site outguess.org

Stegdetect is an automated tool for detecting steganographic content in images which is capable of detecting several different steganographic methods to embed hidden information in JPEG images. Currently, the detectable schemes are jsteg, jphide, and outguess 01.3b.

tags | encryption, steganography
MD5 | 644f0c7e7c6629d945956b42dfcae07a
snoopy.pl
Posted Apr 22, 2001

snoopy.pl is a simple SNMP scanner written in PERL, and making use of the Net::SNMP module. It will scan a list of hosts, and report the system id back if a valid community string is found.

tags | tool, scanner, perl
systems | unix
MD5 | 5985c211bfa07ced6d1cf927b9a8a867
corkscrew-1.4.tar.gz
Posted Apr 22, 2001
Site agroman.net

corkscrew is a small program for tunneling SSH through HTTP proxies. It features easy configuration and support for several Unix variants.

Changes: Fixed bug causing corkscrew not to run on Solaris and HPUX.
tags | web
systems | unix
MD5 | 948d1c97029011f78e034a55feef9a58
SING-1.1.tar.gz
Posted Apr 22, 2001
Authored by Andres Alfredo | Site s21sec.com

SING, or "Send ICMP Nasty Garbage.", is a tool that sends ICMP packets fully customized from the command line. Its main purpose is to replace and complement the ping command, adding certain enhancements as fragmentation, sending and receiving spoofed packets, sending many ICMP information types (echo as the old ping, address mask, timestamp, and router discovery) and errors (redirect, unreach, and time exceeded); and send monster packets. It also supports loose and strict source routing and record routing.

Changes: Added MAC spoofing support and a better timestamp reply. Libnet included in distribution. Parser totally recoded. Better remote OS fingerprinting. Solaris 2.8 support. Fixed wrong ICMP checksum sending Router Solicitation and Router Advertisement packets. Added support for platforms with many, many, *MANY* network interfaces.
tags | tool, spoof
systems | unix
MD5 | f9f649c4b40174a983601d46e4a3daac
fwmon-1.0.4.tar.gz
Posted Apr 22, 2001
Site sourceforge.net

fwmon is a firewall monitor for Linux which integrates with ipchains to give you realtime notification of firewall events. It has fairly customizable output, allowing you to display a packet summary, hex, and ascii data dumps to stdout, a logfile, or tcpdump-style capture files. It also boasts some simple security features such as the ability to chroot itself, and does not need to run as root.

Changes: Lots of new documentation was added, including a man page. A few bugfixes were made. Documentation on using fwmon with iptables was also added.
tags | tool, root, firewall
systems | linux
MD5 | a65d47eec7d0f3639411fbb714657b11
syslog-fifo-0.01.tgz
Posted Apr 22, 2001
Site sourceforge.net

syslog-fifo reads syslog messages from a fifo pipe, files them according to type, date, machine et,c and alerts users if 'regex' patterns are matched. It is very useful for large sites with central syslog servers.

tags | system logging
systems | unix
MD5 | b14cda46f5d2c67fb93dbd8d7a74ceeb
Samhain File Integrity Checker
Posted Apr 22, 2001
Authored by Rainer Wichmann | Site samhain.sourceforge.net

Samhain (stable branch) is a file system integrity checker that can be used as a client/server application for centralized monitoring of networked hosts. Databases and configuration files can be stored on the server. In addition to forwarding reports to the log server via authenticated TCP/IP connections, several other logging facilities (e-mail, console, tamper-resistant log file, and syslog) are available. Tested on Linux, AIX 4.1, HP-UX 10.20, Unixware 7.1.0, and Solaris 2.6. The stable version does not support all features that are mentioned in the summary. Client/Server communication is not encrypted, and wildcard patterns for filenames are not supported.

Changes: Verifying the integrity of the log file has become more convenient, alignment for the memory profiling code has been fixed to make it work on Solaris, and some bugs have been fixed.
tags | tool, tcp, intrusion detection
systems | linux, unix, solaris, aix, hpux, unixware
MD5 | 2f79c307ef2985364139a431b22c50ae
Samhain File Integrity Checker
Posted Apr 22, 2001
Authored by Rainer Wichmann | Site samhain.sourceforge.net

Samhain (development branch) is a file system integrity checker that can be used as a client/server application for centralized monitoring of networked hosts. Databases and configuration files can be stored on the server. In addition to forwarding reports to the log server via authenticated TCP/IP connections, several other logging facilities (e-mail, console, tamper-resistant log file, and syslog) are available. Tested on Linux, AIX 4.1, HP-UX 10.20, Unixware 7.1.0, and Solaris 2.6. The devel version has more advanced features, but not all options are thoroughly tested yet.

Changes: Verifying the integrity of the log file has become more convenient, alignment for the memory profiling code has been fixed to make it work on Solaris, and some bugs have been fixed.
tags | tool, tcp, intrusion detection
systems | linux, unix, solaris, aix, hpux, unixware
MD5 | cd0b2a8e0aa6f45da3c27c431ad1269d
dynfw-1.0.tar.gz
Posted Apr 22, 2001
Site gentoo.org

dynfw is a collection of robust bash scripts that automate common iptables firewall-related tasks, such as blocking hosts, ratelimiting access to services, ratelimiting specific hosts, preventing a user on the system from generating any network data, and more. These scripts have been designed to work with virtually any type of iptables-based Linux firewall. All tools record the IP/UIDs currently blocked/limited to allow for easy rule modification.

tags | tool, firewall, bash
systems | linux
MD5 | 0908184e44ae48ae26c6821f37e6ad58
ipa-1.1.2.tar.gz
Posted Apr 22, 2001
Site simon.org.ua

IPA is highly configurable IP accounting software for Free and Open BSD. It allows to make IP accounting based on IP Firewall and/or IP Filter accounting rules. In most cases IP Accounting Daemon is run on public servers, software routers, etc. It uses powerful IP Firewall and/or IP Filter accounting rules and based on its configuration allows to escape from writing scripts to manage network accounting.

Changes: ipastat(8) now has a better understanding of incomplete queries in the -i or -I option.
systems | unix, bsd
MD5 | d96912c82ba6470fd092fe6eeef83ca3
saint-3.1.4.tar.gz
Posted Apr 22, 2001
Authored by Sam Kline | Site wwdsi.com

SAINT (Security Administrator's Integrated Network Tool) is an updated version of SATAN, designed to assess the remote security of computer networks. Features include scanning through a firewall, frequently updated security checks, 4 levels of vulnerability severity, and a feature rich HTML interface.

Changes: Version 3.1.4 was released to the public April 22 - 3 months after it was released to paying customers. Added checking for the Linux Ramen worm, a fix for a false alarm bug affecting Linux 2.4, checking for buffer overflow in Lotus Notes Policy feature, checking for Netscape INDEX request vulnerability, checking for vulnerabilities in icecast, statsconfig.pl, and wwwwais, and an updated Compaq Insight Manager check to detect new buffer overflow vulnerability.
tags | tool, remote, scanner
systems | unix
MD5 | 548b2751ca352e29d161edfe89e2d416
transconnect-0.3-beta.tar.gz
Posted Apr 22, 2001
Site transconnect.sourceforge.net

TransConnect is an implementation of function interposing to allow users behind an HTTP proxy (which allows https) to use networking applications like telnet, ssh, fetchmail, irc, whois, etc. as if they were directly connected to the Internet.

Changes: Support for FreeBSD, NetBSD, OpenBSD, and SunOS in addition to Linux. Testing was done on Linux, SunOS 5.7, and FreeBSD.
tags | web
MD5 | aaa42c4eb1900aa8c5c3f569e2a3d4aa
attackwatch-0.0.1.tgz
Posted Apr 22, 2001

Attackwatch is intended to enhance the security of small private networks that are already protected by a restrictively configured firewall but which still have a few ports open. Attackwatch will analyze the firewall output in near-realtime and will run scripts in response to incoming packets that got logged.

tags | tool, intrusion detection
systems | unix
MD5 | ec92a6f2524a4b294d6cf9f451278d66
cheops-ng-0.1.4.tgz
Posted Apr 22, 2001
Site cheops-ng.sourceforge.net

Cheops-ng is a graphical network management tool for mapping and monitoring your network. It has host/network discovery functionality, OS detection, and it also does a port scan of each computer to tell what services are running, so you can use or administer them.

tags | tool, scanner
systems | unix
MD5 | 525d0f5ae8ff0b120c64707cbe37f444
if-1.4.9b.tar.gz
Posted Apr 22, 2001
Site karynova.com

Iridium Firewall is a very strong ipchains-based firewall with support for 21+ network services (including DHCP, NFS, SMB, HTTP, FTP, Telnet, etc.), masquerading, online gaming, multicasting, TOS flags, and specific port and IP blocking. Protections include twelve different types of IP spoofing, stuffed routing/masquerading, DoS, smurf attacks, control of the full range of ICMP datagrams, and many more. The script is configured completely through the use of a configuration file; no code hacking is required, but it is written so that users that know what they are doing can easily configure the script themselves. Iridium Firewall is heavily commented with instructions and explanations on various topics.

tags | tool, web, spoof, firewall
systems | linux
MD5 | 286ba32bffe4c9411fb7c4d0b92363aa
Page 1 of 1
Back1Next

File Archive:

July 2021

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    13 Files
  • 2
    Jul 2nd
    12 Files
  • 3
    Jul 3rd
    1 Files
  • 4
    Jul 4th
    2 Files
  • 5
    Jul 5th
    34 Files
  • 6
    Jul 6th
    21 Files
  • 7
    Jul 7th
    21 Files
  • 8
    Jul 8th
    13 Files
  • 9
    Jul 9th
    6 Files
  • 10
    Jul 10th
    1 Files
  • 11
    Jul 11th
    3 Files
  • 12
    Jul 12th
    15 Files
  • 13
    Jul 13th
    19 Files
  • 14
    Jul 14th
    15 Files
  • 15
    Jul 15th
    15 Files
  • 16
    Jul 16th
    9 Files
  • 17
    Jul 17th
    2 Files
  • 18
    Jul 18th
    2 Files
  • 19
    Jul 19th
    19 Files
  • 20
    Jul 20th
    21 Files
  • 21
    Jul 21st
    53 Files
  • 22
    Jul 22nd
    14 Files
  • 23
    Jul 23rd
    14 Files
  • 24
    Jul 24th
    1 Files
  • 25
    Jul 25th
    1 Files
  • 26
    Jul 26th
    21 Files
  • 27
    Jul 27th
    8 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close