what you don't know can hurt you
Showing 1 - 23 of 23 RSS Feed

Files Date: 2002-02-19

Posted Feb 19, 2002
Authored by Thomas Linden | Site nabou.org

nabou is a Perl script which can be used to monitor changes to your system. It provides file integrity checking, and can also watch crontabs, suid files and user accounts for changes. It stores all data in standard dbm databases.

Changes: Fixed some major bugs.
tags | tool, perl, intrusion detection
systems | unix
MD5 | 0c60cccfe62bccc9121edfdcd307f2ed
Posted Feb 19, 2002
Authored by Rami Lehti | Site aide.github.io

AIDE (Advanced Intrusion Detection Environment) is a free replacement for Tripwire(tm). It generates a database that can be used to check the integrity of files on server. It uses regular expressions for determining which files get added to the database. You can use several message digest algorithms to ensure that the files have not been tampered with.

Changes: Lots of bugs were fixed! A syslog backend was added. The report format was changed. Lots of parameters were added. ACL support for SunOS 5.x (and compatibles) was added. libgcrypt is now separate and required.
tags | tool, intrusion detection
systems | unix
MD5 | 84b608ccf5051d41a8ccfee87ced5428
Posted Feb 19, 2002
Site sourceforge.net

IP Accounter is an IP accounting package for Linux. It collects, summarizes, and nicely displays IP accounting data. Its output can be a simple ASCII table, or graph images. Ipchains and iptables are supported. Logs are stored in files, gdbm, or even a PostgreSQL database.

Changes: The Ipchains.c inversion flag setup was fixed. Minor changes were made to the Web interface. Fetchipac.c was changed to improve fetching/cache checking speed. Fetchipac.c was changed to correctly operate with monthly payments. Ipacsum was fixed to correctly operate with incorrect or empty timeframes. The PostgreSQL access method was changed to correctly operate with loan/negative cash. Minor fixes were made to Iptables.c.
systems | linux
MD5 | 28cd91725407fe4ee4d06ad8c59f9f9f
Samhain File Integrity Checker
Posted Feb 19, 2002
Authored by Rainer Wichmann | Site samhain.sourceforge.net

Samhain is a file system integrity checker that can be used as a client/server application for centralized monitoring of networked hosts. Databases and configuration files can be stored on the server. In addition to forwarding reports to the log server via authenticated TCP/IP connections, several other logging facilities (e-mail, console, tamper-resistant log file, and syslog) are available. Tested on Linux, AIX 4.1, HP-UX 10.20, Unixware 7.1.0, and Solaris 2.6.

Changes: Fixes a bug that on some machines caused the daemon to abort immediately after startup. Also a bug has been fixed that caused unnecessary device access by erroneously following symlinks to devices.
tags | tool, tcp, intrusion detection
systems | linux, unix, solaris, aix, hpux, unixware
MD5 | c618ffeb8a3066131770171dae1ae4e7
Posted Feb 19, 2002
Site people.ee.ethz.ch

Snort-rep is a Snort reporting tool that can produce text or HTML output from a syslog snort log file. It is intended to be used for daily e-mail reports to the system administrators. If snort v1.8+ is used, all reports contain priority information, and the HTML output contains direct links to the IDS descriptions of whitehats.com.

Changes: The syslog parser was updated - This version is compatible with snort 1.8.3.
tags | tool, sniffer
MD5 | 73e746580d3225a2f577b5b7da27a32a
Posted Feb 19, 2002
Authored by Bjarni R. Einarsson | Site mailtools.anomy.net

The Anomy mail sanitizer is a filter designed to block email-based attacks such as trojans and viruses. It reads an RFC822 or MIME message and removes or renames attachments, truncate unusually long MIME header fields and sanitizes HTML by disabling Javascript and Java. It uses a single-pass pure Perl MIME parser, which can make it both more efficient and more precise than other similar programs and has built-in support for third-party virus scanners.

Changes: Includes workarounds for problems regarding how Outlook detects uuencoded attachments, protection against the Outlook "hidden attachment" exploit (caused by carriage returns in message headers), a few other bugfixes, and a more powerful attachment policy language. The HTML cleanup module is available as a seperate package for users and developers of other security tools.
tags | trojan, perl, javascript, virus
systems | unix
MD5 | 526c1b5cd1a63e22e4a0145c2b4e3466
Posted Feb 19, 2002
Authored by Tomas Junnonen | Site firestarter.sourceforge.net

The goal of FireStarter is to provide an easy to use, yet powerful, GUI tool for setting up, administrating and monitoring firewalls for Linux machines. FireStarter is made for the GNOME desktop. It can actively monitor your firewall and list any unauthorized connection attempts made to your machine in a readable table format.

Changes: Port forwarding fixes, script backups (when upgrading), translation updates, and misc. fixes.
tags | tool, firewall
systems | linux
MD5 | 80e101dc3b5d8ba0f539e26d08ef829d
Posted Feb 19, 2002
Authored by Dianne Skoll | Site roaringpenguin.com

MIME Defanger is a flexible MIME e-mail scanner designed to protect Windows clients from viruses and other harmful executables. It works with Sendmail 8.11 / 8.12 and will alter or delete various parts of a MIME message according to a flexible configuration file.

Changes: Embedded CRs in mail headers are now properly handled. Emulating the Outlook bug turns out to be the wrong thing to do - version 2.5 handles malformed mail headers much better.
systems | windows, unix
MD5 | f3f8f0b81f1c116e3c811b97da08f55e
Posted Feb 19, 2002
Authored by Marcos A. Ferreira Jr. | Site aristelecom.com.br

Outlook Web Access v5.5 SP4 and below contains a vulnerability which allows remote users to view files in the directory /lib. Several files can be viewed.

tags | remote, web
MD5 | e286965a9f9784f4ce96810b83dc804d
Posted Feb 19, 2002
Authored by Alex Hernandez

The Phusion Webserver v1.0 for Windows 9x/NT/2000 contains three remote vulnerabilities which allow users to see and retrieve any file on the server. Exploit information included.

tags | exploit, remote, vulnerability
systems | windows, 9x
MD5 | b4e2fc8e7e9cdd04853f63e4c5e9440c
Posted Feb 19, 2002
Authored by Mike Ellison | Site tek.net

Win32 port of RATS v1.3, a security auditing utility for C, C++, Python, Perl and PHP code. Source available on homepage. Added recursive directory scanning while porting.

tags | perl, php, python
systems | windows
MD5 | aa56b17993d81363b6bc8da6e28157e0
Posted Feb 19, 2002

Microsoft Security Advisory MS02-006 - A buffer overrun is present in all implementations of Microsoft SNMP services. Sending a malformed management request to a system running an affected version of the SNMP service, an attacker can execute code of his choice in the LocalSystem context or cause denial of service. A patch is under development to eliminate the vulnerability. In the meantime, Microsoft recommends that customers who use the SNMP service disable it. Microsoft FAQ on this issue available here.

tags | denial of service, overflow
MD5 | c520e1feae7da96d7ddfb6a9f37a72de
Posted Feb 19, 2002

Microsoft Security Advisory MS02-005 - A cumulative patch for IE 5.01, 5.5, and 6.0 is available which fixes six security vulnerabilities. Several of them are very serious. Microsoft FAQ on this issue available here.

tags | vulnerability
MD5 | 483dcd8b4143066b114cce577671f610
Posted Feb 19, 2002

Patch against samba 2.2.2 which allows mounting of unpatched win 9x+me machines without knowing the password. There is an option to retrieve the password very quickly too, and another to switch between the two password if both read only and read-write ones are presents.

tags | patch
systems | unix
MD5 | d4841e3c82684808b62748164d5a737d
Posted Feb 19, 2002
Authored by Mixter | Site 1337.tsx.org

NSAT (Network Security Analysis Tool) is a fast, stable bulk security scanner designed to audit remote network services and check for versions, security problems, gather information about the servers and the machine and much more. Unlike many other auditing tools, it can collect information about services independently of vulnerabilities, which makes it "timeless", meaning it doesn't depend on frequent updates as new vulnerabilities are found.

Changes: Added better remote OS detection (xprobe), added support for separate directory logging, greatly enhanced reliability when scanning firewalled or unresponsive hosts.
tags | tool, remote, scanner, vulnerability
systems | unix
MD5 | 755829bbb0427fdbc134d225577b6a17
Posted Feb 19, 2002
Authored by Robin Keir | Site foundstone.com

SNScan v1.04 is a Windows GUI SNMP detection utility that can quickly and accurately identify SNMP enabled devices on a network. This utility can effectively indicate devices that are potentially vulnerable to SNMP related security threats. SNScan allows for the scanning of SNMP specific ports (e.g. UDP 161, 193, 391 and 1993) and the use of standard (i.e. "public") and non-standard (i.e. user-defined) SNMP community names. User defined community names may be used to more effectively evaluate the presence of SNMP enabled devices in more complex networks.

tags | udp
systems | windows
MD5 | 15a77747bf2146c15440d721f35fca0f
Posted Feb 19, 2002
Authored by Efrain Torres | Site pwp.007mundo.com

Wmap v1.2 is a cgi scanner that attempts to be smarter than most. To increase the chance of finding useful stuff, wmap has a file containing interesting Directories (dirs.db) and other file containing common cgi dirs (dircgis.db) to search for. If a directory is found is added to the test. This include all the directories that are found in the html tags. For each directory found, not only scans for vulnerable CGI's (cgis.db) it scan for interesting files (ex. passwords.tmp) included in the file (file.db) and does an http PUT scan.

tags | web, cgi
systems | unix
MD5 | db909b7bb866f015d9152671a46a299f
Posted Feb 19, 2002
Authored by uid0x00

Avirt Gateway 4.2 remote exploit.

tags | exploit, remote
MD5 | 2cb24144b917c29d940aec3a793ce033
Posted Feb 19, 2002
Authored by FJ Serna | Site ngsec.com

Ettercap v0.6.3.1 and below advisory and remote root exploit against Linux. Due to improper use of the memcpy() function, anyone can crash ettercap and execute code as root user.

tags | exploit, remote, root
systems | linux
MD5 | 0c82da692b29ca1a658346fc4f68b5c5
Posted Feb 19, 2002
Authored by Joe Wulf

Zlister is a UNIX system administration tool designed to provide comprehensive filesystem management. The complete filesystem is listed, compressed, diff'd with the previous set and stored for reference. Time-saving tool, designed to quickly list the details of any file/directory, or of any pattern searched for. Provides comprehensive tool for filesystem searching. Supported with copious documentation. Tested on Solaris, HP/UX, and Linux.

systems | linux, unix, solaris, hpux
MD5 | f05c8dea1ae3f6d406a71cc3acf31fdb
Posted Feb 19, 2002
Authored by jaguar

This is a kernel patch to prevent stealth, fin, and rst scans. Also slows down the tcp connect scan. Tested on debian potato running 2.4.16. Tested with nmap and queso - Changes OS fingerprint.

tags | kernel, tcp, patch
systems | linux, unix, debian
MD5 | 7664c535e3f8bccb107a2265b76d9b52
Posted Feb 19, 2002
Authored by Valgasu | Site securiteinfo.com

Domino Hash Breaker v1.0 is a tool that tries to guess a Lotus Domino HTTP password from his hash and a dictionary file. It needs Lotus Notes R5 client installation and nnotes.dll.

tags | web, cracker
MD5 | 3fc1b927247ecf20d8e933aca448c976
Posted Feb 19, 2002
Authored by Alberto Ornaghi, Marco Valleri | Site ettercap.sourceforge.net

Ettercap is a network sniffer/interceptor/logger for switched LANs. It uses ARP poisoning and the man-in-the-middle technique to sniff all the connections between two hosts. Features character injection in an established connection - you can inject characters to server (emulating commands) or to client (emulating replies) while maintaining an established TCP connection! Integrated into a easy-to-use and powerful ncurses interface.

tags | tool, sniffer, tcp
MD5 | 7c5449f488deb177c91b99af8687ef03
Page 1 of 1

File Archive:

July 2021

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    13 Files
  • 2
    Jul 2nd
    12 Files
  • 3
    Jul 3rd
    1 Files
  • 4
    Jul 4th
    2 Files
  • 5
    Jul 5th
    34 Files
  • 6
    Jul 6th
    21 Files
  • 7
    Jul 7th
    21 Files
  • 8
    Jul 8th
    13 Files
  • 9
    Jul 9th
    6 Files
  • 10
    Jul 10th
    1 Files
  • 11
    Jul 11th
    3 Files
  • 12
    Jul 12th
    15 Files
  • 13
    Jul 13th
    19 Files
  • 14
    Jul 14th
    15 Files
  • 15
    Jul 15th
    15 Files
  • 16
    Jul 16th
    9 Files
  • 17
    Jul 17th
    2 Files
  • 18
    Jul 18th
    2 Files
  • 19
    Jul 19th
    19 Files
  • 20
    Jul 20th
    21 Files
  • 21
    Jul 21st
    53 Files
  • 22
    Jul 22nd
    14 Files
  • 23
    Jul 23rd
    14 Files
  • 24
    Jul 24th
    1 Files
  • 25
    Jul 25th
    1 Files
  • 26
    Jul 26th
    21 Files
  • 27
    Jul 27th
    8 Files
  • 28
    Jul 28th
    9 Files
  • 29
    Jul 29th
    12 Files
  • 30
    Jul 30th
    9 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags


packet storm

© 2020 Packet Storm. All rights reserved.

Security Services
Hosting By