what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 11 of 11 RSS Feed

Files Date: 2002-03-08

Posted Mar 8, 2002
Authored by Zenomorph | Site cgisecurity.com

Fingerprinting Port 80 Attacks - A look into web server, and web application attack signatures, Part Two. Includes fingerprints, advanced fingerprints, cross site scripting examples, modified headers, more encoding, webserver codes and logging, and more.

tags | paper, web, xss
SHA-256 | d97f5503f10321059cd43269ac5f60529aabdbc377241beee4a5c1b65a186534
Posted Mar 8, 2002
Authored by Neil Desai | Site snort.org

Increasing Performance in High Speed NIDS is a paper discussing a number of methods to increase performance in Snort and also NIDS in general. Discusses bottlenecks that Snort has, a brief history of snort pattern matching, and the work that Silicon Defense did with Aho-Corasick_Boyer-Moore, discussing the differences between network grep and protocol analysis.

tags | paper, protocol
SHA-256 | 337737f0c2eeefdc2058b99a8043d983e504f5cd46712753df479953689227e6
Posted Mar 8, 2002
Authored by Hank Leininger | Site TheAIMSGroup.com

HAP-Linux is a collection of security related patches which are designed to be applied after Solar Designers Openwall patches are installed. Changes include some extra information in the printks, and the ability to allow hard links to files you don't own which are in your group, and the ability to follow links & pipes in +t directories if they are not world-writable. This is useful for getting various daemons to run chrooted as a non-root user, and some secure drop- directory stuff.

Changes: Includes Solar Designer's Openwall 2.2.20-ow2, fixing a Linux kernel vulnerability that allows users to kill any process. There are also fixes to the capabilities dropping of chroot(2). The cap_to_mask stuff was biffed, and now actually works.
tags | root, patch
systems | linux, unix
SHA-256 | 552dd35b52705c6f4314d2fbacd357c66afb6fdeeaacea6b3e9985d2b2b25b81
Posted Mar 8, 2002
Site sourceforge.net

RSTunnel (Reliable SSH Tunnel) allows you to tunnel through data between two networks in a secure and encrypted tunnel. It uses SSH to connect the two machines. This will setup a tunnel for you, and make sure that it's constantly running.

tags | encryption
SHA-256 | 664cc131289c8e42c28c00f231c24b43fc2c55c29b427ad43306af3ccb6f6f63
Posted Mar 8, 2002
Site cyclic.sourceforge.net

Bubblegum is a daemon written in C which watches a file's access, modification, and inode change times, logging the changes. It can run an external command, read files from a filelist, and more.

Changes: A fix for a Linux compile problem, syslogd support, and a couple of other bugfixes.
tags | tool, intrusion detection
systems | unix
SHA-256 | 5c7e9df2bb329004b551a8c035de176728b73494dc8b559eafe3ccef9cc05c2d
Posted Mar 8, 2002
Authored by Paul L Daniels | Site inflex.co.za

Inflex is an email scanner which encapsulates your existing sendmail server setup. It scans both incoming and outgoing email and it does not alter your current /etc/sendmail.cf file. It can scan for email viruses, unwanted file types (eg. EXE, BMP, MPEG) and file names (eg. prettypark.exe). It can also be used to scan for text snippets within emails.

Changes: The filename-blocking regex was corrected. ripMIME was updated.
systems | unix
SHA-256 | 081157339b10c1e6e2d4fcbcf3f668f6641cd25e850ce885b40c31d5bbad5b2f
Posted Mar 8, 2002
Site cipherdyne.com

Port Scan Attack Detector (psad) is a perl program that is designed to work with Linux firewalling code (iptables in the 2.4.x kernels, and ipchains in the 2.2.x kernels) to detect port scans. It features a set of highly configurable danger thresholds (with sensible defaults provided), verbose alert messages that include the source, destination, scanned port range, begin and end times, TCP flags and corresponding nmap options (Linux 2.4.x kernels only), email alerting, and automatic blocking of offending IP addresses via dynamic configuration of ipchains/iptables firewall rulesets. In addition, for the 2.4.x kernels psad incorporates many of the TCP signatures included in Snort to detect highly suspect scans for various backdoor programs (e.g. EvilFTP, GirlFriend, SubSeven), DDoS tools (mstream, shaft), and advanced port scans (syn, fin, Xmas) which are easily leveraged against a machine via nmap.

Changes: Compatible with more linux distributions now. The running time was added to --Status output. Support for "use strict" was added. Various small bugfixes and cleanups were made.
tags | kernel, perl, tcp
systems | linux
SHA-256 | f4e767a6110c60ff573cdd77614f19988e581e8cdcc0da5e04b0ec1d35e4ef7d
Posted Mar 8, 2002
Authored by Vacuum | Site winfingerprint.sourceforge.net

Winfingerprint v0.4.2 - Advanced remote windows OS detection. Current Features: Determine OS using SMB Queries, PDC (Primary Domain Controller), BDC (Backup Domain Controller), NT member server, NT Workstation, SQLServer, Novell Netware Server, Windows for Workgroups, Windows 9X, Enumerate Servers, Enumerate Shares including Administrative ($), Enumerate Global Groups, Enumerate Users, Displays Active Services, Ability to Scan Network Neighborhood, Ability to establish NULL IPC$ session with host, Ability to Query Registry (currently determines Service Pack Level & Applied Hotfixes. Runs on Windows NT and 2000.

tags | remote, registry
systems | windows
SHA-256 | 576b985dc188d8e02c684991d4af845233d5774a13faea6d889c42aa68b44b4d
Posted Mar 8, 2002
Authored by Alex Hernandez

The Xerver Free Web Server v2.10 contains file disclosure and denial of service vulnerabilities. Platforms affected include Windows, Linux, BSD, Solaris, and Mac. Exploits included.

tags | exploit, web, denial of service, vulnerability
systems | linux, windows, solaris, bsd
SHA-256 | 38182b4e729c84958d0fc82d0597349a14e9eea6c1efb3b69df525ff368496eb
Posted Mar 8, 2002

Microsoft Security Advisory MS02-014 - A buffer overflow in the windows shell can be used by attackers to execute arbitrary code if certain applications have been installed and then uninstalled. Microsoft FAQ on this issue available here.

tags | overflow, arbitrary, shell
systems | windows
SHA-256 | 62bbeae6144ce2eecc3e2b3ca85ce87e3776b2322efcd1485d5ca7be8d4d9f71
FreeBSD Security Advisory 2002.13
Posted Mar 8, 2002
Authored by The FreeBSD Project | Site freebsd.org

FreeBSD Security Advisory FreeBSD-SA-02:13 - OpenSSH v2.0 through v3.0.2p1 contains an exploitable off by one error which allows a authenticated users to run code on the server as root. A malicious server may be able to cause a connecting ssh client to execute arbitrary code with the privileges of the client user.

tags | arbitrary, root
systems | freebsd
SHA-256 | 6e00a15a25f7c776b080a9774af5d1a759451941a7cc0974c0c1dd73246b699c
Page 1 of 1

File Archive:

June 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jun 1st
    19 Files
  • 2
    Jun 2nd
    16 Files
  • 3
    Jun 3rd
    28 Files
  • 4
    Jun 4th
    0 Files
  • 5
    Jun 5th
    0 Files
  • 6
    Jun 6th
    19 Files
  • 7
    Jun 7th
    23 Files
  • 8
    Jun 8th
    11 Files
  • 9
    Jun 9th
    10 Files
  • 10
    Jun 10th
    4 Files
  • 11
    Jun 11th
    0 Files
  • 12
    Jun 12th
    0 Files
  • 13
    Jun 13th
    0 Files
  • 14
    Jun 14th
    0 Files
  • 15
    Jun 15th
    0 Files
  • 16
    Jun 16th
    0 Files
  • 17
    Jun 17th
    0 Files
  • 18
    Jun 18th
    0 Files
  • 19
    Jun 19th
    27 Files
  • 20
    Jun 20th
    65 Files
  • 21
    Jun 21st
    10 Files
  • 22
    Jun 22nd
    8 Files
  • 23
    Jun 23rd
    6 Files
  • 24
    Jun 24th
    6 Files
  • 25
    Jun 25th
    0 Files
  • 26
    Jun 26th
    0 Files
  • 27
    Jun 27th
    15 Files
  • 28
    Jun 28th
    0 Files
  • 29
    Jun 29th
    0 Files
  • 30
    Jun 30th
    0 Files

Top Authors In Last 30 Days

File Tags


packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By