what you don't know can hurt you
Showing 1 - 13 of 13 RSS Feed

Files Date: 2003-12-03

Posted Dec 3, 2003
Site midas-nms.sourceforge.net

MIDAS NMS is a configurable web based network monitoring and network intrusion detection server. It uses a distributed client/server model that allows it to scale to very large networks, and features highly optimized Snort support that dramatically reduces the overhead of both the Snort Sensor and the alert data repository. Also supports Netsaint/Nagios plugins and Big Brother clients, allowing for easy migration.

Changes: Web interface was completely rewritten and much improved. The requirement of rrdtool was removed. Internal SQL tables and PHP functions are now used to produce graphs. Several major and minor bugs were fixed.
tags | tool, web, sniffer
MD5 | c265b80334ede224859114141ae605c3
Firewall Builder With GUI
Posted Dec 3, 2003
Site fwbuilder.org

Firewall Builder consists of object-oriented GUI and set of policy compilers for various firewall platforms. In Firewall Builder, firewall policy is a set of rules, each rule consists of abstract objects which represent real network objects and services (hosts, routers, firewalls, networks, protocols). Firewall Builder helps user maintain database of objects and allows policy editing using simple drag-and-drop operations. Firewall Builder can be used to manage firewalls built on variety of platforms including, but not limited to, Linux running iptables and FreeBSD or Solaris running ipfilter.

tags | tool, firewall, protocol
systems | linux, solaris, freebsd
MD5 | c0c86c5d0a2f6eeff388c66d49c63463
Posted Dec 3, 2003
Authored by Andreas Oestling | Site nitzer.dhs.org

Oinkmaster is simple Perl script released under the BSD license to help update and manage Snort 2.0+ rules and to comment out the unwanted ones after each update. It will report what has changed since the last update, offering good change control.

Changes: Bug fixes.
tags | tool, perl, sniffer
systems | bsd
MD5 | 8ed30c07f2ef5c977e1201a014bf9c5c
Posted Dec 3, 2003
Site cipherdyne.org

Port Scan Attack Detector (psad) is a collection of four lightweight daemons written in Perl and C that are designed to work with Linux firewalling code (iptables and ipchains) to detect port scans. It features a set of highly configurable danger thresholds (with sensible defaults provided), verbose alert messages that include the source, destination, scanned port range, begin and end times, TCP flags and corresponding nmap options, email alerting, and automatic blocking of offending IP addresses via dynamic configuration of ipchains/iptables firewall rulesets. In addition, for the 2.4.x kernels psad incorporates many of the TCP, UDP, and ICMP signatures included in Snort to detect highly suspect scans for various backdoor programs (e.g. EvilFTP, GirlFriend, SubSeven), DDoS tools (mstream, shaft), and advanced port scans (syn, fin, Xmas) which are easily leveraged against a machine via nmap. Psad also uses packet TTL, IP id, TOS, and TCP window sizes to passively fingerprint the remote operating system from which scans originate. Changelog available here.

tags | remote, kernel, udp, perl, tcp
systems | linux
MD5 | 814ebd8147ea46e668e8f64fdd92657d
Posted Dec 3, 2003
Authored by Luigi Auriemma | Site aluigi.altervista.org

The Surfboard webserver v1.1.8 and below contains remote directory traversal and denial of service vulnerabilities. Exploit URLs and a patch included.

tags | exploit, remote, denial of service, vulnerability
MD5 | e9e9f373b1b53affd3965a21178e5ba3
Posted Dec 3, 2003
Authored by William Robertson | Site cs.ucsb.edu

Glibc heap protection patch for Glibc v2.3.2 - Uses the canary method to detect and block heap overflows. Note that this will not stop attacks against the GOT or PLT. An analysis of the performance and detection capabilities of this patch is available here.

tags | overflow
systems | unix
MD5 | 27859a74907e6b8569c14f94edcd07f2
Posted Dec 3, 2003
Authored by Christophe Devine

Linux kernel v2.4.22 and below do_brk() proof of concept exploit written in ASM which tests for the vulnerability, rebooting your system if it is found. Requires nasm greater than v0.98.36, tested with nasm 0.98.38.

tags | exploit, kernel, proof of concept
systems | linux
MD5 | 38e4261798444f0cd584107388e6c96e
Posted Dec 3, 2003
Authored by Paul Szabo

Remote exploit for Eudora 6.0.1's (on Windows) LaunchProtect feature, which warns the user before running executable attachments. Unfortunately this only works in the attach folder; using spoofed attachments, executables stored elsewhere may run without warning.

tags | exploit, remote, spoof
systems | windows
MD5 | 9a3e27e8c64d0481380bbcf5c7ea965f
Posted Dec 3, 2003
Authored by van Hauser, thc | Site thc.org

THC-Hydra is a high quality parallelized login hacker for Samba, Smbnt, Cisco AAA, FTP, POP3, IMAP, Telnet, HTTP Auth, LDAP, NNTP, MySQL, VNC, ICQ, Socks5, PCNFS, Cisco and more. Includes SSL support, parallel scans, and is part of Nessus.

Changes: Added parallel scan support and included smbnt and cisco AAA support.
tags | web, imap
systems | cisco
MD5 | c1836c8d1194cb99a5ccf7cb63dc657a
Posted Dec 3, 2003
Authored by Kev | Site bournemouthbynight.co.uk

Brian.c is a simple tool to effectively convert a switched network (or a part of it) into a shared network so that sniffing can take place. Allows ARP spoofing of any number of machines, includes an internal relay process for relaying packets to the correct destination, provides a gateway switch for spoofing routers, includes various timing options, and includes a DOS switch for spoofing without relaying. Includes everything to turn a switched network into a shared network so that sniffing can take place, in one easy to use tool. Based on ARP poisoning from Ettercap, but unlike Ettercap it works in many-to-many scenarios which are present in shared networks. Tested on Redhat 8, it compiles under Linux. Requires libnet and libpcap.

tags | tool, spoof, sniffer
systems | linux, redhat
MD5 | fb9951c00ae07464d20360666ecce380
Posted Dec 3, 2003
Authored by Wojciech Purczynski, Paul Starzetz | Site isec.pl

Detailed information on the linux kernel v2.4 prior to v2.4.23 local root vulnerability in the do_brk() kernel function. Kernels 2.4.20-18.9, 2.4.22 (vanilla), and 2.4.22 with grsecurity patch are confirmed vulnerable.

tags | advisory, kernel, local, root
systems | linux
MD5 | 56a41fe0f4e1ca9efb7d67d8792fc80e
Posted Dec 3, 2003
Authored by PAgVac

WNMSB-LAN is a Windows Messenger Service Bomber. Includes C++ source and a windows executable.

systems | windows
MD5 | 2ff196a71f4cbd1ed6aa0e7ce296b5a8
Cisco Security Advisory 20031202-SNMP-trap
Posted Dec 3, 2003
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory 20031202 - Cisco Aironet Access Points (AP) running Cisco IOS software will send any static Wired Equivalent Privacy (WEP) key in the cleartext to the Simple Network Management Protocol (SNMP) server if the snmp-server enable traps wlan-wep command is enabled. Cisco Aironet 1100, 1200, and 1400 series are affected, but the command is disabled by default.

tags | protocol
systems | cisco
MD5 | 65518f0742d4bd46b464f831a968adf3
Page 1 of 1

File Archive:

August 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Aug 1st
    3 Files
  • 2
    Aug 2nd
    2 Files
  • 3
    Aug 3rd
    32 Files
  • 4
    Aug 4th
    22 Files
  • 5
    Aug 5th
    15 Files
  • 6
    Aug 6th
    19 Files
  • 7
    Aug 7th
    6 Files
  • 8
    Aug 8th
    0 Files
  • 9
    Aug 9th
    2 Files
  • 10
    Aug 10th
    9 Files
  • 11
    Aug 11th
    0 Files
  • 12
    Aug 12th
    0 Files
  • 13
    Aug 13th
    0 Files
  • 14
    Aug 14th
    0 Files
  • 15
    Aug 15th
    0 Files
  • 16
    Aug 16th
    0 Files
  • 17
    Aug 17th
    0 Files
  • 18
    Aug 18th
    0 Files
  • 19
    Aug 19th
    0 Files
  • 20
    Aug 20th
    0 Files
  • 21
    Aug 21st
    0 Files
  • 22
    Aug 22nd
    0 Files
  • 23
    Aug 23rd
    0 Files
  • 24
    Aug 24th
    0 Files
  • 25
    Aug 25th
    0 Files
  • 26
    Aug 26th
    0 Files
  • 27
    Aug 27th
    0 Files
  • 28
    Aug 28th
    0 Files
  • 29
    Aug 29th
    0 Files
  • 30
    Aug 30th
    0 Files
  • 31
    Aug 31st
    0 Files

Top Authors In Last 30 Days

File Tags


packet storm

© 2020 Packet Storm. All rights reserved.

Security Services
Hosting By