Bastille Linux aims to be the most comprehensive, flexible and educational Security Hardening Program for Red Hat Linux 6.0. Virtually every task it performs is optional, providing immense flexibility. It educates the installing admin regarding the topic at hand before asking any question. The interactive nature allows the program to be more thorough when securing, while the educational component produces an admin who is less likely to compromise the increased security.
01db2c1fb7270a49db9c06b65e8c9ddd0965435adeef5a24900d4d34c64a9536
thc-hb09.zip is a Windows-based tool - A security-scanner included in a web browser for scanning webservers/NT-Servers.
8ea2383c8fb90f66a26b7dc0a51aa16adf136b6dec9e85b36db0fa4bdf2c1b77
Article from THC explaining the techniques behind the ksolaris kernel module, and helps you to develop your own solaris kernel modules.
523a74adb51f1f49d8003ba66d604653ea04038a4bbaff3610402554557bde7d
slkm-1.0.tar.gz is the first public solaris loadable kernel module backdoor from THC. Features File hiding, File content and directory hiding, Switch to toggle file content and directory hiding, Process hiding (structured proc), Promiscous flag hiding, Converting magic uid to root uid, and Execution redirecting.
17ee6bad714538c7e2f84e0c24b4520aec71d93c1ad872d769c659a16755d851
Several holes in the Solaris 2.7 SPARC/x86 dmispd daemon will allow malicious users to do various local and remote DoS attacks and probably more.
f473b55e73cc713bf480a073d0ec58518887e272f350177275f1a0e6bf9202b6
SILENT CARRIERS AND LINK PROTOCOLS - As we all know, "wardialing" is one of the best entertainments for hacking/phreaking lovers. Sometimes this activity makes us desperate due to the usual "login: password:" repetition that appears in nearly every CARRIER. It's also usual to find Carriers that present us with no message... just a "CONNECT xxxxx". These ones are usually very interesting as you will see in this document.
0016f70f13b234da9325d6e03adca8eb770bf75471838dc6999816120c8fc623
DNS Spoofing and Abuse - Lately on bugtraq there have been a number of DNS abuse related posts.
eb848828857cbf96bbc474104e765b60af9f084713a879f9a967c1bccaf8d2c8
Narrow Security Scanner 2000 searches for 260 remote vulnerabilities. Written in perl, tested on Redhat, FreeBSD, and OpenBSD, Slackware, and SuSE.
f86928bc54b74597a5038a3cc2a90cd3ddb0c320b87e44469e0cc5124676df44
Microsoft has released a patch that addresses two issues - It eliminates a vulnerability in the Outlook Express mail client for Macintosh, which could allow HTML attachments to be automatically downloaded to the users computer. It also provides replacments for several digital certificates that are included in IE for macintosh which will expire Dec. 31. Microsoft FAQ on these issues here.
4c353c7131bf3a5b7bd7f4b939cc05d112b85a76c2f89eff1ded98edf83af2e6
Windows Security Update - December 22, 1999. Contains info on the Syskey Keystream Reuse vulnerability, the LSA Denial of Service vulnerability, and exchange server security. Also has news on new PGP export laws, piracy intervention, and firewalls with managment capabilities.
134227411f63bbe975a26bcbc1510a72d52f5f51c65af607255efeeeb4607930
KDE, kmail local email-attachment symlink exploit - possible root comprimise. Kmail older than v1.1.1 is vulnerable.
4afa410db651af6de289d5b36edc2bec4444366a290b9429cec19406217a4680
MindTerm is a complete ssh-client in pure java. It can be used either as a standalone java-application or as a java- applet. The source-code is freely available (GPL). Three packages of importance are provided, terminal, ssh, and security. The terminal package is a rather complete vt102/xterm-terminal. The ssh-package contains the ssh- protocol and also "drop-in" socket replacements to use ssh- tunnels transparently from a java application/applet. It also contains functionality to realize a ssh-server. Finally the security package contains RSA, DES, 3DES, RC4 and Blowfish ciphers.
9e05cb0c4818a3687fc803a9742788ee1dd007913d8e15816f6c9638b7e302cc
Secure FTP (sftp) implements a file transfer protocol using ssh/rsh as the transport mechanism. When the client is invoked, a remote shell is spawned and the server is run. sftp is mainly useful over a secure ssh session since passwords are not exposed. It also has the advantage that no root access is required, since the server runs as a user process.
9b14e9e77edef9c6ed6fce117ae3bcec8f4ddd0c6bb7f1551bce7eba12e8f807
The Veganizer is a spam counter-attack. It searches the headers of a specified message for all associated IPs and Domains, then sends mail to pre-specified addresses at those servers (abuse@, postmaster@) as well as addresses found by a whois query on the IPs/Domains. The mail sent will also include the original message with full headers.
38f18b4d688c01a7946c45faa5902c1cdcfe373ff7aeeaf85b634eb4e8c52110
Narrow Security Scanner 2000 searches for 249 remote vulnerabilities. Written in perl, tested on Redhat, FreeBSD, and OpenBSD, Slackware, and SuSE.
8c4fdb14440f7bff678d4bbd8c29638af5273f05e1137e2ed0b3cdd5b41c12be
Remote DoS attack discovered in DNS Pro 5.7 for Windows NT, caused by over 30 connections to port 53 at the same time.
6a5b1d3203440661fa1a3460290844a5985c7115edfcea8d58a274dcc8be800a
Dsniff contains several powerful new network tools, written for use in penetration testing. Arpredirect is a very effective way of sniffing traffic on a switch by forging arp replies. Findgw determines the local gateway of an unknown network via passive sniffing, which can be used in conjunction with arpredirect to intercept all outgoing traffic on a switch. Macof floods the network with random MAC addresses, causing some switches to fail in open repeating mode, facilitating sniffing. Dsniff is a simple password sniffer which parses passwords from many protocols, only saving the "interesting" bits. Mailsnarf is a fast and easy way to violate the Electronic Communications Privacy Act of 1986. urlsnarf outputs all requested URL's from HTTP traffic. webspy sends URLs sniffed from a client to your local Netscape browser for display, updated in real-time (as the target surfs, your browser surfs along with them, automagically).
5b8ac1a36bdcb8085709d1fb176ea958619549ff8c83cdd6c06ec75272cde04f
Lsof is a Unix-specific diagnostic tool. Its name stands for LiSt Open Files, and it does just that. It lists information about any files that are open by processes currently running on the system.
78fa7d515c0fec04c226609c590bba0b6806da8612b1609d77d70ddb0db9adf3
Samhain is a tool for monitoring the integrity of files on a single machine as well as on a network. It is easy to configure and maintains a single database (per host) for storing the signatures of files. Samhain is designed to be run as a background process, checking files periodically against the database. Reports can be written to a signed, tamper-resistant log file, and/or sent offsite by e-mail. To monitor several machines and collect data by a central log server, samhain may be used as a client/server application. For the paranoid, a 'stealth' option is available.
7e6a44873d79298b027d90259ecc248e8b444f798ef7d93fc219650ce7306cc7
Microsoft has released a patch for a security vulnerability in Microsoft SQL Server 7.0. The vulnerability causes a SQL server to crash. Microsoft FAQ available here.
bad8df9b8108317e9c63a2bb5a524a2b385e11b1d63530d8503248b29f8e8b12
bernstein-9th.htm
cca07e54f19a409255f9dce1a79742beff07c4d5408d889683727914144aa6e8
bernstein-eff.htm
0ed6191d7e14f845752f4fdd582405dfdf814c4a9b6f1bc6be7964a95136b1ac
button.gif
cfdbc6584523860cd43adefaeb8da0815a646e8b1700646ec602844c17f17ea0
crypto-call.htm is a Paper on Building crypto archives worldwide
8763376a1cfa060dbe473fbc426e735c9b6804f0f80900f8a289045bf9d61e30
crypto-free.htm is a paper on cryptography freedom
6cfe0e296ab845303da8e73b2915d35c3e729d217981c93f091f5aa91d709cc8