what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 76 - 100 of 752 RSS Feed

Files Date: 2000-01-01 to 2000-01-31

sentinel-1.2.0.tar.gz
Posted Jan 25, 2000
Site zurk.netpedia.net

Sentinel is a fast file/drive scanning utility similar to the Tripwire and Viper.pl utilities available. It uses a database similar to Tripwire, but uses a RIPEMD-160bit MAC checksumming algorithm (no patents) which is more secure than the patented MD5 128 bit checksum. It should run on most unixes (tested on redhat linux v6.0 & v5.2, slackware linux v3.x & 4.xb and IRIX (v5.2 and v6.x). Several other utilities which are used for Sentinel development are also posted here. Most utilities are included with the sentinel tarball. gSentinel is a graphical front-end to sentinel. Newbies should download gSentinel as it comes with a very simple rpm based installation and offers a friendly interface. Beware that gSentinel is currently under development and may be fairly crude compared to most GUI packages.

tags | tool, intrusion detection
systems | linux, redhat, unix, irix, slackware
SHA-256 | 9f6315a4b007336f2bc225ce16208ad6f75590dbbc6f0a043a40652e4ee1b013
strace-4.2.tar.gz
Posted Jan 24, 2000
Authored by Wichert Akkerman | Site wi.leidenuniv.nl

Strace is a system call trace, a debugging tool which prints out a trace of all the system calls made by another process/program. The program to be traced need not be recompiled for this, so you can use it on binaries for which you don't have source. System calls and signals are events that happen at the user/kernel interface. A close examination of this boundary is very useful for bug isolation, sanity checking and attempting to capture race and buffer overflow conditions.

tags | overflow, kernel
systems | unix
SHA-256 | fc1d8db15978017f2c1ecc660e0b61728382630cd7fefad1402fc97b9f16e142
ffingerd-1.26.tar.bz2
Posted Jan 24, 2000
Authored by Felix von Leitner | Site fefe.de

ffingerd is a small and secure finger daemon for Unix. It is meant to be run from inetd, designed for security, so that admins don't have to kill the finger service. It has support for autoconf and PGP/GPG.

Changes: IPv6 support (untested) and a Makefile cleanup.
systems | unix
SHA-256 | ab28a528861bd25c1ee49ffec8ff01bce6eedf0f5629c85acbaaef69651aca34
ipac-1.06.tar.gz
Posted Jan 24, 2000
Authored by Moritz Both | Site comlink.apc.org

ipac is an IP accounting package for Linux. It collects, summarizes, and nicely displays IP accounting data. The output of ipac can be a simple ascii table, an ascii graph or even PNG images with graphs showing traffic progression. ipac can be used for IP traffic analysis and for accounting purposes.

Changes: PNG image generation instead of GIF images with a newer version of the GD library, and smaller changes.
systems | linux
SHA-256 | 3b957f78abfc1adb65ea51143ace53b9ccafa9e2aff54579e08bb47edd4709f2
Fwctl-0.23.tar.gz
Posted Jan 24, 2000
Authored by Francis J. Lacoste | Site indev.insu.com

Fwctl is a program that intends to make it easier to configure a tight firewall. It provides a configuration syntax that is easier to use and more expressive than the low-level primitives offered by ipchains. It supports multiple interfaces, masquerading and packet accounting. Fwctl doesn't replace a good security engineer, but it can make the job of the security engineer simpler.

Changes: New report generation tools, port forwarding with PPTP and IPSec, support for multiple interfaces with same IP, and bugfixes.
tags | tool, firewall
systems | linux
SHA-256 | e2247a64bee3458be58c38859136219bafdf100c625f0c55555b717805dd963c
shellgen_exp.c
Posted Jan 24, 2000
Authored by ~el8, Johnathing Miles | Site el8.n3.net

Shellgen.c, a shellcode generator by Mixter, has an exploitable buffer overflow. Advisory and exploit included.

tags | overflow, shellcode, magazine
SHA-256 | f9af914ed4f6d7e9ae83c7c95a95cf1681836c618aaf93983b1bcb0864e4261f
spynet312.exe
Posted Jan 24, 2000
Authored by Laurentiu Nicula | Site spynet.home.ro

SpyNet v3.12 is a sniffer for Win 95/98/NT/2000 which can recompose the original TCP sessions from the composing packets. Reconstructs telnet sessions, e-mail messages, POP3 logins, etc. Also has the ability to fake cookies it sniffs.

Changes: The sniffer portion is Windows 2000 compatible now! Screenshot here.
tags | tool, sniffer, tcp
SHA-256 | 4e839aef6571493695a4d13196b54c2ed145a2a7b1ae96f74b32780b36036111
phpchains-2.0.tar.gz
Posted Jan 24, 2000
Authored by Edward McLain | Site tuial.com

PHP Chains is a PHP3 interface to ipchains. It works with Apache/PHP3 and any version of the 2.2 kernel series and maybe even the 2.3 kernels. Input, output, and firewall chains can be added or deleted along with network objects. Once the script is generated, the chains can be installed immediately off the Web sight. The sudo-1.6.1 package is included in the distribution file.

tags | tool, web, kernel, php, firewall
systems | linux
SHA-256 | 76ce37e3e1618eeca117484aec23ca63adfdfc9f142094040aecc3f62e1a86c0
ftpd-BSD-0.3.0.tar.gz
Posted Jan 24, 2000
Authored by David Madore

ftpd-BSD is a Linux port of OpenBSD's ftp server (note that there are other such ports). It is thought to be more secure than wu-ftpd and proftpd. This port adds PAM support, and support for on-the-fly decompression of gzipped files.

Changes: IPv6 support (from the latest OpenBSD CVS checkouts) and shadow passwords support as an alternative to PAM authentication.
systems | linux, bsd, openbsd
SHA-256 | 233f5985b5f036d899231162952de8069aed662153ccd69d9f1bfa27eb5d83a2
lids-0.8pre2-psk-2.2.14.tar.gz
Posted Jan 24, 2000
Authored by Xie Hua Gang | Site soaring-bird.com.cn

The Linux Intrusion Detection System is a patch which enhances the kernel's security. When it's in effect, many system administration operations can be made impossible even for root. You can turn the security protection on or off online and you can hide sensitive processes and prevent anyone from using ptrace on your system. LIDS can also provide raw device and I/O access protection.

Changes: Minor typos, license to kill for smoother automatic shutdown (UPS), update option for lids.conf dev/inode numbers, and a 2-level encryption password.
tags | kernel, root
systems | linux
SHA-256 | 2db935ecfc3b8307087f997a6d2884440cfca720ba81a921cfa12568feb53a78
perro-1.0.2.tar.gz
Posted Jan 24, 2000
Authored by Diego Javier Grigna | Site grigna.com

Perro (The Internet Protocols logger) is a set of three daemons that log incoming IP/TCP, IP/UDP and IP/ICMP packets. It also produces detailed log files.

Changes: A Y2K fix.
tags | udp, tcp, system logging, protocol
systems | unix
SHA-256 | 045b98e02917aaaaef1f8f1e49941e45f5c9970a8a9624619d68b586127d51a0
suse.lprold.txt
Posted Jan 24, 2000

SuSE Security Announcment - A security hole was found in lprold which was distributed with all SuSE versions including 6.3. There are local and remote vulnerabilities. SuSE security site here.

tags | remote, local, vulnerability
systems | linux, suse
SHA-256 | e738169bb2cdb3573f768840d7317d4a7f648780d7155ba0e73a45c7e5943212
sftp-0.7.tar.gz
Posted Jan 24, 2000
Authored by Brian Wellington | Site xbill.org

Secure FTP (sftp) implements a file transfer protocol using ssh/rsh as the transport mechanism. When the client is invoked, a remote shell is spawned and the server is run. sftp is mainly useful over a secure ssh session since passwords are not exposed. It also has the advantage that no root access is required, since the server runs as a user process.

Changes: A potential hang was fixed, transferring files now preserves modification time, and 'bye' and 'version' commands were added.
tags | remote, shell, root, encryption, protocol
SHA-256 | 3009d447261678234580ffc981a83c18a6b4cbebd427d83e59e6a05343bf3364
sendmail-tls-0.22.tar.gz
Posted Jan 24, 2000
Authored by Jeremy Beker | Site opensource.3gi.com

Sendmail-TLS is a wrapper for Sendmail which allows for clients to make a secure (SSL) connection to their mailserver as described in RFC 2487. The connection is internally forwarded to sendmail and does not require sendmail to be running on port 25. Clients which support this currently are Netscape Messenger, Microsoft Outlook, and Microsoft Outlook Express.

Changes: Fix for a permissions bug in 'make install' and a new make step to help in creation of self-signed certficates.
systems | unix
SHA-256 | 2a10a30ecef2a314d2a15e94af90b86be8b60f222a2361a8737090b8db73b91a
pop3d-trojan.tar.gz
Posted Jan 24, 2000
Authored by Formatez

in.pop3d backdoor - Still functions as in.pop3d, but gives a shell with the proper password.

tags | tool, shell, rootkit
systems | unix
SHA-256 | 10dce7f841ee0b2ee76fb62470c2df3a484a462c99e837ac6c404d6590b28356
RFPoison.exe
Posted Jan 24, 2000
Authored by rain forest puppy | Site wiretrip.net

Exploit for the new NT remote DOS and possible compromise. NT 4.0 server and workstation are vulnerable, even with SP level 1, 3, 5, or 6.

Changes: AVP no loger thinks this is a trojan, and it no longer reboots the machine it is running on.
tags | exploit, remote
SHA-256 | 2b98566441d44ba149fafd2b74a9bf4293af462f1fe5b8657c87530b1278ec22
HNC_Apocalypso_v1.31.zip
Posted Jan 24, 2000
Authored by Dave Shanley | Site hack-net.com

Apocolypso 1.3 is a new crypto tool from HNC. It supports a wide variety of encryption methods, including DES, Blowfish, IDEA, Gost, Misty 1, Twofish, Cast 256, Rinjindael, HNC Single Encryption, and HNC Multi Encryption. Apocolypso runs on Win95, 98, and NT.

tags | encryption, cryptography
systems | windows
SHA-256 | c96eae5e6af8900f72fd7eb9d27545024edbdb785d9ab1c373dc5a2fb69ab1a8
dsniff-1.3.tar.gz
Posted Jan 24, 2000
Authored by Dug Song | Site monkey.org

dsniff is a suite of utilities that are useful for penetration testing. It consists of the following programs: arpredirect intercepts packets from a target host on the LAN intended for another host on the LAN by forging ARP replies. findgw determines the local gateway of an unknown network via passive sniffing. macof floods the local network with random MAC addresses. tcpkill kills specified in-progress TCP connections. dsniff is a simple password sniffer which handles many protocols. mailsnarf outputs all messages sniffed from SMTP traffic in Berkeley mbox format. webspy sends URLs sniffed from a client to your local Netscape browser for display, updated in real-time.

Changes: Addition of Berkeley db output file format to dsniff, as well as restricting logging to unique auth info, new tcpkill program, new dsniff manpage, DNS lookups in dsniff and urlsnarf, addition of HTTP Basic Authentication, Referer, and User-Agent logging to urlsnarf, improved RPC message parsing in dsniff, improved SMTP parsing in mailsnarf, improved HTTP 1.x parsing in dsniff, urlsnarf, and webspy. fixes for IMAP, Rlogin, Telnet option parsing in dsniff, and addition of X11 MIT-MAGIC-COOKIE parsing to dsniff.
tags | tool, local, sniffer, tcp, protocol
SHA-256 | 7b757d3d67ea684c61afe0f432de550f86a550a5802b5bfe37f1b4d779d76c3a
ides.c
Posted Jan 24, 2000
Authored by Mixter | Site members.tripod.com

Intrusion Detection Evasion System is a daemon that monitors connections, and forges additional packets to hide from and disturb network monitoring processes of IDS and sniffers. It does this by inserting rst/fin and ack packets with bogus payloads and invalid sequence numbers that only affect network monitors. It also sends a custom amount of SYN requests from arbitrary sources on every real connection attempt it sees, which can for example be used to simulate coordinated scans.

tags | arbitrary
SHA-256 | 70928c72e9594e3b31e86cabaaf959e292ac9e456f7add9f9d4fb015debc78bc
omnis.txt
Posted Jan 23, 2000
Authored by Eric Stevens

Vulnerabilities in OMNIS, affecting many applications. Omnis is a Rapid Application Development environment which is portable to Win, Mac, and Linux. One of the features that Omnis provides for attaching to the database is the ability to encrypt fields, and obscure them from prying eyes. In actuality, this encryption is extremely weak, and I accidentally discovered the encryption technique and post a detailed explanation of it here.

tags | exploit, vulnerability
systems | linux
SHA-256 | cce1376a97274da7aea1f4e10d420680a764f89a62c9ccbe2082d9a76171b73e
WinGateVacuum1.0b3PPC.sit
Posted Jan 22, 2000
Authored by WeeDo | Site freaky.staticusers.net

Wingate VaccuuuUUuuUUum 1.0b3 for Macintosh - This is a program to easily get a large list of proxies out of Undernet IRC servers. Put it your favorite undernet server - it checks their ban list and scans the IP's for proxies.

SHA-256 | c3548e40f5e2dee49ed8f44ad5a8fc82c0e01be38bd74fce526e2a06376adb57
MacPork1.5b.sit
Posted Jan 22, 2000
Authored by DarkSider | Site freaky.staticusers.net

MacPork 1.5 is a CGI scanner for the Macintosh platform which scans for 130 vulnerabilities and can use 45 of them to retrieve a passwd file.

tags | cgi, vulnerability
SHA-256 | 8f7c6d70bc77f5959424563436e427dee2180c15f9dea40d94224c70804500c5
freebsd.sa-00.01.make
Posted Jan 22, 2000

FreeBSD Security Advisory - The -j option to make uses /tmp in an insecure mannor, making it vulnerable to a race condition. All versions of NetBSD and OpenBSD are also believed to be vulnerable to this problem. Other systems using a BSD-derived make(1) binary may also be vulnerable.

systems | netbsd, freebsd, bsd, openbsd
SHA-256 | 9f13080452f421de034e128ba41795769a2accb1bdbe6066e58cc5c59e60b039
RFPoison.c
Posted Jan 22, 2000
Authored by rain forest puppy | Site wiretrip.net

Source for the RFPoison, a NT remote DOS. NT 4.0 server and workstation are vulnerable, even with SP level 1, 3, 5, or 6.

Changes: AVP no loger thinks this is a trojan, and it no longer reboots the machine it is running on.
tags | remote
SHA-256 | 97b128e117f9dab3ea840c5462d01811717f598125ea7c7d49bde330c80268b9
pc-1.1-dist.zip
Posted Jan 22, 2000
Authored by Steve Lodin | Site noncon.org

PalmCrack, the password testing tool for the Palm Computing Platform. Designed to help security professionals determine the strength of passwords, PalmCrack is able to check UNIX and NT passwords against a dictionary and decrypt certain Cisco router passwords. PalmCrack runs on PalmOS 2 and PalmOS 3 devices, including the PalmPilot Professional through the PalmVII and the IBM WorkPad series.

Changes: Includes programs to allow you to create your own wordlist databases.
tags | cracker
systems | cisco, unix, palmos
SHA-256 | 30ddc35fea2c97c26d0534740ff97a9b3d14916047daeb78d640586e04c04891
Page 4 of 31
Back23456Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close