Alpha patch for FreeBSD that randomizes the sequence numbers sent by TCP to circumvent connection hijacking and/or spoofed connections (3-way handshake acheived by guessing sequence numbers).
ab5c71478fa83d7120ef65390ec11a21f1ec6c3dee83be9dcba8edf4dd6bf895Microsoft has released a patch for a vulnerability in web applications associated with Microsoft Site Server 3.0, Commerce Edition. These applications are provided as samples and generated by wizards, who have unwisely allowed inappropriate access to a database on the site. Microsoft FAQ on this issue here.
f0ea22e2f6fcdb79f7f031cffdb3d616b72c3db091aa09ad12853c262adf569bTalonDynDNS is a Dynamic DNS client allowing you to use JustLinux.com's free DNS service under windows.
47a73586aa71760395fde9325796d00c3c5e5cc452e222e447f8e41954680f63Microsoft has released a patch for a vulnerability in Microsoft VM. The vulnerability allows a malicious web site operator to read files from the computer of a person who visited his site or read web content from inside an intranet if the malicious site is visited by a computer from within that intranet, provided the full pathname is known. Microsoft FAQ on this issue here.
45f78ff85a497b769b32bbc5a4d880b9fc1c26fdbfcd6eaa0c9b5ca5aeae1852Madscan scans for sites which do not block broadcast IP addresses. Based on broadscan, but 4 times faster, and supports scanning a full class A address space.
8a263b5fd823f5cd845ca898388b2e9d3103fb7666d850bb4e46c68150490c19The make package as shipped in Debian GNU/Linux 2.1 is vulnerable to a race condition that can be exploited with a symlink attack. Debian security homepage here.
b69aaf3aa0798c606d84b6b3aa4b2ee5637bab4fd96f99f9aaf3bdec071ee96fMany Windows programs (word, excel, wordpad, etc) allow you to break out of a restricted environment, using common sense hacks.
39be7595afd6f8bb040897a7580b5bffd80cae67e08c97fa642f17c59c8ff9efSimpsons CGI Scanner - Windows based CGI scanner with a simpsons theme. Screenshot here.
4c166173b023fed00390e8ead35070edcb14507e03a10c00c0211a3a0b033227An ActiveX control shipped with IE can be used to install software components signed by Microsoft without prompting the user. This of course raises trust issues. Someone, not necessarily Microsoft, could use this control to install a Microsoft signed component in your system.
00f3f0b2e0d5491b814f02f98a69262203221432818c66cf49198886b616c325iplog is a TCP/IP traffic logger. Currently, it is capable of logging TCP, UDP and ICMP traffic. iplog 2.0 is a complete re-write of iplog 1.x, resulting in greater portability and better performance. iplog 2.0 contains all the features of iplog 1.x as well as several new ones. Major new features include a packet filter and detection of more scans and attacks. It currently runs on Linux, FreeBSD, OpenBSD, BSDI and Solaris. Ports to other systems, as well as any contributions at all, are welcome at this time.
a86b0d3fdb58e4fb8c3dbab1868f6274f3e22853e2be5d62ff5ce06cb38d92e3Wordex is a small, free Windows program to generate wordlists recursively from all files in a directory.
03592f48f4c82c714f3d6c13f65e197eec4fe5b3dccc49568b1b3439a93c2f24Exploit for Wu-ftpd 2.5 overflow - In spanish.
204719628ade4ca4bab296e3c06a5388f3996b2c89c9c34723d54c33fc2d8695roi.sh is a small shell script to do remote OS identification, using Netcraft's services.
4679ac2171cbec37b0fad8781c5b28517d551889423a3b6218ce593d81f3c523Unused bits in the TCP header are interpreted incorrectly by some applications, allowing for some interesting application specific attacks to take place.
d698b3bd0de2df933b7bc916c13b39dc2c7b7606eabfc5f06e734c467d56fda8Grazer1's Bait System opens a specific port and logs connections to it. Simple and ghetto way to log Netbus requests.
4d1c34d8c7e1d3019ddb12e8da599860277edd1654a3828364909bb64b8eec09ViperDB was created as a smaller and faster option to Tripwire. ViperDB does not use a fancy all-in-one database to keep records. Instead it uses a plaintext db which is stored in each "watched" directory. By using this there is no real one attack point for an attacker to focus his attention on. This coupled with the running of ViperDB every 5 minutes (via cron root job) decreases that likelihood that an attacker will be able to modify your "watched" filesystem while ViperDB is monitoring your system.
488a3842de04fb92480a0e20d15a8bdd4795feaa15e66dc9d2a2d1c80a92712bDynFW for ipchains constantly checks /var/log/messages for packets denied by ipchains and responds by temporarily setting up firewallrules that deny any access from the originating IPs. Optionally it can do an ident lookup before setting up the rules.
8279a461da4a091c67e61d6d56bca73e85bf030ef6f241d6f44447a6216a6d24syslog-ng as the name shows is a syslogd replacement, but with new functionality for the new generation. The original syslogd allows messages only to be sorted based on priority/facility pair, syslog-ng adds the possibility to filter based on message contents using regular expressions. The new configuration scheme is intuitive and powerful.
48821fb0bcb64d9d3c0c64f8bfc17f24cce8c8506539850d94fab6f0b7d51692ya-wipe is a tool that effectively degausses the surface of a hard disk, making it virtually impossible to retrieve the data that was stored on it. This tool is designed to make sure that sensitive data is completely erased from magnetic media.
76fc64866683fdeb597f80aab9a2354c6f6e1ace565233359bf974ba45b102b9Adore is a linux LKM based rootkit. Features smart PROMISC flag hiding, persistant file and directory hiding (still hidden after reboot), process-hiding, netstat hiding, rootshell-backdoor, and an uninstall routine. Includes a userspace program to control everything.
de0bab345dbca650c8fba76d3b81c49404b82ffab4ed6d2f4539a87d2aad15bagShield is an aggressive, modular, ipchains-based firewall script. Features include: easy configuration through a BSD-style configuration file, optional IPmasq support, TCP-wrapper-like funtionality for service access, and extremely restrictive defaults. It hopes to make administrating a comprehensive firewall easier, as well as offering robust protection while being easy to setup/maintain.
fbc08b39256eb98ccb1d4e8048814726a13e47cee451f9b552afa142e7db97b6The Administrators Control Module (ACM) for kernel 2.2.x patches system calls like execve(), setuid(), open(), ipc(), setgid(), setreuid(), and setregid() for better security logging.
ec9927f991f9c662a5a5ce280994f7cbb887393c22f9e2fcde0bab667ed5c576Distributed Denial of Service Attacks have recently emerged as one of the most newsworthy, if not the greatest, weaknesses of the Internet. This paper attempts to explain how they work, why they are hard to combat today, and what will need to happen if they are to be brought under control. Plain text format, PS and HTML available at the homepage, here.
88987eea1d392681e2e465811703fdda147cdb9e6f00d84af3abb7ced896526cdsniff is a suite of utilities that are useful for penetration testing. It consists of the following programs: arpredirect intercepts packets from a target host on the LAN intended for another host on the LAN by forging ARP replies. findgw determines the local gateway of an unknown network via passive sniffing. macof floods the local network with random MAC addresses. tcpkill kills specified in-progress TCP connections. dsniff is a simple password sniffer which handles many protocols. mailsnarf outputs all messages sniffed from SMTP traffic in Berkeley mbox format. webspy sends URLs sniffed from a client to your local Netscape browser for display, updated in real-time.
449d5e99419d841257a23438af4cf6e26c853ffadb72594c0f80c2235d98093aSecure Deletion under Linux kernel patch. If a regular file has set attribute "s" on ext2 filesystem, the file will be securely deleted after an "unlink" call by the "srm" program.
185dbe50cdf98826e19a79ff400060c4cd6bac8183c39ca9ce245c94d15badea
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed