fwdumpd is a daemon which communicates with the kernel firewall using the netlink socket interface and copies packets marked for outputs to user space (usually using the -o of ipchains) to a binary capture file. This file is compatible with tcpdump and several other analysis programs. It is now possible to inspect all those denied packets.
04bf40765b8fa11dd16646a392b15afae060f3e050c0293c3c6f343862495986
ITS4 is a command-line tool for statically scanning C and C++ source code for security vulnerabilities. ITS4 scans through source code for potentially dangerous function calls that are stored in a database. Anything that is in the database gets flagged. ITS4 tries to automate a lot of the grepping usually done by hand when performing security audits.
4f3470bd8a732a09f17144b08fa4ad2594e198f6a2e9af019b394c95c6d94fc1
This script sniffs traffic on the network watching for ebay userids and passwords. This is only possible because (as of this writing), ebay does not encrypt passwords -- they are sent in the clear.
047eb7cf864eff046548ebc72fe5010637e84aa5fe2d26b6f6c2a5b387b08d88
Exploit for recent FW-1 FTP problems - Demonstrate a basic layer violation in "stateful" firewall inspection of application data (ftp within IP packets). Checkpoint alert about this vulnerability here.
105b9db1985030576cb537ea4954c1985eb1a0c41554c114e8d7e40766964ac2
Qpop3.0b30 and below buffer overflow exploit. Remote, but requires username and password.
5bb66376ba934f2d28de1c8aeb6fd8c5a2ffc62e7eeb4f7942ea86aa3d8efd43
pcapmerge can be used to extract part of a binary packet capture file or merge several capture files. It is similar in scope to the tcpslice(1) program.
d6293544b2a8d52671262898d84da55fc238322abd2bef3276bc737edd3d5f36
slipwire.pl v1.1 is the first iteration of a filesystem integrity checker. It compares the MD5 hashes of files to an initial state and alerts the user of any changes.
dc845bdc2c286c64e4e25ef76ed2d31d286b284b13dafc146ad73c3ba66ee6e6
slipwire.pl is a simple filesystem integrity checker. It compares the SHA-1 hashes of files to an initial state and alerts the user of any changes.
daaae031940c7c22dd5e6516ffd418ec4e9210a88aa495f534346ff76d915c43
Network Associates Security Advisory - A vulnerability in the ARCserve agent script allows local attackers to obtain root privileges and overwrite/insert data into arbitrary files.
fc4a12c72a4a1e54e091198085a56de890639e906f761c3922f184b0a5144490
Frontpage-PWS32/3.0.2.926 (probably others) allows reading of any file on the system by putting /.../ into the url.
137d1427da44a3a1678c34f2c5e6d18c442d4b292586eb2186b4a6d260aca401
On AIX 4.2 and 4.3, the SNMP daemon is enabled by default and two community names are enabled with read/write privileges. The community names are "private" and "system", but are only allowed from localhost connections. Nevertheless, a local user may install an SNMP client, and modify sensitive variables.
fca6ebe0cf09746cd05366bd5c1a1506252c063978e36c0e845128326548d809
During the installation process of Windows 2000 professionnal anyone can connect to the ADMIN$ share as ADMINISTRATOR whithout any password.
28171d26faf3930c1a79b869e75aa51800e46d3d335d294936646c2ceee5982c
Many devices come from the manufacturer configured with snmp enabled and unlimited access with *write* privledges. It allows attacker to modify routing tables, status of network interfaces and other vital system data, and seems to be extermely dangerous. To make things even worse, some devices seems to tell that write permission for given community is disabled, but you can still successfully write to it. This is a list of devices with default writable configurations.
64b8dfa2a60e46777335afd3866fb129ffab8f3f3c77ea49b736b92fb1b23445
Patch for the Linux ipchains firewall to log source MAC address and TCP flags for all packets that get logged.
17bfd672bb0d3f6422803d89a8b47d00776cc840c1048f0d170cac34268fe89c
md-webscan is a high quality CGI vulnerability scanner. It is well written, easily extensible, and has a few nifty options.
4f436b5fe5116f0a5cf4116654ebdadc92d8a10ebd99c1569e9c3ce2d00d02b1
md-webscan is a high quality CGI vulnerability scanner. It is well written, easily extensible, and has a few nifty options.
92e28833b15ad0ce6b9339a83e8b994deb37e1f6eba383e5fdfc64907ec4c28e
Vanish is a log wiper that cleans WTMP, UTMP, lastlog, messages, secure, xferlog, maillog, warn, mail, httpd.access_log, and httpd.error_log. Tested under SuSE.
2fabe2b5a6c22520710726c13fac0311577cbc303f7d2a6dc078df36af4e65ac
DeCSS is a handy Perl script which removes CSS tags from HTML pages.
af863c73e060f195d1e618e1dc2acb77e380c52919b6075c0108c2e2f7bfb9f2
Nessus is a free, up-to-date, and full featured remote security scanner for Linux, BSD, Solaris and some other systems. It is multithreaded, plugin-based, has a nice GTK interface, and currently performs over 320 remote security checks. It has powerful reporting capabilities (HTML, LaTeX, ASCII text) and not only points out problems, but suggests a solution for each of them.
8888891aec58ed227d88c863beaa2571d0125a10e020edc2fcceaa3a521cd294
History Kill 2000 for Windows removes all traces of history in both Netscape and IE by removing URL drop-list history, detailed history file, cache, and cookies. 21 day evaluation.
49a94b1becb5e12ee9f6babd8f857ef6cbaf4be0d9fbbab3f8656055dddd8e39
Fwctl is a program that intends to make it easier to configure a tight firewall. It provides a configuration syntax that is easier to use and more expressive than the low-level primitives offered by ipchains. It supports multiple interfaces, masquerading and packet accounting. Fwctl doesn't replace a good security engineer, but it can make the job of the security engineer simpler.
3a41caf6e736dcf2018b27cd203759d9a48d5e1e797e7312d502c25ab1e673b5
syslog-ng as the name shows is a syslogd replacement, but with new functionality for the new generation. The original syslogd allows messages only to be sorted based on priority/facility pair, syslog-ng adds the possibility to filter based on message contents using regular expressions. The new configuration scheme is intuitive and powerful.
8febeac3a3fc42944a890455ccea5b7faf7ea2d39675da8150d4d1ed5b9ae50e
FAQ on implementing a Network Based IDS in a heavily switched environment.
cc66b70318c7efd394059454a0d70109b701ba98a36ee39ee4fb3c3150644b34
SUID Advisory #5 - DCFORMS98.CGI Advisory - Anyone can create / truncate any file owned by the web server user.
622d24605c915932cd5a7cb660b480ecd49f2adef13453625c046a4da0b01370
Narrow Security Scanner 2000 searches for 297 remote vulnerabilities. Written in perl, tested on Redhat, FreeBSD, and OpenBSD, Slackware, and SuSE.
cbf5dbf759a6a030ab9ce87d2def68d57adcbc9526f9099ec608606574c2616d