Security Auditor's Research Assistant (SARA) is a security analysis tool based on the SATAN model. It is updated frequently to address the latest threats. Checks for common old holes, backdoors, trust relationships, default cgi, common logins.
0da6410defc45031c92c0716861617f1cd069faa6027c42515377d421d828a1c
Seclog (security logger) is a log auditing tool written in Perl. It will watch /var/log/messages for suspicious information, and notify you via email.
6ff068dc2ca20eeab510ba95aa37deebc0a7a6e10fec81337af9483f9213d07e
B0g Issue 3 (March) - Chain Letters, Rudimentary guide to phones, Rap vs the virusc0d3rz!, IRC Hax0ring , Foolproof, Soda Bombs!, Hacking for Dummies!, Using a Modem with QBASIC, IRC 0wnage.
44010ffca1b87a204da0f52a706fa97f9b5c441c4088482ff02b1e5576fe8f16
The IPchains firewall module for Webmin lets you graphically create ipchains firewall scripts. Nearly all of the IPchains options are supported.
ae4bb69f61ef7a4900aa72ae25b1506b4304ade7bfaf5099538b9ceafd4d7e4b
VeteScan is a bulk vunerability scanner containing programs to scan Windows NT and UNIX systems for the latest trojans/remote exploits, a scanner for the vulnerabilities of single hosts (with or without host checking), a tool for scanning multiple hosts, a scanner for class A/B/C networks, and fixes for various vulnerablities.
357b74c64b9a83ca3cb4bb718a797ed12ea6174791f0c9fcad4a15abc929bbef
Shag simulates an additional ethernet device over an existing one. It is useful for testing the security of your switch, or if your machine is on a private VLAN and you want to see another VLAN without another ethernet card.
7ee510e4bce9e523c9758c513e500833529544f55659916fc3dcbb673b915c83
Iptables is built on top of netfilter: the new packet alteration framework for Linux 2.4. It is an enhancement on ipchains, and is used to control packet filtering, Network Address Translation (masquerading, portforwarding, transparent proxying), and special effects.
1eaa9c5ee21455918fad19ee71cf9de7079abaac0e8f4807bf9f6223d6458b43
PAM/userhelper exploit - Ported to Mandrake 6.1. Also works on Red Hat 6.0 and 6.1, gives uid 0.
60f084b01a6b90f83d4afb30f04c2890fc63b2a6583017757d8572b289e798b3
gp4pine is a script that automatically encrypts and decrypts mail under Pine using PGP. The user is not separated from things that PGP does. The program is compatible with PGP versions 2.6.3, 5.0, 6.5.1 and GNUPG 1.0, has support for an aliases file and signature-rotating programs, and can remember your passphrase for a session if you need.
10240e332b56baf1d913fcebd10027efc25e3eabff07f28476aaf4d7b0c1872f
Nessus is a free, up-to-date, and full featured remote security scanner for Linux, BSD, Solaris and some other systems. It is multithreaded, plugin-based, has a nice GTK interface, and currently performs over 340 remote security checks. It has powerful reporting capabilities (HTML, LaTeX, ASCII text) and not only points out problems, but suggests a solution for each of them.
f9f5973da2fae095fe2d786a297237838089fca47ab485ff736b56432d34c7c7
Security Auditor's Research Assistant (SARA) is a security analysis tool based on the SATAN model. It is updated frequently to address the latest threats. Checks for common old holes, backdoors, trust relationships, default cgi, common logins.
d538800c967a63a4ed1ebc5d086124ac73eea401187ce93d55555b2a31379a2d
Microsoft Security Bulletin (MS00-016) - Microsoft has released a patch for the "Malformed Media License Request" denial of service vulnerability within the Microsoft Media License Manager. The vulnerability allows a malicious user to prevent the license server from issuing further licenses to customers for protected digital content (music and video). Microsoft FAQ on this issue available here.
625a48c3d270bc6deaac511662ec6f28868be94a8605a42d1fcb909680f3a294
Snort is a libpcap-based packet sniffer/logger which can be used as a lightweight network intrusion detection system. It features rules based logging and can perform content searching/matching in addition to being used to detect a variety of attacks and probes, such as buffer overflows, stealth port scans, CGI attacks, SMB probes, and much more. Snort has a real-time alerting capabilty, with alerts being sent to syslog, a seperate "alert" file, or as WinPopup messages via Samba's smbclient.
d1197a62590c2b6dfc978fd3c4cf1e82d8e2fbbbd35a5c0f1887101311459725
spoon.c - (ab)use dig.cgi to proxy DNS dig requests. Useful to request a zone transfer without revealing your IP.
bed34a7508213f2937d73bf1e00100537cc8f3ff8ce9ac45961c75bcec76988e
Microsoft Security Bulletin (MS00-018) - Microsoft has released a patch for a security vulnerability in Microsoft Internet Information Server 4.0. The "Chunked Encoding Post" vulnerability allows a malicious user to consume all resources on a web server and prevent it from servicing other users. Microsoft FAQ on this issue here.
e67925cf162159a7b9d9bd43f6d24b7696a9b1cdb7a2174c33c929d14020faed
Bastille Linux aims to be the most comprehensive, flexible, and educational Security Hardening Program for Red Hat Linux 6.0/6.1. Virtually every task it performs is optional, providing immense flexibility. It educates the installing admin regarding the topic at hand before asking any question. The interactive nature allows the program to be more thorough when securing, while the educational component produces an admin who is less likely to compromise the increased security.
3a1cccf8b3cde63ff58053d86ea14e3095cec9af0b7a79363bea0f9deac27ebe
BeamCrack is a simple application that will set or reset the bit in each application's database header which tells the launcher that it should or shouldn't be beamable, thus bypassing the PalmPilot's infantile copy-protection.
217629f25097a18e38f40fa24472ef4c6bc44bbf1af6810bb6f8fd8c62739cb8
The Cisco Secure PIX Firewall interprets FTP (File Transfer Protocol) commands out of context and inappropriately opens temporary access through the firewall. This is an interim notice describing two related vulnerabilities.
d9dd5eea66870d2029e813abe94d615ab12458e3e984c0e779c9e025f32d89b2
Findfixed.pl searches through C code looking for fixed-length buffers.
01d0d1983a1244903c29f0891f8551f178f9ab00f53ef34a47f1e24869d2240d
A vulnerability exists in the gpm-root program, part of the gpm package. A local console user can obtain root. Tested under RedHat Linux (6.2 / 6.1 / 6.0 / 6.0 / 5.2 / 5.1) and Debian Linux (2.2 / 2.1 / 2.0).
fdc7878064ad331939f1b74e447a8ba7472f14e883ff96a2f93eaecb0a3154f5
Halloween 4 local root exploit for imwheel-solo. Other distros maybe affected as well.
7300584731a280968e5f1a1b1f9f36318180b511c516ed48887ec106be3e6d96
Good crack for ICQ, the best. Trust me.
a61ee154ca244e2327bc6274756a3f6dd0a2acb2de4c3b3937f7c3d07e33f73a
Overflows the -l arg buffer in wmcdplay due to a bad sprintf call. Tested on Mandrake.
dcaf4f08e182ca245fd5a67f7a6513167be09b045d4dbb23c1b92103c9d70d18
Meliksah nuke v2.5 is one of the best nukers in existance.
88c8fbd4dd392ec27178cf0c79fd32e85cee7441269a899f38532cd24bd1a301
printtool is an X11 printer configuration tool shipped with RedHat Linux and possibly other linux distributions. When configuring a printer with printtool, the permissions of the config file are set world-readable. When this happens, this script will kick in and give you the password.
7595d758939654cb1d717d248da15ef5cdd8257cceeab9d8435768872eebf6a1