Security Auditor's Research Assistant (SARA) is a security analysis tool based on the SATAN model. It is updated frequently to address the latest threats. Checks for common old holes, backdoors, trust relationships, default cgi, common logins.
0da6410defc45031c92c0716861617f1cd069faa6027c42515377d421d828a1cSeclog (security logger) is a log auditing tool written in Perl. It will watch /var/log/messages for suspicious information, and notify you via email.
6ff068dc2ca20eeab510ba95aa37deebc0a7a6e10fec81337af9483f9213d07eB0g Issue 3 (March) - Chain Letters, Rudimentary guide to phones, Rap vs the virusc0d3rz!, IRC Hax0ring , Foolproof, Soda Bombs!, Hacking for Dummies!, Using a Modem with QBASIC, IRC 0wnage.
44010ffca1b87a204da0f52a706fa97f9b5c441c4088482ff02b1e5576fe8f16The IPchains firewall module for Webmin lets you graphically create ipchains firewall scripts. Nearly all of the IPchains options are supported.
ae4bb69f61ef7a4900aa72ae25b1506b4304ade7bfaf5099538b9ceafd4d7e4bVeteScan is a bulk vunerability scanner containing programs to scan Windows NT and UNIX systems for the latest trojans/remote exploits, a scanner for the vulnerabilities of single hosts (with or without host checking), a tool for scanning multiple hosts, a scanner for class A/B/C networks, and fixes for various vulnerablities.
357b74c64b9a83ca3cb4bb718a797ed12ea6174791f0c9fcad4a15abc929bbefShag simulates an additional ethernet device over an existing one. It is useful for testing the security of your switch, or if your machine is on a private VLAN and you want to see another VLAN without another ethernet card.
7ee510e4bce9e523c9758c513e500833529544f55659916fc3dcbb673b915c83Iptables is built on top of netfilter: the new packet alteration framework for Linux 2.4. It is an enhancement on ipchains, and is used to control packet filtering, Network Address Translation (masquerading, portforwarding, transparent proxying), and special effects.
1eaa9c5ee21455918fad19ee71cf9de7079abaac0e8f4807bf9f6223d6458b43PAM/userhelper exploit - Ported to Mandrake 6.1. Also works on Red Hat 6.0 and 6.1, gives uid 0.
60f084b01a6b90f83d4afb30f04c2890fc63b2a6583017757d8572b289e798b3gp4pine is a script that automatically encrypts and decrypts mail under Pine using PGP. The user is not separated from things that PGP does. The program is compatible with PGP versions 2.6.3, 5.0, 6.5.1 and GNUPG 1.0, has support for an aliases file and signature-rotating programs, and can remember your passphrase for a session if you need.
10240e332b56baf1d913fcebd10027efc25e3eabff07f28476aaf4d7b0c1872fNessus is a free, up-to-date, and full featured remote security scanner for Linux, BSD, Solaris and some other systems. It is multithreaded, plugin-based, has a nice GTK interface, and currently performs over 340 remote security checks. It has powerful reporting capabilities (HTML, LaTeX, ASCII text) and not only points out problems, but suggests a solution for each of them.
f9f5973da2fae095fe2d786a297237838089fca47ab485ff736b56432d34c7c7Security Auditor's Research Assistant (SARA) is a security analysis tool based on the SATAN model. It is updated frequently to address the latest threats. Checks for common old holes, backdoors, trust relationships, default cgi, common logins.
d538800c967a63a4ed1ebc5d086124ac73eea401187ce93d55555b2a31379a2dMicrosoft Security Bulletin (MS00-016) - Microsoft has released a patch for the "Malformed Media License Request" denial of service vulnerability within the Microsoft Media License Manager. The vulnerability allows a malicious user to prevent the license server from issuing further licenses to customers for protected digital content (music and video). Microsoft FAQ on this issue available here.
625a48c3d270bc6deaac511662ec6f28868be94a8605a42d1fcb909680f3a294Snort is a libpcap-based packet sniffer/logger which can be used as a lightweight network intrusion detection system. It features rules based logging and can perform content searching/matching in addition to being used to detect a variety of attacks and probes, such as buffer overflows, stealth port scans, CGI attacks, SMB probes, and much more. Snort has a real-time alerting capabilty, with alerts being sent to syslog, a seperate "alert" file, or as WinPopup messages via Samba's smbclient.
d1197a62590c2b6dfc978fd3c4cf1e82d8e2fbbbd35a5c0f1887101311459725spoon.c - (ab)use dig.cgi to proxy DNS dig requests. Useful to request a zone transfer without revealing your IP.
bed34a7508213f2937d73bf1e00100537cc8f3ff8ce9ac45961c75bcec76988eMicrosoft Security Bulletin (MS00-018) - Microsoft has released a patch for a security vulnerability in Microsoft Internet Information Server 4.0. The "Chunked Encoding Post" vulnerability allows a malicious user to consume all resources on a web server and prevent it from servicing other users. Microsoft FAQ on this issue here.
e67925cf162159a7b9d9bd43f6d24b7696a9b1cdb7a2174c33c929d14020faedBastille Linux aims to be the most comprehensive, flexible, and educational Security Hardening Program for Red Hat Linux 6.0/6.1. Virtually every task it performs is optional, providing immense flexibility. It educates the installing admin regarding the topic at hand before asking any question. The interactive nature allows the program to be more thorough when securing, while the educational component produces an admin who is less likely to compromise the increased security.
3a1cccf8b3cde63ff58053d86ea14e3095cec9af0b7a79363bea0f9deac27ebeBeamCrack is a simple application that will set or reset the bit in each application's database header which tells the launcher that it should or shouldn't be beamable, thus bypassing the PalmPilot's infantile copy-protection.
217629f25097a18e38f40fa24472ef4c6bc44bbf1af6810bb6f8fd8c62739cb8The Cisco Secure PIX Firewall interprets FTP (File Transfer Protocol) commands out of context and inappropriately opens temporary access through the firewall. This is an interim notice describing two related vulnerabilities.
d9dd5eea66870d2029e813abe94d615ab12458e3e984c0e779c9e025f32d89b2Findfixed.pl searches through C code looking for fixed-length buffers.
01d0d1983a1244903c29f0891f8551f178f9ab00f53ef34a47f1e24869d2240dA vulnerability exists in the gpm-root program, part of the gpm package. A local console user can obtain root. Tested under RedHat Linux (6.2 / 6.1 / 6.0 / 6.0 / 5.2 / 5.1) and Debian Linux (2.2 / 2.1 / 2.0).
fdc7878064ad331939f1b74e447a8ba7472f14e883ff96a2f93eaecb0a3154f5Halloween 4 local root exploit for imwheel-solo. Other distros maybe affected as well.
7300584731a280968e5f1a1b1f9f36318180b511c516ed48887ec106be3e6d96Good crack for ICQ, the best. Trust me.
a61ee154ca244e2327bc6274756a3f6dd0a2acb2de4c3b3937f7c3d07e33f73aOverflows the -l arg buffer in wmcdplay due to a bad sprintf call. Tested on Mandrake.
dcaf4f08e182ca245fd5a67f7a6513167be09b045d4dbb23c1b92103c9d70d18Meliksah nuke v2.5 is one of the best nukers in existance.
88c8fbd4dd392ec27178cf0c79fd32e85cee7441269a899f38532cd24bd1a301printtool is an X11 printer configuration tool shipped with RedHat Linux and possibly other linux distributions. When configuring a printer with printtool, the permissions of the config file are set world-readable. When this happens, this script will kick in and give you the password.
7595d758939654cb1d717d248da15ef5cdd8257cceeab9d8435768872eebf6a1
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed