Enhancing network security through the use of inexpensive cisco routers. Describes local router security, turning off the routers services, access-lists, dos protection, and more.
d03ff45dc98d26a5101627907163535a5bc7387cf4d3281a0eb76a95e6ecb9adMicrosoft Security Bulletin (MS00-038) - Patch Available for "Malformed Windows Media Encoder Request" vulnerability. Microsoft has released a patch for a security vulnerability in Windows Media Encoder version 4.0 and 4.1, which ships as a component of the Windows Media Technologies. The vulnerability allows a malicious user to interfere with a digital content provider's ability to supply real-time audio and video broadcasts. Microsoft FAQ on this advisory available here.
657862122d144ac528a9732e1cb0f5ed855bf5f5f70d29c00a977860b3edb78cThe AIX cdmount program allows regular users to mount CD-ROM filesystems. This program is basically a SUID to root wrapper of the mount command. Insecure handling of the arguments to cdmount may allow a local regular user to execute commands as root.
9f59ba46228465abd1d52f3ef05776c0a0c410e98203f09b70608a2f5f6cb353stream2.c is a remote dos attack which uses ACK packets to consume large amounts of CPU. This DoS targets FreeBSD, Linux, and Solaris.
00e9a352d451a182c3b164b08eb3f0e785601818f7b898a84b811d45891d0ea4Portfwd is a small C++ utility which forwards incoming TCP connections and/or UDP packets to remote hosts. Multiple forwarders can be specified in a flexible configuration file. There is support for FTP forwarding.
d53d7c34a48fb678eff4e71f3a33ab395c56d1c7b0158c1db09d2cbffaa05c5fDebauch is a memory allocation debugger for C which has been modified from memleak from the XFree86 project. The debugger will detect memory leaks, corrupted memory, stores to freed memory and more. Best of all, it doesn't require recompiling or relinking existing programs to work, making it ideal for finding leaks even in shared libraries. Currently debauch works on Linux systems. Preliminary ports for BSD, MIPS and Sun architectures are available but may not work properly at present.
3029d16b18ecb4188f8624fd4bc761c7af0eeaa37546c143ab42e6f3dca236a7Libnet v1.0.1b is an API to help with the construction and handling of network packets. It provides a portable framework for low-level network packet writing and handling (use libnet in conjunction with libpcap and you can write some really cool stuff). Libnet includes packet creation at the IP layer and at the link layer as well as a host of supplementary and complementary functionality.
3ac835ba090ff3efdb3cf22be7ca6c38431b34fa0fd97ab5e0279abb2e6aa7f6CERT Advisory CA-2000-12 - HHCtrl ActiveX Control allows local files to be executed. The HHCtrl ActiveX control has a serious vulnerability that allows remote intruders to execute arbitrary code, if the intruder can cause a compiled help file (CHM) to be stored "locally." Microsoft has released a security bulletin and a patch for this vulnerability, but the patch does not address all circumstances under which the vulnerability can be exploited. This document discusses additional ways in which this vulnerability can be exploited.
8d64072fcd1d5225daf75a8d9412a0172ca99075fdfc8c2e678d6a8c2ef122e3ipaudit records network activity. It stores a count of bytes and packets exchanged for every combination of host/port pairs and protocol. It can be signalled after a fixed interval (30 minutes is typical) to output results. It's useful for identifying heavy bandwidth users, intrusive telnet sessions, denial of service attacks, scans, etc. There is also an option (like tcpdump) to save raw packet headers for detailed analysis with packages such as tcpdump or ethereal.
8e99a45673263e045cb03981d4f6dfdb2f3ad000e205834f2923c2f0019f45c7Life Stages worm .vbs source code. Sets off virus scanners. Archive password is set to p4ssw0rd. Use at your own risk.
89cdf4fd376f0ec61a42005acb5e52f54bec695cda8adf47ba2039200eef9af0Intact Open Use is a host integrity checking system for Windows 95/98. This is only a 30 day trial. Intact can detect change in the filesystem and registry.
4cf2810673f6b8e0ec16988e8a63d002e0d5952d90749361e6f2904a5ddf8cefWeekly Newsletter from Help Net Security Issue 18 - 19.06.2000 - Covers weekly roundups of security related events. In this issue: Remote dos attack in NAI pgp certificate server, SmartFTP daemon v0.2 vulnerability, Microsoft revises ms00-035, remote dos attack in AnalogX Simpleserver WWW v1.05, MS00-031 patch re-release, Dragon Server v1.00 and 2.00 remote dos attacks, AOL instant messenger dos. Also linux security techniques, kernel basics, and much more.
370cba453102d1a90e1f04d927c9700faca6b6b3ad60c541ebf6dea08cb96e37Linux Security Week June 12 - In this issue: Updates are available for the Document Template package, BRU Backup Utility, Kerberos 5, and a bug on FreeBSD/Alpha systems that weakens its encryption. OpenBSD 2.7 is annunced and and the U.S. House gives its "OK" to the digital signature bill.
d3af4c437f7224ecb592716f7973e2c5f6eeb9545d977a4490847348ca8cf0e6motion uses a video4linux device as a motion detector. It will make snapshots of the movement it sees, making it usable as an observation or security system. It can send out email, SMS messages, or invoke an external command when detecting motion.
180eb595eae21df8fc38fa47ed24dc5f4a9ffc4673821d67aa65aeb364992adeDebian 2.1 local root exploit - A vulnerability exists in the apcd package shipped with Debian 2.1.
f7ca16d4ea9299fd7aef4c4a72b95848377702b1feeccf9d2d657e4193b25dbeMailStudio2000 v2.0 and below userreg.cgi exploit - Executes arbitrary commands on remote host as root.mail.
095872ca533dfd3c5443df88fb3daab10038263b301956bf03770b5a5ac72928SetXConf local root exploit for Corel linux v1.0 with xconf utils.
db447881a66d9c741450d6d7e316b1bb4edd263812be29422ab468e0194719f4Majordomo local exploit for Suse 6.0 and 6.3. Tested against Majordomo Wrapper <= v1.94.5.
312f4fcbf45535494f8a44755293ca6e8bc7842547f4c8e7aa00445f3d859041SSH (Secure Shell) Windows Port is a program to log into another computer over a network, to execute commands in a remote machine, and to move files from one machine to another, providing strong authentication and a secure communications over insecure channels.
9086e00c98cc755dca63755c3eb1eb211bfeb07f77b8d7755f4239f67d512ab2SSH (Secure Shell) is a program to log into another computer over a network, to execute commands in a remote machine, and to move files from one machine to another, providing strong authentication and a secure communications over insecure channels.
2eed3b75a12f7cdfaa9f8ea85b5399fc1cd4ac5e88192c9a5784851d93a2950cVbs is a mail-filter to make attachments unexecutable by replacing the dot in the filename extension of critical attachments with a tilde, so that MUAs won't recognize those attachments anymore as executable. It is implemented as a wrapper for the delivery agent.
0e593fdba33fb611f5cd4ce5e761239c474b21be1468684fcbbc7de6349e6bf0Winfingerprint 225: Advanced remote windows OS detection which does not run under Win 9x. Features the ability to enumerate servers, shares, global groups and users, displays active services, scan network neighborhood, establish null IPC$ sessions, and registry query (currently determines Service Pack Level & Applied Hotfixes).
ae7ee89927e58ab7a222f65d01cf51ba546ce17889f6adfbfb6d1a3cff3b1eb4dsniff is a suite of utilities that are useful for penetration testing. It consists of the following programs: arpredirect intercepts packets from a target host on the LAN intended for another host on the LAN by forging ARP replies. findgw determines the local gateway of an unknown network via passive sniffing. macof floods the local network with random MAC addresses. tcpkill kills specified in-progress TCP connections. dsniff is a powerful sniffer which automatically detects and parses many protocols, only saving the interesting bits. filesnarf saves files sniffed from network file system traffic. mailsnarf outputs all messages sniffed from SMTP traffic in Berkeley mbox format. webspy sends URLs sniffed from a client to your local Netscape browser for display, updated in real-time.
2c83a22007336345ee4a0b4a690b0df387ca6dc1f1c1ac7eb68f04e8465c341cPine v4.10-21 local buffer overflow - drops a gid=mail shell if /usr/bin/pine is SGID. Tested on Debian slink2.1.
7764b61d5684322567f4c2b7d67debaf0db0e2c30bbcecd3de3c2f2533e14b92Zodiac is a portable, extensible and multithreaded DNS tool. It is meant to be used as a DNS packet monitor and DNS protocol test and debuging tool. It's basic features are: sniffing of DNS datagrams on an ethernet device, decoding of all types of DNS packets, including safe decompression (partly finished, SOA record are, for example, not decoded yet), nice display and gui, if you like ncurses and text based frontends, always interactive in all situations through built in command line, threaded and flexible design. Advanced features include: local DNS spoof handler, jizz DNS spoof, exploiting a weakness in old bind implementations, determines jizz-weakness, id-prediction and resolver type remotely, id spoofing, exploiting a weakness in the dns protocol itself, implements some advanced DNS denial of service attacks, including flood, label compression and unres attack, advanced DNS smurf.
87f79104df9555ecf18355d034a721bd7327ecf82037e1e480a0752bb07e3a14
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed