Enhancing network security through the use of inexpensive cisco routers. Describes local router security, turning off the routers services, access-lists, dos protection, and more.
d03ff45dc98d26a5101627907163535a5bc7387cf4d3281a0eb76a95e6ecb9ad
Microsoft Security Bulletin (MS00-038) - Patch Available for "Malformed Windows Media Encoder Request" vulnerability. Microsoft has released a patch for a security vulnerability in Windows Media Encoder version 4.0 and 4.1, which ships as a component of the Windows Media Technologies. The vulnerability allows a malicious user to interfere with a digital content provider's ability to supply real-time audio and video broadcasts. Microsoft FAQ on this advisory available here.
657862122d144ac528a9732e1cb0f5ed855bf5f5f70d29c00a977860b3edb78c
The AIX cdmount program allows regular users to mount CD-ROM filesystems. This program is basically a SUID to root wrapper of the mount command. Insecure handling of the arguments to cdmount may allow a local regular user to execute commands as root.
9f59ba46228465abd1d52f3ef05776c0a0c410e98203f09b70608a2f5f6cb353
stream2.c is a remote dos attack which uses ACK packets to consume large amounts of CPU. This DoS targets FreeBSD, Linux, and Solaris.
00e9a352d451a182c3b164b08eb3f0e785601818f7b898a84b811d45891d0ea4
Portfwd is a small C++ utility which forwards incoming TCP connections and/or UDP packets to remote hosts. Multiple forwarders can be specified in a flexible configuration file. There is support for FTP forwarding.
d53d7c34a48fb678eff4e71f3a33ab395c56d1c7b0158c1db09d2cbffaa05c5f
Debauch is a memory allocation debugger for C which has been modified from memleak from the XFree86 project. The debugger will detect memory leaks, corrupted memory, stores to freed memory and more. Best of all, it doesn't require recompiling or relinking existing programs to work, making it ideal for finding leaks even in shared libraries. Currently debauch works on Linux systems. Preliminary ports for BSD, MIPS and Sun architectures are available but may not work properly at present.
3029d16b18ecb4188f8624fd4bc761c7af0eeaa37546c143ab42e6f3dca236a7
Libnet v1.0.1b is an API to help with the construction and handling of network packets. It provides a portable framework for low-level network packet writing and handling (use libnet in conjunction with libpcap and you can write some really cool stuff). Libnet includes packet creation at the IP layer and at the link layer as well as a host of supplementary and complementary functionality.
3ac835ba090ff3efdb3cf22be7ca6c38431b34fa0fd97ab5e0279abb2e6aa7f6
CERT Advisory CA-2000-12 - HHCtrl ActiveX Control allows local files to be executed. The HHCtrl ActiveX control has a serious vulnerability that allows remote intruders to execute arbitrary code, if the intruder can cause a compiled help file (CHM) to be stored "locally." Microsoft has released a security bulletin and a patch for this vulnerability, but the patch does not address all circumstances under which the vulnerability can be exploited. This document discusses additional ways in which this vulnerability can be exploited.
8d64072fcd1d5225daf75a8d9412a0172ca99075fdfc8c2e678d6a8c2ef122e3
ipaudit records network activity. It stores a count of bytes and packets exchanged for every combination of host/port pairs and protocol. It can be signalled after a fixed interval (30 minutes is typical) to output results. It's useful for identifying heavy bandwidth users, intrusive telnet sessions, denial of service attacks, scans, etc. There is also an option (like tcpdump) to save raw packet headers for detailed analysis with packages such as tcpdump or ethereal.
8e99a45673263e045cb03981d4f6dfdb2f3ad000e205834f2923c2f0019f45c7
Life Stages worm .vbs source code. Sets off virus scanners. Archive password is set to p4ssw0rd. Use at your own risk.
89cdf4fd376f0ec61a42005acb5e52f54bec695cda8adf47ba2039200eef9af0
Intact Open Use is a host integrity checking system for Windows 95/98. This is only a 30 day trial. Intact can detect change in the filesystem and registry.
4cf2810673f6b8e0ec16988e8a63d002e0d5952d90749361e6f2904a5ddf8cef
Weekly Newsletter from Help Net Security Issue 18 - 19.06.2000 - Covers weekly roundups of security related events. In this issue: Remote dos attack in NAI pgp certificate server, SmartFTP daemon v0.2 vulnerability, Microsoft revises ms00-035, remote dos attack in AnalogX Simpleserver WWW v1.05, MS00-031 patch re-release, Dragon Server v1.00 and 2.00 remote dos attacks, AOL instant messenger dos. Also linux security techniques, kernel basics, and much more.
370cba453102d1a90e1f04d927c9700faca6b6b3ad60c541ebf6dea08cb96e37
Linux Security Week June 12 - In this issue: Updates are available for the Document Template package, BRU Backup Utility, Kerberos 5, and a bug on FreeBSD/Alpha systems that weakens its encryption. OpenBSD 2.7 is annunced and and the U.S. House gives its "OK" to the digital signature bill.
d3af4c437f7224ecb592716f7973e2c5f6eeb9545d977a4490847348ca8cf0e6
motion uses a video4linux device as a motion detector. It will make snapshots of the movement it sees, making it usable as an observation or security system. It can send out email, SMS messages, or invoke an external command when detecting motion.
180eb595eae21df8fc38fa47ed24dc5f4a9ffc4673821d67aa65aeb364992ade
Debian 2.1 local root exploit - A vulnerability exists in the apcd package shipped with Debian 2.1.
f7ca16d4ea9299fd7aef4c4a72b95848377702b1feeccf9d2d657e4193b25dbe
MailStudio2000 v2.0 and below userreg.cgi exploit - Executes arbitrary commands on remote host as root.mail.
095872ca533dfd3c5443df88fb3daab10038263b301956bf03770b5a5ac72928
SetXConf local root exploit for Corel linux v1.0 with xconf utils.
db447881a66d9c741450d6d7e316b1bb4edd263812be29422ab468e0194719f4
Majordomo local exploit for Suse 6.0 and 6.3. Tested against Majordomo Wrapper <= v1.94.5.
312f4fcbf45535494f8a44755293ca6e8bc7842547f4c8e7aa00445f3d859041
SSH (Secure Shell) Windows Port is a program to log into another computer over a network, to execute commands in a remote machine, and to move files from one machine to another, providing strong authentication and a secure communications over insecure channels.
9086e00c98cc755dca63755c3eb1eb211bfeb07f77b8d7755f4239f67d512ab2
SSH (Secure Shell) is a program to log into another computer over a network, to execute commands in a remote machine, and to move files from one machine to another, providing strong authentication and a secure communications over insecure channels.
2eed3b75a12f7cdfaa9f8ea85b5399fc1cd4ac5e88192c9a5784851d93a2950c
Vbs is a mail-filter to make attachments unexecutable by replacing the dot in the filename extension of critical attachments with a tilde, so that MUAs won't recognize those attachments anymore as executable. It is implemented as a wrapper for the delivery agent.
0e593fdba33fb611f5cd4ce5e761239c474b21be1468684fcbbc7de6349e6bf0
Winfingerprint 225: Advanced remote windows OS detection which does not run under Win 9x. Features the ability to enumerate servers, shares, global groups and users, displays active services, scan network neighborhood, establish null IPC$ sessions, and registry query (currently determines Service Pack Level & Applied Hotfixes).
ae7ee89927e58ab7a222f65d01cf51ba546ce17889f6adfbfb6d1a3cff3b1eb4
dsniff is a suite of utilities that are useful for penetration testing. It consists of the following programs: arpredirect intercepts packets from a target host on the LAN intended for another host on the LAN by forging ARP replies. findgw determines the local gateway of an unknown network via passive sniffing. macof floods the local network with random MAC addresses. tcpkill kills specified in-progress TCP connections. dsniff is a powerful sniffer which automatically detects and parses many protocols, only saving the interesting bits. filesnarf saves files sniffed from network file system traffic. mailsnarf outputs all messages sniffed from SMTP traffic in Berkeley mbox format. webspy sends URLs sniffed from a client to your local Netscape browser for display, updated in real-time.
2c83a22007336345ee4a0b4a690b0df387ca6dc1f1c1ac7eb68f04e8465c341c
Pine v4.10-21 local buffer overflow - drops a gid=mail shell if /usr/bin/pine is SGID. Tested on Debian slink2.1.
7764b61d5684322567f4c2b7d67debaf0db0e2c30bbcecd3de3c2f2533e14b92
Zodiac is a portable, extensible and multithreaded DNS tool. It is meant to be used as a DNS packet monitor and DNS protocol test and debuging tool. It's basic features are: sniffing of DNS datagrams on an ethernet device, decoding of all types of DNS packets, including safe decompression (partly finished, SOA record are, for example, not decoded yet), nice display and gui, if you like ncurses and text based frontends, always interactive in all situations through built in command line, threaded and flexible design. Advanced features include: local DNS spoof handler, jizz DNS spoof, exploiting a weakness in old bind implementations, determines jizz-weakness, id-prediction and resolver type remotely, id spoofing, exploiting a weakness in the dns protocol itself, implements some advanced DNS denial of service attacks, including flood, label compression and unres attack, advanced DNS smurf.
87f79104df9555ecf18355d034a721bd7327ecf82037e1e480a0752bb07e3a14