11logger is a small kernel patch, a module and some userspace tools to add SIGSEGV logging and history capabilities to Linux 2.2.x. 11logger is very useful in security auditing and general debugging.
e374ca5391194d5bb5e96d4fafba1751d08411abc60584e65c0c4e7fa7ae14e2
Wu-Ftpd is a portable FTP server.
469a37391346e29ae6abfe3615c03ff579cae5d698ff7611604190596e66d291
Wingate 4.1 Beta A and below allows users with access to read the logs to read any file on the filesystem by encoding the URL with escape codes, bypassing input validation. Includes wgate41a.c, proof of concept code. Fix available here.
d911de7376362eaa57534d66e1363dca6a222e4eac2a3b3c940f8173fb80d190
Crypto-gram for October 15, 2000. In this issue: Semantic Attacks: The Third Wave of Network Attacks, News, Council of Europe Cybercrime Treaty -- Draft, The Doghouse: HSBC, NSA on Security, AES Announced, NSA on AES, and the Privacy Tools Handbook.
7c3f8790fcf1093735c62ec84aa0c538c534313880ca411050db9d2325ac0c88
Tcpdump allows you to dump the traffic on a network. It can be used to print out the headers and/or contents of packets on a network interface that matches a given expression. You can use this tool to track down network problems, to detect many attacks, or to monitor the network activities. Requires Libpcap.
feea77e0e7734c56e23196e2fa8df8984bea08fe5cf699698ddbd514b9ebb51c
Libpcap is a portable packet capture library which is used in many packet sniffers, including Tcpdump.
dbc7ce2471a45a29dd2021db29a6b408bcb824055f027d542e1e778134e780a7
mod_ssl provides provides strong cryptography for the Apache 1.3 webserver via the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1). It is based on the SSL/TLS toolkit OpenSSL and supports all SSL/TLS related functionality, including RSA and DSA/DH cipher support, X.509 CRL checking, etc. Additionally it provides special Apache related facilities like DBM and shared memory based inter-process SSL session caching. per-URL SSL session renegotiations, DSO support, etc.
4b40a2061fbcc2265839f512a0b8aa813d0f7c2e978ce814681cd516fe003949
Pam_watch is a pam module that installs two fifos for each console and allows you to take control by using them. One fifo can be used to read from STDOUT of the user console and the other to write to the STDIN of it. A simple client utility that uses these features is included.
f1c8bc6e4219a3b508b0f55a9550f966332163e29f3571bfde9bd27290868d27
Jumpgate is a TCP connection forwarder that provides many enhancements and improvements over existing programs that do the same thing.
07fa68265e884da03a40e2b5959d084ac6c58a1efb75020bcc7cacca548a1d9b
motion uses a video4linux device as a motion detector. It will make snapshots of the movement it sees, making it usable as an observation or security system. It can send out email, SMS messages, or invoke an external command when detecting motion.
1ae4206500c1447a15f207c40632c247c85a91767f8e327f1a764eb21fe73741
ipchains-firewall is an easily-configurable shell script to establish masquerading and firewalling rules using ipchains. The package contains a script to establish firewalling for a single machine connected to the network without masquerading, a script to establish firewalling for a system acting as a router routing to non-private IP space, a script to establish firewalling and masquerading for a system acting as a router routing to private IP address space, and one to establish firewalling and masquerading for a system acting as a router, routing to multiple RFC1918 subnets over multiple interfaces. The distribution also includes a copy of midentd v1.6, to enable identd over the masqueraded network.
5d4362c8b0d04146e35bf5b931889a8d54acde3887c33b453a5c8caa85075aa9
iptables-firewall, like its older cousin ipchains-firewall, is an easily-configurable shell script to establish NAT and firewalling rules using iptables. The script self-configures out of the box for IP addresses, netmasks, and interfaces. All that is needed is a commandline specification of external and internal interface names. It automatically determines type of firewall to set up (standalone, routing, or NAT) based on interface IP addresses. The distribution also includes a copy of midentd, to enable identd over the masqueraded network.
06f9468af9dd2d8bc1b425969fc36b49b732e5ade37c4074ae2c28b4ae540baa
Snoopy is designed to log all commands executed by providing a transparent wrapper around calls to execve() via LD_PRELOAD. Logging is done via syslogd and written to authpriv, allowing secure offsite logging of activity.
f74e6f6af72d2a400d679d8bc93728cd434905726ea4e09f0fd0c26ba20012b7
Apache is the most popular webserver on the internet.
399b4f0924bcbd989276eabec1a4ae4084d1d18ac9d4f70b42d7731c0f6483ed
OpenPorts is a simple script which can be run as a cron job every 5 minutes, checking the open and listening ports on the local system with netstat. If there is a difference since the last time it was run, an e-mail is sent to the system administrator containing the list of new open ports.
60423aeb267755589f09cad6d8bc6946481531a2e80e144bc472f246a53e4ca8
Iptables is built on top of netfilter: the new packet alteration framework for Linux 2.4. It is an enhancement on ipchains, and is used to control packet filtering, Network Address Translation (masquerading, portforwarding, transparent proxying), and special effects.
21d19a9f48499609176d3b086ef3803a729cb2bba65dffc926a8bfae47afbb94
11logger is a small kernel patch, a module and some userspace tools to add SIGSEGV logging and history capabilities to Linux 2.2.x. 11logger is very useful in security auditing and general debugging.
16a2deda4d7f22cac71d863f6d93c04fc6abe8da405674697924aa3cc2d3ff4b
Hacker Resource
d3373e3085eee17158efbab065b64284edf383a1820f996100892f19c3b732d6
AnalogX 1.1 contains remotely exploitable buffer overflows, as reported in USSR Advisory #29. This perl script will crash the server.
1bdccecd24f11ee629b770cad98d4f87a53a2f4ce8e4179a6711e1acf4e37d8f
GDM local root and/or denial of service attack, tested on Red Hat 6.2. Requires console access.
0152f01fe95821ca442a86d5040d00c6f94af97c5ed3d54f2c0d85ef0541b8d8
secure rm (srm) is a command-line compatible rm(1) which completely destroys file contents before unlinking. The goal is to provide drop in security for users who wish to prevent command line recovery of deleted information, even if the machine is compromised.
f25e260715bd4a2ebcbf96ed0aa7f9a18588ee6b7f47e00811becd149b4e028c
The following problem (as discussed in this paper) has not yet been identified. Certain firewalls today, will not authenticate the validity of certain protocol fields within the packet they are processing. The risk is exposure of information, mainly unique patterns of behavior produced by the probed machines answering our crafted queries. Those patterns will help a malicious computer attacker to identify the operating systems in use. Postscript version available here.
01f95aa24a6313bdb216740349840e313f3e263f418774043ced01d6a4d91d56
Debian Security Advisory - In versions of the PHP 4 packages before version 4.0.3, several format string bugs could allow properly crafted requests to execute code as the user running PHP scripts on the web server.
e031d1ac0242a6c7e919fe15518e47dc9411ec40b6e045152efdfb901bee5c15
Debian Security Advisory - In versions of the PHP 3 packages before version 3.0.17, several format string bugs could allow properly crafted requests to execute code as the user running PHP scripts on the web server, particularly if error logging was enabled.
dd9e1294b5f3f1834b54ecd3f83b50d6ee1121239f0aae1a9014b88f4d4ea474
The nis package that was distributed with Debian GNU/Linux 2.1 has a couple of problems which have been fixed in version 3.5-2. We recommend you upgrade your nis package immediately. Debian security homepage here.
e31ce655c74265d1033cb65a4ab3ff5b2e5a6f8d377f54600b58b8ad993a51f2