SSH (Secure Shell) Windows Port is a program to log into another computer over a network, to execute commands in a remote machine, and to move files from one machine to another, providing strong authentication and a secure communications over insecure channels.
1c10f86cd298421f103a95d0a4a409ec81be753bee56f50597583959420c25c3
SSH (Secure Shell) is a program to log into another computer over a network, to execute commands in a remote machine, and to move files from one machine to another, providing strong authentication and a secure communications over insecure channels.
0d2e2786422e45bc6fce6457c79843333a996a70dfbccba25fbe09473f68ad0b
MIME Defanger is a flexible MIME e-mail scanner designed to protect Windows clients from viruses and other harmful executables. It works with Sendmail 8.10 / 8.11 and will alter or delete various parts of a MIME message according to a flexible configuration file.
485d03e49b5c70c6c4aa398190b39e5c248e06620003e0718084bc738090c51f
dsniff is a suite of utilities that are useful for penetration testing. It consists of the following programs: arpredirect intercepts packets from a target host on the LAN intended for another host on the LAN by forging ARP replies. findgw determines the local gateway of an unknown network via passive sniffing. macof floods the local network with random MAC addresses. tcpkill kills specified in-progress TCP connections. dsniff is a powerful sniffer which automatically detects and parses many protocols, only saving the interesting bits. filesnarf saves files sniffed from network file system traffic. mailsnarf outputs all messages sniffed from SMTP traffic in Berkeley mbox format. webspy sends URLs sniffed from a client to your local Netscape browser for display, updated in real-time.
24844b9aecb37c603acba7e5d7d54fcb89ac8d2f19c95606476444378b4f46fd
Fyres.c is a spoofing utility for IRC for Linux. Uses the technique popularized by Kevin Mitnick. Commented in French. Uses Libpcap.
ac3eb7401f1641fe67d346fe23822fbf6df18d8fba4832751176794727c927f5
ASMD is a local root backdoor which is a wrapper which can wrap any setuid binary.
df90d44218bdc10526d2dbff5bbc12c3638c4953874da10420d36f57091e36eb
Saint Jude LKM is a Linux Kernel Module for 2.2.0 and greater kernels. This module implements the Saint Jude model for improper privilege transitions. This will permit the discovery of local, and ultimately, remote root exploits during the exploit itself. Once discovered, Saint Jude will terminate the execution, preventing the root exploit from occurring. This is done without checking for attack signatures of known exploits, and thus should work equally well for both known and unknown exploits.
3e8c3b45c5408af069bcf8afd580a27ef66c4ba362fb62e8019194ddb54b3518
How Freebsd.org was hacked - By combining insecurities in two CGI scripts, www.freebsd.org was taken over by Nohican and Frank Van Vliet.
a9d71e318700dd856a56a3d174a9700ea8a3e6f68489a1adb726739dc6089ab0
Crypto-gram for December 15, 2000. In this issue: Voting and Technology, Crypto-Gram Reprints, IBM's New Crypto Mode of Operation, Solution in Search of a Problem: Digital Safe-Deposit Boxes, and New Bank Privacy Regulations.
ff3f1cc0bac61ff3d6e20ab4e727a56aa83079c0f8ff7ab9d5432dd099ba8ad9
Microsoft Security Bulletin (MS00-097) - Microsoft has released a patch that eliminates a security vulnerability in Microsoft Windows Media Server which allows malicious users to degrade the performance of a Windows Media server to the point where it could no longer provide useful service. When a connection to a Windows Media server is made, then severed, using a particular sequence of TCP/IP packets, the Windows Media Unicast Service does not release all of the resources allocated to the connection. When repeatedly making and then severing connections in this manner, malicious users can exhaust the resources of the server. Microsoft FAQ on this issue available here.
613f0a1ea210493f1edac7eb5a50da9377cf301c0cd903f10d888953a7de0f9e
Linux Xsoldier local root buffer overflow exploit. Overflows the -display command line option.
b399b42f07b8641525a5352aaf822e9698210c090495c285cd9fc11af3fdf062
Advanced Office 2000 Password Recovery (professional edition) - Recovers lost passwords for Microsoft Word, Excel, Access, PowerPoint 97, Project, Money, Outlook, Backup, Schedule+, Mail, IE 3, 4, and 5, Visio 4 and 5, and others. All passwords are decrypted instantly except Word/Excel 97/2000 which has strong crypto and is only vulnerable to brute force attack. 30 day trial, although it does not actually expire.
36a029d56d699a3688c129dac53346e12e550312cc228e997b4d90d9939a70cc
IDS/A is an experimental interface between applications and a daemon which functions as system logger, reference monitor, and soon intrusion detection system. IDS/A is not yet complete, but can already be used as system log replacement with extra neat features such as automatic log rotation. It also ships with two example applications which demonstrate how the system can be used to block basic banner grabbing port or CGI scanners.
fa8dbeafaa0e09aaf18815c3c8f399c990d76fe3c94d68b2e9a889a7c19ff34a
Xato Security Advisory XATO-122000-01 - The majority of the command-line SMTP mailers available for Win32-based systems are vulnerable when used to send mail from a web server. The vulnerabilities found allow remote web users to read and/or write to the servers file system, retrieve files from the server's file system as mail attachments, bounce and/or spoof e-mail messages, spam, flood, mail bomb, or otherwise use a server's resources without authorization, bounce off a server to perform port scans, bounce off a server to perform brute-force attacks to POP and/or SMTP accounts, reroute all the mail through an untrusted mail server by changing mailer options, and launch dos attacks against the server or other systems. Vulnerable mailers include BatMail v1.8d, Blat v1.85h, CGIMail v2.5, CLEMAIL v1.3, Comments v1.7, FormVar v1.61, GBMail v2.02, MailForm v1.96, MailMe! v1.6, MailPost v5.1, MailSend v7.15, MailSend v3.18, NetFormDD v2.9, Postie v6, SendFile v1.0, Stalkerlab's Mailers V1.2, WindMail v3.05, WebMailer Pro v1.2, WebMailer Lite v1.2, and wSendmail v1.5.
5778b64953305f37414121c27758dc5965bc40da638cb84c38fd43be55ea05a4
LPRng v3.6.24 and below remote root exploit for Linux/x86 which exploits the syslog() format string vulnerability. Tested against the default install of Redhat 7.0 (LPRng-3.6.24-1) and LPRng3.6.22-1 installed on Slackware 7.0.
711ec9e53d55297ca043c724b126975613590c27a195978efaf80054e1390558
Intrusion Detection Message Exchange Format (IDMEF) XML output plugin for Snort - Produces IDMEF messages in response to events triggering Snort rules. It is configured in a standard Snort configuration file, and can run concurrently with existing Snort logging output.
47be696d8de817eee9d309676ddafdcad0bd15b9991cfc434abf5f7c06d62654
Ipfirewall v3.1 is a script which configures a Unix firewall. Includes compatibility for ipchains, ipfw, ipfwadm, and natd. Designed for linux or BSD.
cf6bdbbe6a015b9b900e4aeabaee56db61c9543a9b63771c185f0f50a5e5da7a
WatchGuard SOHO is an appliance firewall device targeted at small to mid-sized companies that wish to connect their network to the Internet. ISS X-Force discovered the following vulnerabilities in the SOHO Firewall that may allow an attacker to compromise or deny service to the device:
8cc47b08e479f3101cc3f6ca9d94c2fd332658761e4a019a84429b4c8c47abfb
NScan is a very fast portscanner for Windows (up to 200 ports per second) for both hosts and large networks with numerous features: it scans not only address ranges, but also files with host lists (e.g. proxy list, domain zone or old log), writes logs at the different detail levels, has speed limits, pre-defined service sets and so on. It includes a set of additional tools: whois client, that supports automatic information recognition and fetch, has query history and other features; traceroute, that traces all the way to the host at once in one or two seconds, making route discovery tenth times faster; TCP-based DNS client that supports most of the available options, including AXFR zone transfer.
336b6d9ffde4587d851f236b75356d3c8f8df2eb7928cf02a262ba738c03f85b
Saint Jude LKM is a Linux Kernel Module for 2.2.0 and greater kernels. This module implements the Saint Jude model for improper privilege transitions. This will permit the discovery of local, and ultimately, remote root exploits during the exploit itself. Once discovered, Saint Jude will terminate the execution, preventing the root exploit from occurring. This is done without checking for attack signatures of known exploits, and thus should work equally well for both known and unknown exploits.
0a1f1e745c9305728343c29b50726a9384d6f9f0123caec99ec9473b156315fb
Stunnel is a program that allows you to encrypt arbitrary TCP connections inside SSL (Secure Sockets Layer) available on both Unix and Windows. Stunnel can allow you to secure non-SSL aware daemons and protocols (like POP, IMAP, NNTP, LDAP, etc) by having Stunnel provide the encryption, requiring no changes to the daemon's code.
6e5823fa9edd49e61120e42eff0ef519263f3c773f984da6ec77d63e51a183f2
G2S is a smart, all-in-one frontend between client and server applications. It features portability, a robust super-server (inetd) replacement, TCP-wrappers integrated with paranoid DNS checks and support for broken or fake name servers, handy but detailed log files, support for various protocols (raw IP, ICMP, GGP, TCP, EGP, PUP, UDP, RDP), IPv6 compliance, IPv6 to IPv4 gatewaying, and support for RBL maps for automatic spam filtering.
7032acdac4351ce4a81bc1552c9d0244076982c9f5f469cbed77b3c2c5a1affd
Vorpal Mail is an easily configurable but flexible replacement for sendmail, supporting advanced features such as virus scanning, virtual domains, etc.
e5206c70485e446e7bf4a50d9973d709a5ecbd046844b46dfb8e84bc29dae99e
The Secure CGI Library eases the development of C/C++ Web applications using the CGI interface. It's designed with security in mind and can enforce correct limits to avoid common denial-of-service attacks. It can also handle an unlimited number of variables with unlimited content size, and with very fast parsing and hashed lookups.
fb8afc71525fd3a7a7393057d5b7321cfb29ad3cead3d057d120b6cde64db024
unrm is a small linux utility which can, under some circumstances, recover almost 99% of your erased data (similar to DOS's undelete).
c461c5b17f93bf7b8d5f6b731db312a72037b5fd0d83072b98b17ffea9ea3af3