Defcom Labs Advisory def-2001-02 - IBM WebSphere 3.52 (IBM HTTP Server 1.3.12) for Windows NT has a memory leak which can be used as a remote denial of service attack. Workaround included.
c30b6f1e3f9eb32c68a980352c0665fac96d69038b54eff6607fd86a46d507e7HP-UX v11.00 /bin/cu local buffer overflow exploit - Exploits the -l option. Provides a uid=bin shell.
4eb65814f18d048afcb2595ba4538c73bdf060588b077aeaa9201aff06040d45Footprinting FAQ - How to remotely determine the network addresses of a company.
11315b4ad2af74774d05a420c527242bff6ad16c8cc94551ee6f13e1b5b14c44Weekly Newsletter from Help Net Security - Covers weekly roundups of security events that were in the News the past week. In this issue: CPS-2 Encryption Broken, and more.
efd46439ec5d59eaf5630b46468e19c40b555e499bc324665677ffd6d955a7d2iptables is the new packet alteration framework (firewall utility) for Linux 2.4. It is an enhancement on ipchains, and is used to control packet filtering, Network Address Translation (masquerading, port forwarding, transparent proxying), and special effects.
424f666dc4060b83dec77d7e5a13b381ee2e7d7c8731ed52d4ee5509e3815197redir-httpd is an ultra-minimalist, non-RFC-compliant HTTP server that will ONLY issue redirects to another site. It's good for running on home systems that have permanent connectivity (i.e. DSL and cable-modem subscribers). It should be short enough to be easily understood (and thus audited for potential security issues), and still fairly robust.
f9d88a4cd09ef7c39dc3301fb37e374a6aa58d621506ed6948a2aef19eb42d95Flitz is a DDOS tool which features spoofed ip/tcp/udp flood, flooding in parallel, distributed smurf attack and status report of the slave. With one stop command, you can stop all the slaves at once.
9346b94e8f0ca0ba742335190ffba0de3a9812e72964aefb7757767c7f553e0fWu-ftpd 2.6.0 mass scanner.
aa2dc9d24e9555a64b9794199e3fb1801e88083d39017b468c5588cbcd4b3c41GNU tar follows symlinks blindly, a problem if you untar as root.
941d4baa8400f1fbed234f9bd2533ce2860e8137e6ad91ba30b49a049594c4f6Redhat rpc.statdx mass exploit - scans for vulnerable hosts and implants a bindshell.
1b45bfc55a0f485af901ce8bd6d9f5e43c1bd304911f3aba1fa66a0b50409fd0IPA is highly configurable IP accounting software for Free and Open BSD. It allows to make IP accounting based on IP Firewall and/or IP Filter accounting rules. In most cases IP Accounting Daemon is run on public servers, software routers, etc. It uses powerful IP Firewall and/or IP Filter accounting rules and based on its configuration allows to escape from writing scripts to manage network accounting.
563b0649befc9c9aa73a5dc18205c7cefadacb7078a25a04e71219dd156f6b8fNetsed v0.01b brings sed functionality to the network layer, allowing you to change the contents of packets traveling through your network on the fly and in a completely transparent manner. It features basic expressions and dynamic filtering, and cooperates with ipfwadm/ipchains transparent proxy rules to pick specific packets.
a04f6b235d787b1efd96ecdb398e6c8456301dbf965840e6fcbad36c68372dceauditd is part of the Linux Kernel Auditing Facility (KAD). It will capture auditing trails created by the kernel auditing facility from /proc/audit, filter them, and save them in specific log files. Either a kernel patch or loadable module must be installed for the daemon to be useful, both of which are included.
6c5c09a62ccddf426fb43c09643ad20d8cd4c7c49e0c9348d53259249bcbb305fwlogwatch analyzes the ipchains, netfilter, or iptables packet filter logfiles and generates text and HTML summaries. Features realtime anomaly alerting capability, an interactive report generator, and the ability to cut off attacks by adding firewall rules.
05ef7d6d6322de7a8721e7a368a05759a63e3ae1beed75f0f8794322abd7243eLogtool is a syslog file parser, report generator, and monitoring utility. It takes syslog (and syslog compatible) logfiles as input from stdin, and depending on command line switches and/or config file settings, will parse and filter out unwanted messages from the logfile accordingly, and generate output in ANSI color, formatted ASCII, CSV (for spreadsheets), or HTML format. It is very handy for use in automated nightly reports, and online monitoring of logfile activity. It comes with some simple example scripts and documentation.
51269d444ab0a4ca6c3fb0275db05ab7bf72991eb58b375b908cb07b99386e25Knetfilter is a KDE gui application designed to manage the netfilter functionalities that will come with the new kernel 2.4.x. In Principal, all standard firewall system administration activities can be done just using knetfilter. But there is not just a GUI to iptables command line, it is possible also some monitoring via a tcpdump interface.
4a732257225576206dbb9a67e2f9818f0f814b0e9e93ea2d122c0620a53bd98dSubNetwork Explorer is a network scanning tool that checks subnets of a network for anonymous FTP, CUPS, Netbios, and SunRPC ports. It uses 'fork()' to scan all of the subnets at the same time.
128526167796733d82ded38f9d72649acd500dee160a084d02f60c3e62710b6dScowl_Cgi is a CGI scanner which allows you to easily add new bugs. Works very fast, using threads. Warns you, for hosts that return false positive answers. Freeware. Testing for more than 400 bugs.
3c2489aa464072e14d2a051c4ce5476847a64d748ee51638a23a002ef3fcc14cSnort is an open source network intrusion detection system, capable of performing real-time traffic analysis and packet logging on IP networks. It can perform protocol analysis, content searching/matching and can be used to detect a variety of attacks and probes, such as buffer overflows, stealth port scans, CGI attacks, SMB probes, OS fingerprinting attempts, and much more. Includes real time alerting, incorporating alerting mechanisms for syslog, a user specified file, a UNIX socket, or WinPopup messages via smbclient.
2a72cc7462f8f3ac5397dd54fb59090a5f1fa15f2e5eb2e2480628c58264cbb8Fastgraf's whois.cgi perl script lacks meta character checking, allowing remote users to execute arbitrary commands as uid of the webserver.
5abaa53a2c6a8bbe911a2c4851d96061e1ccfb4c69892c8acb5e5a3ac920d6edTestdisk can undelete deleted partitions! Source version. Works well in linux.
e817e1b981cc9f995b363c55f7d3e16ed570dccc3077643a057e77d7607229e6Testdisk can undelete deleted partitions! Windows / DOS version.
387599a5fad7cdeb8c05fb466ff545bbf5166551cadbd0d85a3d7b00de6bb3c9Examining port scan methods - Analyzing Audible Techniques. This paper attempts to enumerate a variety of ways to discover and map internal/external networks using signature-based packet replies and known protocol responses when scanning. Specifically, this document presents all known techniques used to determine open/closed ports on a host and ways an attacker may identify the network services running on arbitrary servers. Text version available here.
22abdfcab10f441e0501420efec15d503b45b165a5be82400b3e1e96c014b32cExamining port scan methods - Analyzing Audible Techniques. This paper attempts to enumerate a variety of ways to discover and map internal/external networks using signature-based packet replies and known protocol responses when scanning. Specifically, this document presents all known techniques used to determine open/closed ports on a host and ways an attacker may identify the network services running on arbitrary servers.
4fd4b2bbef21c64d1c9c2fdebd6a48b8ea628ca311becdf898a6cf1dbfc00282Security Auditor's Research Assistant (SARA) is a security analysis tool based on the SATAN model. It is updated twice a month to address the latest threats. Checks for common old holes, backdoors, trust relationships, default cgi, common logins, open shares, and much more.
b4ff5819022353d41c4cc683902ca0a4853738cb2b8420b83eb2e87b08f0c370
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed