what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 23 of 23 RSS Feed

Files Date: 2002-02-19 to 2002-02-20

Posted Feb 19, 2002
Authored by Thomas Linden | Site nabou.org

nabou is a Perl script which can be used to monitor changes to your system. It provides file integrity checking, and can also watch crontabs, suid files and user accounts for changes. It stores all data in standard dbm databases.

Changes: Fixed some major bugs.
tags | tool, perl, intrusion detection
systems | unix
SHA-256 | 019b0c4dee7550c6cd0751b626165a3f55bc4f61a5fa7c5625819d3ea3b8b49a
AIDE 0.8
Posted Feb 19, 2002
Authored by Rami Lehti | Site aide.github.io

AIDE (Advanced Intrusion Detection Environment) is a free replacement for Tripwire(tm). It generates a database that can be used to check the integrity of files on server. It uses regular expressions for determining which files get added to the database. You can use several message digest algorithms to ensure that the files have not been tampered with.

Changes: Lots of bugs were fixed! A syslog backend was added. The report format was changed. Lots of parameters were added. ACL support for SunOS 5.x (and compatibles) was added. libgcrypt is now separate and required.
tags | tool, intrusion detection
systems | unix
SHA-256 | 5dee27d47207ca133a301e18c0c59bdc2abb08a2b906b1261ed19d9c6c13340f
Posted Feb 19, 2002
Site sourceforge.net

IP Accounter is an IP accounting package for Linux. It collects, summarizes, and nicely displays IP accounting data. Its output can be a simple ASCII table, or graph images. Ipchains and iptables are supported. Logs are stored in files, gdbm, or even a PostgreSQL database.

Changes: The Ipchains.c inversion flag setup was fixed. Minor changes were made to the Web interface. Fetchipac.c was changed to improve fetching/cache checking speed. Fetchipac.c was changed to correctly operate with monthly payments. Ipacsum was fixed to correctly operate with incorrect or empty timeframes. The PostgreSQL access method was changed to correctly operate with loan/negative cash. Minor fixes were made to Iptables.c.
systems | linux
SHA-256 | 53d7f202df6fa533fc715c38574675eadbdeca3a0da22b676bbee3cf54363162
Samhain File Integrity Checker
Posted Feb 19, 2002
Authored by Rainer Wichmann | Site samhain.sourceforge.net

Samhain is a file system integrity checker that can be used as a client/server application for centralized monitoring of networked hosts. Databases and configuration files can be stored on the server. In addition to forwarding reports to the log server via authenticated TCP/IP connections, several other logging facilities (e-mail, console, tamper-resistant log file, and syslog) are available. Tested on Linux, AIX 4.1, HP-UX 10.20, Unixware 7.1.0, and Solaris 2.6.

Changes: Fixes a bug that on some machines caused the daemon to abort immediately after startup. Also a bug has been fixed that caused unnecessary device access by erroneously following symlinks to devices.
tags | tool, tcp, intrusion detection
systems | linux, unix, solaris, aix, hpux, unixware
SHA-256 | 57915adfc75ee9222a4ef5b77baf86b7129924b58636c1b09870321da5661fc8
Posted Feb 19, 2002
Site people.ee.ethz.ch

Snort-rep is a Snort reporting tool that can produce text or HTML output from a syslog snort log file. It is intended to be used for daily e-mail reports to the system administrators. If snort v1.8+ is used, all reports contain priority information, and the HTML output contains direct links to the IDS descriptions of whitehats.com.

Changes: The syslog parser was updated - This version is compatible with snort 1.8.3.
tags | tool, sniffer
SHA-256 | 44f8754a53bd1c55c9085fec01fe3be5f8a6c13d2fa786514054627fc6cad946
Posted Feb 19, 2002
Authored by Bjarni R. Einarsson | Site mailtools.anomy.net

The Anomy mail sanitizer is a filter designed to block email-based attacks such as trojans and viruses. It reads an RFC822 or MIME message and removes or renames attachments, truncate unusually long MIME header fields and sanitizes HTML by disabling Javascript and Java. It uses a single-pass pure Perl MIME parser, which can make it both more efficient and more precise than other similar programs and has built-in support for third-party virus scanners.

Changes: Includes workarounds for problems regarding how Outlook detects uuencoded attachments, protection against the Outlook "hidden attachment" exploit (caused by carriage returns in message headers), a few other bugfixes, and a more powerful attachment policy language. The HTML cleanup module is available as a seperate package for users and developers of other security tools.
tags | trojan, perl, javascript, virus
systems | unix
SHA-256 | 448ebf7e7ba5a70a0fb1c549472d2079623c957c7c24895c5661cdc5660255d1
Posted Feb 19, 2002
Authored by Tomas Junnonen | Site firestarter.sourceforge.net

The goal of FireStarter is to provide an easy to use, yet powerful, GUI tool for setting up, administrating and monitoring firewalls for Linux machines. FireStarter is made for the GNOME desktop. It can actively monitor your firewall and list any unauthorized connection attempts made to your machine in a readable table format.

Changes: Port forwarding fixes, script backups (when upgrading), translation updates, and misc. fixes.
tags | tool, firewall
systems | linux
SHA-256 | 50c3bb56fe3aac1cb63f0bde11be2dcb177d034c174ffeb77b23b6df9619e97f
Posted Feb 19, 2002
Authored by Dianne Skoll | Site roaringpenguin.com

MIME Defanger is a flexible MIME e-mail scanner designed to protect Windows clients from viruses and other harmful executables. It works with Sendmail 8.11 / 8.12 and will alter or delete various parts of a MIME message according to a flexible configuration file.

Changes: Embedded CRs in mail headers are now properly handled. Emulating the Outlook bug turns out to be the wrong thing to do - version 2.5 handles malformed mail headers much better.
systems | windows, unix
SHA-256 | 71296584b2f196f5e90a35058fa920d1088fc2ff8c46c80919e6749385126716
Posted Feb 19, 2002
Authored by Marcos A. Ferreira Jr. | Site aristelecom.com.br

Outlook Web Access v5.5 SP4 and below contains a vulnerability which allows remote users to view files in the directory /lib. Several files can be viewed.

tags | remote, web
SHA-256 | 8c7dc9af27e85a64ba81631abf2529c58b7a940d065c1225988bae3eeb1a932e
Posted Feb 19, 2002
Authored by Alex Hernandez

The Phusion Webserver v1.0 for Windows 9x/NT/2000 contains three remote vulnerabilities which allow users to see and retrieve any file on the server. Exploit information included.

tags | exploit, remote, vulnerability
systems | windows
SHA-256 | 803f44e633274876ffbcfb29b2146327c1f1601a0dfad1a62a327fe9914c10b2
Posted Feb 19, 2002
Authored by Mike Ellison | Site tek.net

Win32 port of RATS v1.3, a security auditing utility for C, C++, Python, Perl and PHP code. Source available on homepage. Added recursive directory scanning while porting.

tags | perl, php, python
systems | windows
SHA-256 | 6cd4590bbf81dfb9a02353d40417f518f8b432a5d29fa31ef218ffa0e478d1c6
Posted Feb 19, 2002

Microsoft Security Advisory MS02-006 - A buffer overrun is present in all implementations of Microsoft SNMP services. Sending a malformed management request to a system running an affected version of the SNMP service, an attacker can execute code of his choice in the LocalSystem context or cause denial of service. A patch is under development to eliminate the vulnerability. In the meantime, Microsoft recommends that customers who use the SNMP service disable it. Microsoft FAQ on this issue available here.

tags | denial of service, overflow
SHA-256 | 7304dc6744937a8448ea65ff5c97d203fcd636643ccba425a0f43e66c631932f
Posted Feb 19, 2002

Microsoft Security Advisory MS02-005 - A cumulative patch for IE 5.01, 5.5, and 6.0 is available which fixes six security vulnerabilities. Several of them are very serious. Microsoft FAQ on this issue available here.

tags | vulnerability
SHA-256 | 9b54f193cdc4f9515a07af66bb266947fd08b7e3b1aeb50eb5602e169c5e760c
Posted Feb 19, 2002

Patch against samba 2.2.2 which allows mounting of unpatched win 9x+me machines without knowing the password. There is an option to retrieve the password very quickly too, and another to switch between the two password if both read only and read-write ones are presents.

tags | patch
systems | unix
SHA-256 | abb2ee0f8ddd2bad2811f283572a75c9f79c45d05546be94f9919f5d6ec132ae
Posted Feb 19, 2002
Authored by Mixter | Site 1337.tsx.org

NSAT (Network Security Analysis Tool) is a fast, stable bulk security scanner designed to audit remote network services and check for versions, security problems, gather information about the servers and the machine and much more. Unlike many other auditing tools, it can collect information about services independently of vulnerabilities, which makes it "timeless", meaning it doesn't depend on frequent updates as new vulnerabilities are found.

Changes: Added better remote OS detection (xprobe), added support for separate directory logging, greatly enhanced reliability when scanning firewalled or unresponsive hosts.
tags | tool, remote, scanner, vulnerability
systems | unix
SHA-256 | f229b7ddb5745a46d6b3ba6917503f79c7fde08d0df8fb0fb1473e5ab06b17fc
Posted Feb 19, 2002
Authored by Robin Keir | Site foundstone.com

SNScan v1.04 is a Windows GUI SNMP detection utility that can quickly and accurately identify SNMP enabled devices on a network. This utility can effectively indicate devices that are potentially vulnerable to SNMP related security threats. SNScan allows for the scanning of SNMP specific ports (e.g. UDP 161, 193, 391 and 1993) and the use of standard (i.e. "public") and non-standard (i.e. user-defined) SNMP community names. User defined community names may be used to more effectively evaluate the presence of SNMP enabled devices in more complex networks.

tags | udp
systems | windows
SHA-256 | 25db527b88761f7b1fe8253afd030667ba1828c7602d33bfc118f16416509e9a
Posted Feb 19, 2002
Authored by Efrain Torres | Site pwp.007mundo.com

Wmap v1.2 is a cgi scanner that attempts to be smarter than most. To increase the chance of finding useful stuff, wmap has a file containing interesting Directories (dirs.db) and other file containing common cgi dirs (dircgis.db) to search for. If a directory is found is added to the test. This include all the directories that are found in the html tags. For each directory found, not only scans for vulnerable CGI's (cgis.db) it scan for interesting files (ex. passwords.tmp) included in the file (file.db) and does an http PUT scan.

tags | web, cgi
systems | unix
SHA-256 | 9401723e6a8fa8cef94bcdef5cc3e81baf2fd849c83c526c353df37664fcb743
Posted Feb 19, 2002
Authored by uid0x00

Avirt Gateway 4.2 remote exploit.

tags | exploit, remote
SHA-256 | c7c71b607fa45cf484a658d01ea6310238e1dd14cda3695bca1c9028168cf405
Posted Feb 19, 2002
Authored by FJ Serna | Site ngsec.com

Ettercap v0.6.3.1 and below advisory and remote root exploit against Linux. Due to improper use of the memcpy() function, anyone can crash ettercap and execute code as root user.

tags | exploit, remote, root
systems | linux
SHA-256 | 0707e613e12873f42925d43ba22b3e2a53a3329febbdea8c7110ba8cc31f4e41
Posted Feb 19, 2002
Authored by Joe Wulf

Zlister is a UNIX system administration tool designed to provide comprehensive filesystem management. The complete filesystem is listed, compressed, diff'd with the previous set and stored for reference. Time-saving tool, designed to quickly list the details of any file/directory, or of any pattern searched for. Provides comprehensive tool for filesystem searching. Supported with copious documentation. Tested on Solaris, HP/UX, and Linux.

systems | linux, unix, solaris, hpux
SHA-256 | 833b6bce344a81b6b54db7a0118b83bbf591c2b1bb6c0681c7a94eabc3daa706
Posted Feb 19, 2002
Authored by jaguar

This is a kernel patch to prevent stealth, fin, and rst scans. Also slows down the tcp connect scan. Tested on debian potato running 2.4.16. Tested with nmap and queso - Changes OS fingerprint.

tags | kernel, tcp, patch
systems | linux, unix, debian
SHA-256 | 34dc5fef83c2a347dc0f9e61a28b304f44dd7ead8a44a36b2bf875b32880c4a0
Posted Feb 19, 2002
Authored by Valgasu | Site securiteinfo.com

Domino Hash Breaker v1.0 is a tool that tries to guess a Lotus Domino HTTP password from his hash and a dictionary file. It needs Lotus Notes R5 client installation and nnotes.dll.

tags | web, cracker
SHA-256 | 6ffe6b4d13ef659fc146b7ce4167173e4c037d1dc3cf2705bafc99210557c714
Posted Feb 19, 2002
Authored by Alberto Ornaghi, Marco Valleri | Site ettercap.sourceforge.net

Ettercap is a network sniffer/interceptor/logger for switched LANs. It uses ARP poisoning and the man-in-the-middle technique to sniff all the connections between two hosts. Features character injection in an established connection - you can inject characters to server (emulating commands) or to client (emulating replies) while maintaining an established TCP connection! Integrated into a easy-to-use and powerful ncurses interface.

tags | tool, sniffer, tcp
SHA-256 | 2e5e1b6e1ccae2dd9cb8c61834b5261e022625336f213b52edcf49bc2ce2ca60
Page 1 of 1

File Archive:

September 2023

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    2 Files
  • 2
    Sep 2nd
    21 Files
  • 3
    Sep 3rd
    0 Files
  • 4
    Sep 4th
    17 Files
  • 5
    Sep 5th
    34 Files
  • 6
    Sep 6th
    29 Files
  • 7
    Sep 7th
    11 Files
  • 8
    Sep 8th
    25 Files
  • 9
    Sep 9th
    0 Files
  • 10
    Sep 10th
    0 Files
  • 11
    Sep 11th
    26 Files
  • 12
    Sep 12th
    23 Files
  • 13
    Sep 13th
    17 Files
  • 14
    Sep 14th
    22 Files
  • 15
    Sep 15th
    16 Files
  • 16
    Sep 16th
    0 Files
  • 17
    Sep 17th
    0 Files
  • 18
    Sep 18th
    19 Files
  • 19
    Sep 19th
    60 Files
  • 20
    Sep 20th
    23 Files
  • 21
    Sep 21st
    15 Files
  • 22
    Sep 22nd
    8 Files
  • 23
    Sep 23rd
    0 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    17 Files
  • 26
    Sep 26th
    3 Files
  • 27
    Sep 27th
    13 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags


packet storm

© 2022 Packet Storm. All rights reserved.

Security Services
Hosting By