SecurityFocus Linux Newsletter #201
------------------------------------
This Issue is Sponsored By: SecurityFocus
Want to keep up on the latest security vulnerabilities? Don't have time to
visit a myriad of mailing lists and websites to read the news? Just add the
new SecurityFocus RSS feeds to your freeware RSS reader, and see all the
latest posts for Bugtraq and the SF Vulnernability database in one
convenient place. Or, pull in the latest news, columnists and feature
articles in the SecurityFocus aggregated news feed, and stay on top of
what's happening in the community!
I. FRONT AND CENTER
1. Metasploit Framework, Part 3
2. I Spy With My Little Eye
II. LINUX VULNERABILITY SUMMARY
1. Fujitsu-Siemens ServerView Insecure Permissions Vulnerabilit...
2. Call of Duty Remote Denial of Service Vulnerability
3. MPG123 Remote Stereo Boundary Buffer Overflow Vulnerability
4. Webmin / Usermin HTML Email Command Execution Vulnerability
5. Ulrik Petersen Emdros Database Engine Denial Of Service Vuln...
6. OpenOffice/StarOffice Local File Disclosure Vulnerability
III. LINUX FOCUS LIST SUMMARY
1. rooted ? (Thread)
2. redhat patch problem? (Thread)
IV. NEW PRODUCTS FOR LINUX PLATFORMS
1. Cyber-Ark Inter-Business Vault
2. EnCase Forensic Edition
3. KeyGhost SX
4. SafeKit
5. Astaro Linux Firewall
6. CAT Cellular Authentication Token and eAuthentication Servic...
V. NEW TOOLS FOR LINUX PLATFORMS
1. Nmap v3.70
2. THC-Hydra v4.3
3. Pads 1.1
4. cenfw 0.3b
5. Firewall Builder 2.0
6. Lepton's Crack 20031130
VI. UNSUBSCRIBE INSTRUCTIONS
VII. SPONSOR INFORMATION
I. FRONT AND CENTER
-------------------
1. Metasploit Framework, Part 2
By Pukhraj Singh and K.K. Mookhey
This third and final article in the Metasploit series covers the msfcli
scripting interface as well as the intuitive web interface to the
Framework. The article also discusses what's new with version 2.2, and then
introduces the exploit development process through an example.
http://www.securityfocus.com/infocus/1800
2. I Spy With My Little Eye
By Mark Rasch
Forget Congress' myopic efforts to outlaw spyware. What we really need is
better enforcement of existing computer crime laws.
http://www.securityfocus.com/columnists/266
II. LINUX VULNERABILITY SUMMARY
-------------------------------
1. Fujitsu-Siemens ServerView Insecure Permissions Vulnerabilit...
BugTraq ID: 11114
Remote: No
Date Published: Sep 06 2004
Relevant URL: http://www.securityfocus.com/bid/11114
Summary:
It has been reported that local, unprivileged users may corrupt the SNMP MIB and, possibly, other sensitive system components. This is reportedly due to insecure permissions set on file "/usr/share/snmp/mibs/.index", which specifies the location of files used to build the MIB tree.
2. Call of Duty Remote Denial of Service Vulnerability
BugTraq ID: 11119
Remote: Yes
Date Published: Sep 06 2004
Relevant URL: http://www.securityfocus.com/bid/11119
Summary:
It has been reported that it is possible for a remote attacker to immediately terminate instances of Call of Duty on target systems. This can be accomplished by sending a large (> 1024 bytes) query or response to the target.
Both the client and server are affected.
3. MPG123 Remote Stereo Boundary Buffer Overflow Vulnerability
BugTraq ID: 11121
Remote: Yes
Date Published: Sep 07 2004
Relevant URL: http://www.securityfocus.com/bid/11121
Summary:
Reportedly mpg123 is affected by a remote stereo boundary buffer overflow vulnerability. This issue is due to a failure of the application to properly validate user-supplied string sizes prior to copying them into process buffers.
This issue will allow a malicious user to manipulate process memory ultimately leading to arbitrary code execution in the context of the user that started the vulnerable application.
4. Webmin / Usermin HTML Email Command Execution Vulnerability
BugTraq ID: 11122
Remote: Yes
Date Published: Sep 07 2004
Relevant URL: http://www.securityfocus.com/bid/11122
Summary:
Webmin / Usermin are reportedly affected by a command execution vulnerability when rendering HTML email messages. This issue is due to a failure to sanitize HTML email messages and may allow an attacker to execute arbitrary commands on a vulnerable computer.
This issue is reported to affect Usermin versions 1.080 and prior.
5. Ulrik Petersen Emdros Database Engine Denial Of Service Vuln...
BugTraq ID: 11143
Remote: Yes
Date Published: Sep 08 2004
Relevant URL: http://www.securityfocus.com/bid/11143
Summary:
It is reported that Emdros is prone to a denial of service vulnerability, due to a memory leak while running as a daemon.
This vulnerability is present in the 'mql' process. This process contains a memory leak, and if it is run as a daemon, a remote attacker has the ability to consume all available memory until the process crashes.
Versions prior to 1.1.20 are reported susceptible to this vulnerability.
6. OpenOffice/StarOffice Local File Disclosure Vulnerability
BugTraq ID: 11151
Remote: No
Date Published: Sep 10 2004
Relevant URL: http://www.securityfocus.com/bid/11151
Summary:
StarOffice and OpenOffice are reported prone to a local file disclosure vulnerability. This issue presents itself because the application creates insecure temporary files. Each time a user saves a file, a compressed copy of the file is saved in a temporary direcotry. This can allow a local attacker to disclose files of other users.
OpenOffice 1.1.2 and StarOffice 7.0 are reported prone to this vulnerability.
III. LINUX FOCUS LIST SUMMARY
-----------------------------
1. rooted ? (Thread)
Relevant URL:
http://www.securityfocus.com/archive/91/375114
2. redhat patch problem? (Thread)
Relevant URL:
http://www.securityfocus.com/archive/91/374675
IV. NEW PRODUCTS FOR LINUX PLATFORMS
------------------------------------
1. Cyber-Ark Inter-Business Vault
By: Cyber-Ark
Platforms: Linux, Windows 2000, Windows NT, Windows XP
Relevant URL: http://www.cyber-ark.com/datasecuritysoftware/inter-business_vault.htm
Summary:
Based on Cyber-Ark Software's Vaulting Technology, the Inter-Business Vault, an information security solution that enables organizations to safely overcome traditional network boundaries in order to securely share business information among customers, business partners, and remote branches. It provides a seamless, LAN-like experience over the Internet that includes all the security, performance, accessibility, and ease of administration required to allow organizations to share everyday information worldwide. To learn more about these core attributes of the Inter-Business Vault click on the relevant link below:
2. EnCase Forensic Edition
By: Guidance Software Inc.
Platforms: DOS, FreeBSD, Linux, MacOS, NetBSD, OpenBSD, PalmOS, Solaris, UNIX, Windows 2000, Windows 95/98, Windows NT, Windows XP
Relevant URL: http://www.guidancesoftware.com/products/EnCaseForensic/index.shtm
Summary:
EnCase Forensic Edition Version 4 delivers the most advanced features for computer forensics and investigations. With an intuitive GUI and superior performance, EnCase Version 4 provides investigators with the tools to conduct large-scale and complex investigations with accuracy and efficiency. Guidance Software?s award winning solution yields completely non-invasive computer forensic investigations while allowing examiners to easily manage large volumes of computer evidence and view all relevant files, including "deleted" files, file slack and unallocated space.
The integrated functionality of EnCase allows the examiner to perform all functions of the computer forensic investigation process. EnCase's EnScript, a powerful macro-programming language and API included within EnCase, allows investigators to build customized and reusable forensic scripts.
3. KeyGhost SX
By: KeyGhost Ltd
Platforms: BeOS, DOS, Linux, OS/2, Solaris, SunOS, Windows 2000, Windows 95/98, Windows NT, Windows XP
Relevant URL: http://www.keyghost.com/SX/
Summary:
KeyGhost SX discreetly captures and records all keystrokes typed, including chat conversations, email, word processor, or even activity within an accounting or specialist system. It is completely undetectable by software scanners and provides you with one of the most powerful stealth surveillance applications offered anywhere.
Because KeyGhost uses STRONG 128-Bit encryption to store the recorded data in it?s own internal memory (not on the hard drive), it is impossible for a network intruder to gain access to any sensitive data stored within the device.
4. SafeKit
By: Evidian Inc.
Platforms: AIX, HP-UX, Linux, Solaris, Windows 2000
Relevant URL: http://www.evidian.com/safekit/index.htm
Summary:
Evidian's SafeKit technology makes it possible to render any application available 24 hours per day. With no extra hardware: just use your existing servers and install this software-only solution.
This provides ultimate scalability. As your needs grow, all you need to do is add more standard servers into the cluster. With the load balancing features of SafeKit, you can distribute applications over multiple servers. If one system fails completely, the others will continue to serve your users.
5. Astaro Linux Firewall
By: Astaro
Platforms: Linux
Relevant URL: http://www.astaro.com/php/statics.php?action=asl&lang=gb
Summary:
Astaro Linux Firewall: All-in-one firewall, virus protection, content filtering and spam protection internet security software package for Linux.
Free download for home users.
6. CAT Cellular Authentication Token and eAuthentication Servic...
By: Mega AS Consulting Ltd
Platforms: Java, Linux, OpenBSD, Os Independent, SecureBSD, Solaris, UNIX, Windows 2000, Windows NT
Relevant URL: http://www.megaas.co.nz
Summary:
Low cost, easy to use Two Factor Authentication One Time Password token using the Cellular. Does not use SMS or communication, manages multiple OTP accounts - new technology. For any business that want a safer access to its Internet Services. More information at our site.
We also provide eAuthentication service for businesses that will not buy an Authentication product but would prefer to pay a monthly charge for authentication services from our our CAT Server.
V. NEW TOOLS FOR LINUX PLATFORMS
--------------------------------
1. Nmap v3.70
By: Fyodor
Relevant URL: http://www.insecure.org/nmap/
Platforms: AIX, BSDI, FreeBSD, HP-UX, IRIX, Linux, NetBSD, OpenBSD, Solaris, SunOS, UNIX
Summary:
Nmap is a utility for port scanning large networks, although it works fine for single hosts. Sometimes you need speed, other times you may need stealth. In some cases, bypassing firewalls may be required. Not to mention the fact that you may want to scan different protocols (UDP, TCP, ICMP, etc.). Nmap supports Vanilla TCP connect() scanning, TCP SYN (half open) scanning, TCP FIN, Xmas, or NULL (stealth) scanning, TCP ftp proxy (bounce attack) scanning, SYN/FIN scanning using IP frag
THC-Hydra - parallized login hacker is available: for Samba, FTP, POP3, IMAP, Telnet, HTTP Auth, LDAP, NNTP, MySQL, VNC, ICQ, Socks5, PCNFS, Cisco and more. Includes SSL support and is part of Nessus. Visit the project web site to download Win32, Palm and ARM binaries. Changes: important bugfix!
3. Pads 1.1
By: Matt Shelton
Relevant URL: http://freshmeat.net/projects/pads/?branch_id=52504&release_id=169973
Platforms: Linux
Summary:
Pads (Passive Asset Detection System) is a signature-based detection engine used to passively detect network assets. It is designed to complement IDS technology by providing context to IDS alerts.
4. cenfw 0.3b
By: Peter Robinson
Relevant URL: http://www.securegateway.org
Platforms: Linux, Windows 2000, Windows NT, Windows XP
Summary:
The Centron IPTables Firewall Gui is an object oriented, database driven, windows interface to linux IPtables firewall rules.
5. Firewall Builder 2.0
By: Vadim Kurland
Relevant URL: http://www.fwbuilder.org/
Platforms: FreeBSD, Linux, MacOS, Solaris, Windows 2000, Windows XP
Summary:
Firewall Builder consists of a GUI and set of policy compilers for various firewall platforms. It helps users maintain a database of objects and allows policy editing using simple drag-and-drop operations. The GUI and policy compilers are completely independent, and support for a new firewall platform can be added to the GUI without any changes to the program (only a new policy compiler is needed). This provides for a consistent abstract model and the same GUI for different firewall platforms. It currently supports iptables, ipfilter, and OpenBSD pf.
6. Lepton's Crack 20031130
By: Lepton and Nekromancer
Relevant URL: http://www.nestonline.com/lcrack/lcrack-20031130-beta.zip
Platforms: Linux, MacOS, Os Independent, UNIX, Windows 2000, Windows NT, Windows XP
Summary:
Lepton's Crack is a generic password cracker. It is easily-customizable with a simple plugin system and allows system administrators to review the quality of the passwords being used on their systems. It can perform a dictionary-based (wordlist) attack as well as a brute force (incremental) password scan. It supports standard MD4 hash, standard MD5 hash, NT MD4/Unicode, Lotus Domino HTTP password (R4), and SHA-1 hash formats. LM (LAN Manager) plus appending and prepending
VI. UNSUBSCRIBE INSTRUCTIONS
----------------------------
To unsubscribe send an e-mail message to linux-secnews-unsubscribe (at) securityfocus (dot) com [email concealed] from the subscribed address. The contents of the subject or message body do not matter. You will receive a confirmation request message to which you will have to answer. Alternatively you can also visit http://www.securityfocus.com/newsletters and unsubscribe via the website.
If your email address has changed email listadmin (at) securityfocus (dot) com [email concealed] and ask to be manually removed.
VII. SPONSOR INFORMATION
-----------------------
This Issue is Sponsored By: SecurityFocus
Want to keep up on the latest security vulnerabilities? Don't have time to
visit a myriad of mailing lists and websites to read the news? Just add the
new SecurityFocus RSS feeds to your freeware RSS reader, and see all the
latest posts for Bugtraq and the SF Vulnernability database in one
convenient place. Or, pull in the latest news, columnists and feature
articles in the SecurityFocus aggregated news feed, and stay on top of
what's happening in the community!
------------------------------------
This Issue is Sponsored By: SecurityFocus
Want to keep up on the latest security vulnerabilities? Don't have time to
visit a myriad of mailing lists and websites to read the news? Just add the
new SecurityFocus RSS feeds to your freeware RSS reader, and see all the
latest posts for Bugtraq and the SF Vulnernability database in one
convenient place. Or, pull in the latest news, columnists and feature
articles in the SecurityFocus aggregated news feed, and stay on top of
what's happening in the community!
http://www.securityfocus.com/rss/index.shtml
------------------------------------------------------------------------
I. FRONT AND CENTER
1. Metasploit Framework, Part 3
2. I Spy With My Little Eye
II. LINUX VULNERABILITY SUMMARY
1. Fujitsu-Siemens ServerView Insecure Permissions Vulnerabilit...
2. Call of Duty Remote Denial of Service Vulnerability
3. MPG123 Remote Stereo Boundary Buffer Overflow Vulnerability
4. Webmin / Usermin HTML Email Command Execution Vulnerability
5. Ulrik Petersen Emdros Database Engine Denial Of Service Vuln...
6. OpenOffice/StarOffice Local File Disclosure Vulnerability
III. LINUX FOCUS LIST SUMMARY
1. rooted ? (Thread)
2. redhat patch problem? (Thread)
IV. NEW PRODUCTS FOR LINUX PLATFORMS
1. Cyber-Ark Inter-Business Vault
2. EnCase Forensic Edition
3. KeyGhost SX
4. SafeKit
5. Astaro Linux Firewall
6. CAT Cellular Authentication Token and eAuthentication Servic...
V. NEW TOOLS FOR LINUX PLATFORMS
1. Nmap v3.70
2. THC-Hydra v4.3
3. Pads 1.1
4. cenfw 0.3b
5. Firewall Builder 2.0
6. Lepton's Crack 20031130
VI. UNSUBSCRIBE INSTRUCTIONS
VII. SPONSOR INFORMATION
I. FRONT AND CENTER
-------------------
1. Metasploit Framework, Part 2
By Pukhraj Singh and K.K. Mookhey
This third and final article in the Metasploit series covers the msfcli
scripting interface as well as the intuitive web interface to the
Framework. The article also discusses what's new with version 2.2, and then
introduces the exploit development process through an example.
http://www.securityfocus.com/infocus/1800
2. I Spy With My Little Eye
By Mark Rasch
Forget Congress' myopic efforts to outlaw spyware. What we really need is
better enforcement of existing computer crime laws.
http://www.securityfocus.com/columnists/266
II. LINUX VULNERABILITY SUMMARY
-------------------------------
1. Fujitsu-Siemens ServerView Insecure Permissions Vulnerabilit...
BugTraq ID: 11114
Remote: No
Date Published: Sep 06 2004
Relevant URL: http://www.securityfocus.com/bid/11114
Summary:
It has been reported that local, unprivileged users may corrupt the SNMP MIB and, possibly, other sensitive system components. This is reportedly due to insecure permissions set on file "/usr/share/snmp/mibs/.index", which specifies the location of files used to build the MIB tree.
2. Call of Duty Remote Denial of Service Vulnerability
BugTraq ID: 11119
Remote: Yes
Date Published: Sep 06 2004
Relevant URL: http://www.securityfocus.com/bid/11119
Summary:
It has been reported that it is possible for a remote attacker to immediately terminate instances of Call of Duty on target systems. This can be accomplished by sending a large (> 1024 bytes) query or response to the target.
Both the client and server are affected.
3. MPG123 Remote Stereo Boundary Buffer Overflow Vulnerability
BugTraq ID: 11121
Remote: Yes
Date Published: Sep 07 2004
Relevant URL: http://www.securityfocus.com/bid/11121
Summary:
Reportedly mpg123 is affected by a remote stereo boundary buffer overflow vulnerability. This issue is due to a failure of the application to properly validate user-supplied string sizes prior to copying them into process buffers.
This issue will allow a malicious user to manipulate process memory ultimately leading to arbitrary code execution in the context of the user that started the vulnerable application.
4. Webmin / Usermin HTML Email Command Execution Vulnerability
BugTraq ID: 11122
Remote: Yes
Date Published: Sep 07 2004
Relevant URL: http://www.securityfocus.com/bid/11122
Summary:
Webmin / Usermin are reportedly affected by a command execution vulnerability when rendering HTML email messages. This issue is due to a failure to sanitize HTML email messages and may allow an attacker to execute arbitrary commands on a vulnerable computer.
This issue is reported to affect Usermin versions 1.080 and prior.
5. Ulrik Petersen Emdros Database Engine Denial Of Service Vuln...
BugTraq ID: 11143
Remote: Yes
Date Published: Sep 08 2004
Relevant URL: http://www.securityfocus.com/bid/11143
Summary:
It is reported that Emdros is prone to a denial of service vulnerability, due to a memory leak while running as a daemon.
This vulnerability is present in the 'mql' process. This process contains a memory leak, and if it is run as a daemon, a remote attacker has the ability to consume all available memory until the process crashes.
Versions prior to 1.1.20 are reported susceptible to this vulnerability.
6. OpenOffice/StarOffice Local File Disclosure Vulnerability
BugTraq ID: 11151
Remote: No
Date Published: Sep 10 2004
Relevant URL: http://www.securityfocus.com/bid/11151
Summary:
StarOffice and OpenOffice are reported prone to a local file disclosure vulnerability. This issue presents itself because the application creates insecure temporary files. Each time a user saves a file, a compressed copy of the file is saved in a temporary direcotry. This can allow a local attacker to disclose files of other users.
OpenOffice 1.1.2 and StarOffice 7.0 are reported prone to this vulnerability.
III. LINUX FOCUS LIST SUMMARY
-----------------------------
1. rooted ? (Thread)
Relevant URL:
http://www.securityfocus.com/archive/91/375114
2. redhat patch problem? (Thread)
Relevant URL:
http://www.securityfocus.com/archive/91/374675
IV. NEW PRODUCTS FOR LINUX PLATFORMS
------------------------------------
1. Cyber-Ark Inter-Business Vault
By: Cyber-Ark
Platforms: Linux, Windows 2000, Windows NT, Windows XP
Relevant URL: http://www.cyber-ark.com/datasecuritysoftware/inter-business_vault.htm
Summary:
Based on Cyber-Ark Software's Vaulting Technology, the Inter-Business Vault, an information security solution that enables organizations to safely overcome traditional network boundaries in order to securely share business information among customers, business partners, and remote branches. It provides a seamless, LAN-like experience over the Internet that includes all the security, performance, accessibility, and ease of administration required to allow organizations to share everyday information worldwide. To learn more about these core attributes of the Inter-Business Vault click on the relevant link below:
2. EnCase Forensic Edition
By: Guidance Software Inc.
Platforms: DOS, FreeBSD, Linux, MacOS, NetBSD, OpenBSD, PalmOS, Solaris, UNIX, Windows 2000, Windows 95/98, Windows NT, Windows XP
Relevant URL: http://www.guidancesoftware.com/products/EnCaseForensic/index.shtm
Summary:
EnCase Forensic Edition Version 4 delivers the most advanced features for computer forensics and investigations. With an intuitive GUI and superior performance, EnCase Version 4 provides investigators with the tools to conduct large-scale and complex investigations with accuracy and efficiency. Guidance Software?s award winning solution yields completely non-invasive computer forensic investigations while allowing examiners to easily manage large volumes of computer evidence and view all relevant files, including "deleted" files, file slack and unallocated space.
The integrated functionality of EnCase allows the examiner to perform all functions of the computer forensic investigation process. EnCase's EnScript, a powerful macro-programming language and API included within EnCase, allows investigators to build customized and reusable forensic scripts.
3. KeyGhost SX
By: KeyGhost Ltd
Platforms: BeOS, DOS, Linux, OS/2, Solaris, SunOS, Windows 2000, Windows 95/98, Windows NT, Windows XP
Relevant URL: http://www.keyghost.com/SX/
Summary:
KeyGhost SX discreetly captures and records all keystrokes typed, including chat conversations, email, word processor, or even activity within an accounting or specialist system. It is completely undetectable by software scanners and provides you with one of the most powerful stealth surveillance applications offered anywhere.
Because KeyGhost uses STRONG 128-Bit encryption to store the recorded data in it?s own internal memory (not on the hard drive), it is impossible for a network intruder to gain access to any sensitive data stored within the device.
4. SafeKit
By: Evidian Inc.
Platforms: AIX, HP-UX, Linux, Solaris, Windows 2000
Relevant URL: http://www.evidian.com/safekit/index.htm
Summary:
Evidian's SafeKit technology makes it possible to render any application available 24 hours per day. With no extra hardware: just use your existing servers and install this software-only solution.
This provides ultimate scalability. As your needs grow, all you need to do is add more standard servers into the cluster. With the load balancing features of SafeKit, you can distribute applications over multiple servers. If one system fails completely, the others will continue to serve your users.
5. Astaro Linux Firewall
By: Astaro
Platforms: Linux
Relevant URL: http://www.astaro.com/php/statics.php?action=asl&lang=gb
Summary:
Astaro Linux Firewall: All-in-one firewall, virus protection, content filtering and spam protection internet security software package for Linux.
Free download for home users.
6. CAT Cellular Authentication Token and eAuthentication Servic...
By: Mega AS Consulting Ltd
Platforms: Java, Linux, OpenBSD, Os Independent, SecureBSD, Solaris, UNIX, Windows 2000, Windows NT
Relevant URL: http://www.megaas.co.nz
Summary:
Low cost, easy to use Two Factor Authentication One Time Password token using the Cellular. Does not use SMS or communication, manages multiple OTP accounts - new technology. For any business that want a safer access to its Internet Services. More information at our site.
We also provide eAuthentication service for businesses that will not buy an Authentication product but would prefer to pay a monthly charge for authentication services from our our CAT Server.
V. NEW TOOLS FOR LINUX PLATFORMS
--------------------------------
1. Nmap v3.70
By: Fyodor
Relevant URL: http://www.insecure.org/nmap/
Platforms: AIX, BSDI, FreeBSD, HP-UX, IRIX, Linux, NetBSD, OpenBSD, Solaris, SunOS, UNIX
Summary:
Nmap is a utility for port scanning large networks, although it works fine for single hosts. Sometimes you need speed, other times you may need stealth. In some cases, bypassing firewalls may be required. Not to mention the fact that you may want to scan different protocols (UDP, TCP, ICMP, etc.). Nmap supports Vanilla TCP connect() scanning, TCP SYN (half open) scanning, TCP FIN, Xmas, or NULL (stealth) scanning, TCP ftp proxy (bounce attack) scanning, SYN/FIN scanning using IP frag
2. THC-Hydra v4.3
By: THC
Relevant URL: http://www.thc.org/releases/hydra-4.3-src.tar.gz
Platforms: AIX, FreeBSD, HP-UX, IRIX, Linux, NetBSD, OpenBSD, Solaris, UNIX
Summary:
THC-Hydra - parallized login hacker is available: for Samba, FTP, POP3, IMAP, Telnet, HTTP Auth, LDAP, NNTP, MySQL, VNC, ICQ, Socks5, PCNFS, Cisco and more. Includes SSL support and is part of Nessus. Visit the project web site to download Win32, Palm and ARM binaries. Changes: important bugfix!
3. Pads 1.1
By: Matt Shelton
Relevant URL: http://freshmeat.net/projects/pads/?branch_id=52504&release_id=169973
Platforms: Linux
Summary:
Pads (Passive Asset Detection System) is a signature-based detection engine used to passively detect network assets. It is designed to complement IDS technology by providing context to IDS alerts.
4. cenfw 0.3b
By: Peter Robinson
Relevant URL: http://www.securegateway.org
Platforms: Linux, Windows 2000, Windows NT, Windows XP
Summary:
The Centron IPTables Firewall Gui is an object oriented, database driven, windows interface to linux IPtables firewall rules.
5. Firewall Builder 2.0
By: Vadim Kurland
Relevant URL: http://www.fwbuilder.org/
Platforms: FreeBSD, Linux, MacOS, Solaris, Windows 2000, Windows XP
Summary:
Firewall Builder consists of a GUI and set of policy compilers for various firewall platforms. It helps users maintain a database of objects and allows policy editing using simple drag-and-drop operations. The GUI and policy compilers are completely independent, and support for a new firewall platform can be added to the GUI without any changes to the program (only a new policy compiler is needed). This provides for a consistent abstract model and the same GUI for different firewall platforms. It currently supports iptables, ipfilter, and OpenBSD pf.
6. Lepton's Crack 20031130
By: Lepton and Nekromancer
Relevant URL: http://www.nestonline.com/lcrack/lcrack-20031130-beta.zip
Platforms: Linux, MacOS, Os Independent, UNIX, Windows 2000, Windows NT, Windows XP
Summary:
Lepton's Crack is a generic password cracker. It is easily-customizable with a simple plugin system and allows system administrators to review the quality of the passwords being used on their systems. It can perform a dictionary-based (wordlist) attack as well as a brute force (incremental) password scan. It supports standard MD4 hash, standard MD5 hash, NT MD4/Unicode, Lotus Domino HTTP password (R4), and SHA-1 hash formats. LM (LAN Manager) plus appending and prepending
VI. UNSUBSCRIBE INSTRUCTIONS
----------------------------
To unsubscribe send an e-mail message to linux-secnews-unsubscribe (at) securityfocus (dot) com [email concealed] from the subscribed address. The contents of the subject or message body do not matter. You will receive a confirmation request message to which you will have to answer. Alternatively you can also visit http://www.securityfocus.com/newsletters and unsubscribe via the website.
If your email address has changed email listadmin (at) securityfocus (dot) com [email concealed] and ask to be manually removed.
VII. SPONSOR INFORMATION
-----------------------
This Issue is Sponsored By: SecurityFocus
Want to keep up on the latest security vulnerabilities? Don't have time to
visit a myriad of mailing lists and websites to read the news? Just add the
new SecurityFocus RSS feeds to your freeware RSS reader, and see all the
latest posts for Bugtraq and the SF Vulnernability database in one
convenient place. Or, pull in the latest news, columnists and feature
articles in the SecurityFocus aggregated news feed, and stay on top of
what's happening in the community!
http://www.securityfocus.com/rss/index.shtml
------------------------------------------------------------------------
[ reply ]