Copy Link
Add to Bookmark
Report
Net-Sec Issue 047
HNS Newsletter
Issue 47 - 22.01.2001
http://net-security.org
This is a newsletter delivered to you by Help Net Security. It covers weekly
roundups of security events that were in the news the past week. Visit Help
Net Security for the latest security news - http://www.net-security.org.
Subscribe to this weekly digest on:
http://www.net-security.org/text/newsletter
Archive of the newsletter in TXT and PDF format is available here:
http://www.net-security.org/news/archive/newsletter
Current subscriber count to this digest: 1805
Table of contents:
1) General security news
2) Security issues
3) Security world
4) Featured articles
5) Security software
6) Defaced archives
General security news
---------------------
----------------------------------------------------------------------------
WORLD FOR WORMS
The Kakworm virus was responsible for more helpdesk calls than the Love Letter
virus during 2000, even though Love Letter caused major business disruption
during May, according to antivirus software supplier Sophos.
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.zdnet.co.uk/news/2001/2/ns-20225.html
HONEYNET CHALLENGE
"One of the primary goals of the Honeynet Project is to find order in chaos by
letting the attackers do their thing, and allowing the defenders to learn from
the experience and improve. The latest challenge, inspired by the Honeynet
Project's founder Lance Spitzner, is the Forensic Challenge. Only this time,
we're opening it up to anyone who wants to join in... The best 20 submissions
will win a copy of "Hacking Exposed", Second Edition (courtesy of Foundstone)".
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://project.honeynet.org/challenge/
MANY INDIAN WEB SITES HACKED IN 2000
Some 635 Indian Web sites were hacked during the year 2000 - reflecting the
low awareness level of Internet security amongst Indian companies - according
to Dewang Mehta, president of the National Association of Software and Service
Companies. Companies spend only 0.8 percent of their total IT spending on
Internet security annually as against the world average of 5.5 percent. Since
95 percent of the sites hacked are hosted abroad, Indian firms believed that
Web hosting companies would take care of the security aspects, which
generally does not happen, added Mehta.
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.newsbytes.com/news/01/160515.html
IT COMPANIES CREATE PRIVATE COMPUTER SECURITY NETWORK
Today, a group of more than 20 information technology companies - including
Intel, AT&T, Microsoft, IBM and Hewlett Packard will announce a major milestone
in their efforts to create a private network for sharing information on computer
security weaknesses and cyber-attacks. The details of the announcement
center on a mechanism the industry is crafting to share information on cyber
attacks, vulnerabilities and security practices that can be used to better
respond to deliberate intrusions into computer networks.
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.computeruser.com/news/01/01/16/news1.html
COMPUTER CRIME INVESTIGATOR'S TOOLKIT: PART III
While one doesn't have to be a master programmer to be a computer crime
sleuth, being able to read code helps generate insight. If you find a Perl script
useful for checking the aging of passwords, for example, understanding how
the program works goes a long way toward implementing the tool properly.
And, you learn during the process how to develop your own tools. Some
investigators may prefer C or C++ as a starting point. That preference has
some merit since quite a few computer security tools are available written
in those languages. But the most important skill is to learn a code and then
build on that knowledge. More common ground exists between languages
than you might realize.
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://securityportal.com/articles/feature20010116.html
SECURITY SOFTWARE MARKET SET TO GROW
The worldwide security software market is due to grow at a compound rate
of 21.7% through to 2004, when revenue will be over $6.7bn, according to a
recent study. The report from Gartner Dataquest, "Internet and E-commerce
drive Security Software Growth", also points to increasing focus by large
companies such as IBM/Tivoli and HP on security in their core offerings.
Apparently 31% of the security software market in 1999 was Anti-Viral
software. Of this, Network Associates has 43.8% market share, followed
by Symantec with 33.8%, and Trend Micro at 11.9%.
Link: http://www.netimperative.com/technology/newsarticle.asp?ArticleID=7513&ChannelID=3&ArticleType=1
LINUX FIREWALL - THE TRAFFIC SHAPER
The firewall is a fundamental component of all computer security strategies.
However, the simple firewall is not only restricted to safeguarding the user's
valuable information - it can also optimize the user's bandwidth. This article,
by Jeroen Wortelboer and Jan Van Oorschot will discuss how Linux firewalls
can be used to shape traffic to optimize quality of Internet service and to
reduce vulnerability to DoS attacks.
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.securityfocus.com/focus/linux/articles/trafshap.html
TRACKING NETWORK TRAFFIC IN 3D
The vital monitoring of networks can now be done in 3-D. High Tower Software,
an offshoot of NASA, recently launched a 3-D tool that lets operators not only
see where a problem might be, but also see the whole network and what could
be affected if a component or device breaks down. The lack of trained IT staff
puts a lot of pressure on companies to interpret data emanating from network
monitoring systems. "Even network personnel who understand these issues have
a hard time figuring out what is going wrong," said Robert Angelino, the head of
software engineering.
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.telekomnet.com/writer_telekomnet/1-16-01_hightower.asp
U.S. POST OFFICE UNVEILS SECURE INTERNET SYSTEM
The U.S. Postal Service unveiled a new service that allows government agencies
to send and receive sensitive documents such as birth certificates and medical
records over the Internet in a secure manner. An electronic version of Certified
Mail, the new service uses a system of passwords and ID cards embedded with
computer chips to provide proof that the document arrived safely in the hands
of its intended recipient.
Link: http://www.reuters.com/news_article.jhtml;$sessionid$DUZS4RAAACHZ0CRBADLSFEYKEEANMIV2?type=internet&Repository=INTERNET_REP&RepositoryStoryID=%2Fnews%2FIDS%2FInternet%2FNET-TECH-POSTAL-DC_TXT.XML
FIGHT RAGES OVER DIGITAL RIGHTS
Critics say content owners and digital rights management companies are
discouraging the growth of digital music by taking liberties with their control
of copyrights. The Digital Millennium Copyright Act was enacted in 1998 to
encourage content owners to begin moving their businesses online. At the
center of the act were precautions set up to allow copyright holders to
protect their work by making it against the law for consumers to illegally
post and share materials.
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.wired.com/news/politics/0,1283,41183,00.html
STARTING FROM SCRATCH
Of all people, security experts are the most likely to keep their own systems
backed up, and verify that the backups haven't been overwritten, right? Wrong,
says Carole Fennelly. In this week's Unix Security, Carole reveals how
complacency caused her to lose her home directory and email, and shows
you how you can prevent the same thing from happening to you.
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.sunworld.com/unixinsideronline/swol-01-2001/swol-0112-unixsecurity.html
A LOOK AT SYSTEM V INITIALIZATION
System V method of initialization is one of the most widely used across most
Linux distributions. It definitely eases the system administrators job. There's a
lot more than autoexec.bat and config.sys here. We've written this article for
novice users. It explains the concept of runlevels, initialization scripts and the
significance of /etc/rc.d.
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.freeos.com/articles/3243/
SECURE LINUX DISTRIBUTIONS
If there is one question I hate, it's "Which Linux distribution is the most secure?"
followed by "Which firewall is best?" People ask these questions in all innocence,
and very few realize the complexity behind them. If I'm in a bad mood I'll usually
say, "Whichever one works best for you with the fewest problems." While
essentially a correct answer, it is mostly useless. To actually answer the
question properly, I usually need to spend the better part of an hour asking
the other person questions: what their requirements are, how much they can
spend, what the current installation has, and so on. After getting this information
I can usually make a recommendation; sometimes the answer is clear, and other
times it isn't too clear.
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://securityportal.com/closet/closet20010117.html
RUNNING SNORT ON IIS WEB SERVERS: PART I
In 1998, Martin Roesch developed Snort for Unix platforms as a "lightweight
intrusion detection system." In the summer of 2000, Mike Davis created the
first Win32 port of Snort, bringing a great tool to a whole new world of Windows
users and bringing a world of Windows users to a different understanding of
security. Now in this, the first of a series of articles on Snort for Microsoft
platforms, Mark Burnett introduces the reader to Snort for IIS Web Servers.
This article will discuss various aspects of SNort, including: the development
of Snort, the installion and use of Snort, and strategies for the most effective
implementation of Snort on IIS servers.
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.securityfocus.com/focus/microsoft/iis/mssnort.html
WHOS THAT KNOCKING ON THE FIREWALL?
Open Door Networks Monday began shipping its firewall advisor software, Whos
There? Firewall Advisor, which Open Door bills as "essential for understanding
the ever-increasing access attempts from the Net", is compatible with Open
Doors DoorStop firewall software and Symantecs Norton Personal Firewall.
The software does not work with Integos NetBarrier.
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.insanely-great.com/news/01/486.html
MALAYSIAN POLICE TRACKING DEFACERS
Malaysian police have traced attackers who broke into Parliament's home page
in December to Brazil and France and are seeking help from police there to
capture them.
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.cnn.com/2001/ASIANOW/southeast/01/16/malaysia.hackers.ap/index.html
LOS ALAMOS EMPLOYEE DENIES HACKING
Claiming he's being used as a scapegoat, 21-year-old MagicFX has reportedly
denied hacking into six company Web sites before he was hired last year at
the Los Alamos National Laboratory.
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.computeruser.com/news/01/01/16/news6.html
UPDATE ON ETISALAT CASE
The Public Prosecutor's office has begun its investigation into allegations that
a 21-year-old Briton hacked into Emirates Telecommunications Corp's (Etisalat)
Internet system last June.Lee Ashurst was charged with the "misuse of
equipment, services or facilities provided by Etisalat" after he was allegedly
traced as one of the hackers who caused widescale disruptions to the service,
causing it to crash.
Link: http://www.gulf-news.com/Articles/news.asp?ArticleID=7046
GERMAN WATCHDOG TO PROBE ONLINE BANK SECURITY
Germany's banking watchdogs said they have launched a security check at
some of Europe's largest Internet banks and brokers as the threat from hackers
or electronic theft increases. The check of banks' electronic defenses will be
run by a three-part team including the German central bank the Bundesbank,
the Federal Banking Regulatory Agency BAKred, and the Interior Ministry's
special unit for computer security BSI.
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.timesofindia.com/today/19info31.htm
REMOTE DESKTOP USING VNC
X-terminals allowed you to work off another machine while sitting on your
machine. VNC allows you to do the same and also adds the ability to go
beyond your local network to access a desktop over the Internet. Use it
from your Windows machine to access and administer your Linux box or
even the other way round!
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.freeos.com/articles/3292/
MAFIABOY PLEADS GUILTY ON 55 CHARGES
The trial of the 16-year-old Montrealer known as "Mafiaboy" had been set to
begin on 66 charges relating to attacks last year on several major Web sites,
as well as security breaches of other sites at institutions such as Yale and
Harvard universities. The court had just convened when prosecutor Louis
Miville-Deschenes announced that the youth had pleaded guilty to most
of the charges.
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.cnn.com/2001/TECH/computing/01/18/mafiaboy.ap/index.html
PANDA SOFTWARE SLAMMED
Antivirus company Panda Software has been suspended from an industry group
for withholding information about a new virus it claimed was "more deadly than
the Love Bug" (they were speaking about Little Davinia).
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.vnunet.com/News/1116640
EFF ON DECSS: HACKERS' RIGHTS AT STAKE
The Electronic Frontier Foundation is asking a federal appeals court to overturn
a ruling that banned a Web site from posting and linking to a software program
that can crack DVD security, saying the decision did "great violence" to the
First Amendment.
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.zdnet.com/zdnn/stories/news/0,4586,2676657,00.html
SOFTWARE REVIEW: ARKEIA BACKUP
This document is a review of the Arkeia backup software combined with the
Ecrix rakpak dual 66G drive, discussion of the features, security, usage,
documentation, and support.
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.linuxsecurity.com/feature_stories/feature_story-74.html
OPENHACK III BOWED BUT NOT BROKEN
The battle has begun, and the first salvo was a fierce one, as a cascade of
denial-of-service attacks swept over the Openhack III site in its first four
days of operation. As of midday Thursday, no one had succeeded in any of
the four hacking goals, although eWEEK Labs saw creative DoS attacks
directed against the Champaign, Ill., site, along with heavy usage.
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.zdnet.com/eweek/stories/general/0,11011,2676675,00.html
----------------------------------------------------------------------------
Security issues
---------------
All vulnerabilities are located at:
http://net-security.org/text/bugs
----------------------------------------------------------------------------
MEDIA PLAYER 7 AND IE JAVA VULNERABILITY
There is a security vulnerability in Windows Media Player 7 exploitable thru IE
and java which allows reading local files and browsing directories which in turn
allows executing arbitratrary programs. This may lead to taking full control over
user's computer.
Link: http://www.net-security.org/text/bugs/979586134,83134,.shtml
YAHOO! INSTANT MESSENGER TRANSMISSIONS
"When being warned by my firewall that some packet contents may contain
sensitive data when connecting to Yahoo! servers with the popular, Yahoo!
Instant Messenger, I found to my amazement my username and password
combination where being sent to the server in plain text."
Link: http://www.net-security.org/text/bugs/979594691,35290,.shtml
PHP ADVISORY - APACHE MODULE BUGS
[1] PHP supports a configuration mechanism that allows users to configure PHP
directives on a per-directory basis. Under Apache, this is usually done using
.htaccess files. Due to a bug in the Apache module version of PHP, remote
'malicious users' might be able to create a special HTTP request that would
cause PHP to serve the next page with the wrong values for these directives.
In certain (fairly rare) situations, this could result in a security problem.
[2] PHP supports the ability to be installed, and yet disabled, by setting the
configuration option 'engine = off'. Due to a bug in the Apache module version
of PHP, if one or more virtual hosts within a single Apache server were configured
with engine=off, this value could 'propagate' to other virtual hosts. Because
setting this option to 'off' disables execution of PHP scripts, the source code
of the scripts could end up being sent to the end clients.
Link: http://www.net-security.org/text/bugs/979594708,42917,.shtml
HTML.DROPPER (INTERESTING)
Internet Explorer 5.5 and accompanying mail and news client afford us the
unique ability to dictate which icons and file extensions we require. Specifically,
we are able to manufacture an email message to appear as one thing when in
fact it is not.
Link: http://www.net-security.org/text/bugs/979781821,21006,.shtml
NEW MAILING LIST MOBILEBUGS
It is dedicated to discussion of cellular phone and network security aspects. To
subscribe to this list, send a message to majordomo@developers.of.pl with the
following in the body of the message: subscribe mobileBugs.
Link: http://www.net-security.org/text/bugs/979781840,31202,.shtml
INN TEMPORARY DIRECTORY CONFIGURATION
"It's recently come to our attention that some repackagers of INN have
mistakenly shipped INN packages configured to use the system temporary
directory (either /tmp or /var/tmp) for create temporary files. INN expects
its configured temporary directory to only be writeable by the news user
and does not take sufficient precautions when creating temporary files to
be able to use world-writeable temporary directories. This configuration
could be exploited to gain access to the news account."
Link: http://www.net-security.org/text/bugs/979781859,46967,.shtml
CRYPTANALYSIS OF THE RSA SECURID ALGORITHM
Recently, I.C. Wiener published a reverse engineering effort of the RSA SecurID
algorithm. There were few speculations on the security ramifications of the
algorithm in I.C. Wiener's posting, so this note is an effort to touch upon
areas of concern. We have verified that I.C. Wiener's released version of the
proprietary algorithm is accurate by comparing it with our own prior reverse
engineering of the same algorithm.
Link: http://www.net-security.org/text/bugs/979874843,29493,.shtml
SHOUTCAST SERVER BUFFER CRASHES SERVER
The following information is being released by PA Networks to expose a potential
problem with the Shoutcast server for Linux version v1.7.1 for Shoutcast
Distributed Network Audio Server. During testing of new streams the following
was discovered.
Software Needed To Perform This Overflow:
Winamp (Any Version)
DSP Plugin for Audio Streaming
Microsoft Netshow Tools (Audio MP3 Codecs Only)
Shoutcast Server for Linux v1.7.1
Normally the Winamp client uses the DSP plugin to encode MP3 files and send a
single stream to a DNAS Server (Shoutcast) for distribution to listeners. By
entering a string in the description past the visible field the server will overflow
causing the shoutcast server to crash. This has been tested and verified on the
Linux version only so we do not know if the Win32 version of DNAS is also affected.
Link: http://www.net-security.org/text/bugs/979874858,39730,.shtml
LICENSING FIREWALL-1 DOS ATTACK
"I have identified a denial of service attack that can be launched against
Firewall-1 that has identical results to the IP fragmentation attack identified
by Lance Spitzner."
Symptoms: Firewall CPU hits 100% utilization, console locks up, a reboot only
temporarily solves the problem.
Vulnerable: All versions of Firewall-1 4.1 on Solaris 2.x using a limited-IP license
Link: http://www.net-security.org/text/bugs/979874948,44992,.shtml
PATCH FOR ORACLE INTERNET DIRECTORY
Several potential buffer overflow vulnerabilities have been discovered in the
Oracle Internet Directory executables 'oidldapd' and 'oidmon'. These
vulnerabilities were originally found in Oracle Internet Directory (OID)
2.0, Release 2.0.6, on Linux. (Note: OID 2.0.6 on LINUX was a beta release.)
Link: http://www.net-security.org/text/bugs/979957423,83735,.shtml
ENCRYPTED FILE SYSTEM WIN 2000 FLAW
"I have found a major problem with the encrypted filesystem (EFS) in Windows
2000 which shows that encrypted files are still very available for a thief or
attacker."
Link: http://www.net-security.org/text/bugs/979957507,70469,.shtml
----------------------------------------------------------------------------
Security world
--------------
All press releases are located at:
http://net-security.org/text/press
----------------------------------------------------------------------------
HNC DELIVERS FRAUD DETECTION - [18.01.2001]
HNC Software Inc. announced the availability of a new fraud detection service
for stored value cards. The service delivers fraud protection from both Falcon,
the leading payment card fraud detection system, and eFalcon, the leading
real-time payment fraud detection service. WildCard Systems, a provider of
high-quality e-payment solutions, is the first stored value card provider to
use the service.
Press release:
< http://www.net-security.org/text/press/979780431,85413,.shtml >
----------------------------------------------------------------------------
INTRUSION.COM ANNOUNCES NEW JOINT VENTURE - [18.01.2001]
Intrusion.com, Inc., a leading provider of enterprise security solutions for the
information-driven economy, today announced an agreement to establish a
joint venture with Shanghai Video and Audio Electronics Co., Ltd. This new
venture, Shanghai SVA Intrusion.com Joint Venture, will manufacture, market,
distribute and sell Intrusion.com SecureCom platform solutions, and will be the
authorized reseller of selected Intrusion.com software products in China (PRC
Mainland) under an exclusive multi-year licensing agreement.
Press release:
< http://www.net-security.org/text/press/979780474,55331,.shtml >
----------------------------------------------------------------------------
FLAGSHIP MOBILE VPN-BASED SOFTWARE RELEASED - [18.01.2001]
Roam Secure, Inc., a Washington, D.C. based mobile VPN (virtual private network)
software solutions company, announced its first product, OnRoad, that provides
advanced Internet mobility, security and networking features and allows both
wireless and wired communications in a VPN.
Press release:
< http://www.net-security.org/text/press/979780559,93861,.shtml >
----------------------------------------------------------------------------
DIGITAL CERTIFICATES FOR GOVERNMENT AGENCIES - [18.01.2001]
E-business security pioneer Cylink Corporation announced the deployment of its
NetAuthority(tm) public key infrastructure solution as the certificate authority
for the U.S. Postal Service's NetPost.Certified, a new Internet-based service
designed to secure and authenticate electronic correspondence between
government agencies.
Press release:
< http://www.net-security.org/text/press/979780817,6686,.shtml >
----------------------------------------------------------------------------
VIRUSMD.COM BIDS TO LEAD MEDICAL RECORDS ENCRYPTION - [18.01.2001]
In its bid to lead the new $3.8 billion dollar gold rush for medical records privacy
and encryption, the VirusMD sofware corporation today hired two Board-Certified
physicians to join its consulting team. In order to protect the security and
confidentiality of electronic health information, Congress has passed The
Health Insurance Portability and Accountability Act, also known as HIPAA.
Press release:
< http://www.net-security.org/text/press/979780923,36108,.shtml >
----------------------------------------------------------------------------
SELLING 'NETWORK VAULT' TECHNOLOGY - [18.01.2001]
CyberArk Software, Ltd., makers of the industry's first "network vault" for
securing corporate data and e-business, announced today that Global
Technology Associates (GTA), a U.K.-based IT security consulting firm,
will begin reselling Cyber-Ark's PrivateArk solution. GTA is a respected
authority in the Internet and network security arena and assesses
corporate security needs and provides leading-edge security solutions.
Press release:
< http://www.net-security.org/text/press/979780999,85255,.shtml >
----------------------------------------------------------------------------
NO FEAR FROM MELISSA-X WORM - [20.01.2001]
Sophos Anti-Virus, a world leader in corporate anti-virus protection, has
announced that users practising safe computing have nothing to fear from
the Melissa-X virus. However, users without the latest version of their
anti-virus software may be unable to detect the virus.
Press release:
< http://www.net-security.org/text/press/979957211,47193,.shtml >
----------------------------------------------------------------------------
SECURITY BIOMETRICS' BOARD OF DIRECTORS GROWS - [20.01.2001]
Mr. George Gould, President of Security Biometrics, Inc. (www.sigbio.com) is
pleased to announce the appointment of Robert M. Egery as a director to
the company. "We are delighted to see Egery joining our team at this exciting
time for SBI," says Gould. "His expertise and industry exposure will serve us all
very well in the near and distant future."
Press release:
< http://www.net-security.org/text/press/979957634,24064,.shtml >
----------------------------------------------------------------------------
SYMANTEC ON NEW MELISSA VARIANT - [20.01.2001]
Researchers at the Symantec AntiVirus Research Center are warning computer
users of Melissa.W, a variant of the damaging Melissa virus that uses Microsoft
Outlook to e-mail itself as an attachment.
Press release:
< http://www.net-security.org/text/press/979957704,68834,.shtml >
----------------------------------------------------------------------------
Featured articles
-----------------
All articles are located at:
http://www.net-security.org/text/articles
Articles can be contributed to staff@net-security.org
Below is the list of the recently added articles.
----------------------------------------------------------------------------
TECHNIQUES TO VALIDATE HOST-CONNECTIVITY
This paper will attempt to describe techniques used to discover heavily filtered
and firewalled hosts, that will not answer to standard PING responses. It is
assumed that the reader has a firm knowledge of the major internet protocols
(TCP,IP,UDP,ICMP). Most other protocols will not be discussed but techniques
described here can be applied to many protocols.
Read more:
< http://www.net-security.org/text/articles/index-download.shtml#host >
----------------------------------------------------------------------------
WHAT'S SO SPECIAL ABOUT "DAVINIA"? THE TRUTH ABOUT THE RECENTLY
DISCOVERED INTERNET-WORM by Kaspersky Lab
"Davinia" spreads via e-mail using the popular MS Outlook e-mail program. The
worm uses a very sophisticated way of penetrating into a user's computer. This
process consists of two parts...
Read more:
< http://www.net-security.org/text/articles/viruses/davinia.shtml >
----------------------------------------------------------------------------
Security Software
-------------------
All programs are located at:
http://net-security.org/various/software
----------------------------------------------------------------------------
ABI-CODER 3.5
This free file encryption software uses a 192-bit Triple DES algorithm. It allows
you to encrypt files and folders with a click of the mouse. ABI-CODER is easy
to use and comes with great help files as well as hints to guide you along the
way. Included is a self-decryption tool. Version 3.5 includes a new 128-bit
Blowfish encryption algorithm.
Info/Download:
< http://www.net-security.org/various/software/978804005,99349,windows.shtml >
----------------------------------------------------------------------------
LINUX IDS 0.9.12-2.2.18
The Linux Intrusion Detection System is a patch which enhances the kernel's
security. When it's in effect, many system administration operations can be
made impossible even for root. You can turn the security protection on or off
on the fly and you can hide sensitive processes and prevent anyone from using
ptrace or any other capability on your system. LIDS can also provide raw device
and I/O access protection. Changes: The file that acls inherit has had several
bugs removed. Multiplatform support has been added to the makefile.
Info/Download:
< http://www.net-security.org/various/software/979669522,23787,linux.shtml >
----------------------------------------------------------------------------
WEBPASSWORD 1.0
WebPassword is a program which protects your Web pages with a password.
Once you have password-protected your page, no one will be able to view its
content without having a correct password, either in their browser or as an
original HTML source. In a Web browser, the content of a password-protected
page may be viewed only after a valid password is entered. In a text viewer,
the content of an encoded page appears as a block of JavaScript data in an
HTML page.
Info/Download:
< http://www.net-security.org/various/software/978809296,27689,windows.shtml >
----------------------------------------------------------------------------
FWLOGWATCH-0.1.2
Fwlogwatch analyzes the ipchains, netfilter, or iptables packet filter logfiles
and generates text and HTML summaries. Features realtime anomaly alerting
capability, an interactive report generator, and the ability to cut off attacks
by adding firewall rules. Changes: Some remaining problems in realtime
response mode were fixed.
Info/Download:
< http://www.net-security.org/various/software/979836008,28948,linux.shtml >
----------------------------------------------------------------------------
DEVICELOCK ME 1.0
DeviceLock Me gives network administrators control over which users can
access what removable devices (floppies, Magneto-Optical disks, CD-ROMs,
ZIPs, and so on) on a local computer. Once DeviceLock Me is installed,
administrators can control access to floppies, CD-ROMs, or any other device,
depending on the time and date. DeviceLock Me enhances access control for
Windows System Administrators and helps control removable disk usage. It can
protect network and local computers against viruses, Trojans, and other
malicious programs often introduced by removable disks. Network administrators
can also use DeviceLock Me to flush a storage device's buffers. Remote control
is also available.
Info/Download:
< http://www.net-security.org/various/software/978809487,99994,windows.shtml >
----------------------------------------------------------------------------
CRYPT EDIT 4.0
Crypt Edit is a multidocument word processor with enhanced cryptographic
features. It can easily save texts in HTML, DOC, RTF, ASCII, WRI, Unicode,
and PRT (Protected Text Format with three security levels) formats. Encrypt
and decrypt binary files with compression, and create desktop shortcuts for
your documents. Insert OLE objects and pictures in GIF, JPEG, BMP, EMF, or
WMF format. The program includes an email client with an address book, a
spelling checker, a built-in Clipboard viewer, various converters (Lowercase,
Uppercase, ROT-13, OEM, and so on), a character map, and an autoformat
tool. The new version is now nag-free donationware.
Info/Download:
< http://www.net-security.org/various/software/978809762,78481,windows.shtml >
----------------------------------------------------------------------------
UNRM-0.92
unrm is a small linux utility which can, under some circumstances, recover
almost 99% of your erased data (similar to DOS's undelete). Changes: Fixed
a bug that allowed only 6 digit inode numbers to be dumped, and added a few
variables containing the common used program locations (mount,debugfs).
Info/Download:
< http://www.net-security.org/various/software/979836106,61006,linux.shtml >
----------------------------------------------------------------------------
DATA ENCRYPTION TOOLKIT 1.0
Data Encryption Toolkit is a comprehensive program for data encryption. This
program allows you to use five well-known, highly secure encryption algorithms.
DET will help you to encrypt single files, groups of files, or entire folders,
including all subfolders, quickly and easily. You can work with encrypted
folders as simply as with usual folders (except entering the unlocking password).
All encryption and decryption actions can be done on fly. The program can be
integrated into any Windows shell and all its functions are available from the
context menu. Besides encryption, the program has some additional features.
DET is fast, and easy to setup and to use.
Info/Download:
< http://www.net-security.org/various/software/978809844,49850,windows.shtml >
----------------------------------------------------------------------------
Defaced archives
------------------------
[14.01.2001] - Rockwell Software, Inc.
Original: http://www.rsbizware.com/
Defaced: http://www.attrition.org/mirror/attrition/2001/01/14/www.rsbizware.com/
[14.01.2001] - #2 McHammer Official Site
Original: http://www.mchammer.com/
Defaced: http://www.attrition.org/mirror/attrition/2001/01/14/www.mchammer.com/
[14.01.2001] - National Centre for Radio Astrophysics, India
Original: http://dual2.gmrt.ncra.tifr.res.in/
Defaced: http://www.attrition.org/mirror/attrition/2001/01/14/dual2.gmrt.ncra.tifr.res.in/
[14.01.2001] - Northern Plains Region Homepage - Natural Resources
Original: http://www.np.nrcs.usda.gov/
Defaced: http://www.attrition.org/mirror/attrition/2001/01/14/www.np.nrcs.usda.gov/
[15.01.2001] - National Aeronautics and Space Administration
Original: http://uta7400.jpl.nasa.gov/
Defaced: http://www.attrition.org/mirror/attrition/2001/01/15/uta7400.jpl.nasa.gov/
[16.01.2001] - Newspaper Association of America
Original: http://www.naa.org/
Defaced: http://www.attrition.org/mirror/attrition/2001/01/16/www.naa.org/
[16.01.2001] - Presidency of The Islamic Republic of Iran
Original: http://web.president.gov.ir/
Defaced: http://www.attrition.org/mirror/attrition/2001/01/16/web.president.gov.ir/
[16.01.2001] - Ministry of Trade and Industry, Israel
Original: http://www.tamas.gov.il/
Defaced: http://www.attrition.org/mirror/attrition/2001/01/16/www.tamas.gov.il/
[16.01.2001] - President Administration (Bulgaria)
Original: http://www.president.bg/
Defaced: http://www.attrition.org/mirror/attrition/2001/01/16/www.president.bg/
[19.01.2001] - Ministry of Education and Science (Bulgaria)
Original: http://asclep.muvar.acad.bg/
Defaced: http://www.attrition.org/mirror/attrition/2001/01/19/asclep.muvar.acad.bg/
[19.01.2001] - USAF Pararescue
Original: http://www.specialtactics.com/
Defaced: http://www.attrition.org/mirror/attrition/2001/01/19/www.specialtactics.com/
[19.01.2001] - Australian Institute of Marine Science
Original: http://www.aims.gov.au/
Defaced: http://www.attrition.org/mirror/attrition/2001/01/19/www.aims.gov.au/
[19.01.2001] - US Department of the Interior, Alaskan Office
Original: http://www.ak.doi.gov/
Defaced: http://www.attrition.org/mirror/attrition/2001/01/19/www.ak.doi.gov/
[19.01.2001] - National Cemetary Administration, Department of Veterans Affairs
Original: http://www.cem.va.gov/
Defaced: http://www.attrition.org/mirror/attrition/2001/01/19/www.cem.va.gov/
[19.01.2001] - Swindon Borough Council, UK
Original: http://www.swindon.gov.uk/
Defaced: http://www.attrition.org/mirror/attrition/2001/01/19/www.swindon.gov.uk/
----------------------------------------------------------------------------
Questions, contributions, comments or ideas go to:
Help Net Security staff
staff@net-security.org
http://net-security.org
