Copy Link
Add to Bookmark
Report
Net-Sec Issue 063
HNS Newsletter
Issue 63 - 13.05.2001
http://net-security.org
http://security-db.com
This is a newsletter delivered to you by Help Net Security. It covers weekly
roundups of security events that were in the news the past week. Visit Help
Net Security for the latest security news - http://www.net-security.org.
Subscribe to this weekly digest on:
http://www.net-security.org/text/newsletter
Archive of the newsletter in TXT and PDF format is available here:
http://www.net-security.org/news/archive/newsletter
Current subscriber count to this digest: 2368
Table of contents:
1) General security news
2) Security issues
3) Security world
4) Featured products
5) Security software
6) Defaced archives
========================================================
Help Net Security T-Shirt available
========================================================
Thanks to our affiliate Jinx Hackwear we are offering you the opportunity
to wear a nifty HNS shirt :) The image speaks for itself so follow the link
and get yourself one, summer is just around the corner.
Get one here: http://207.21.213.175:8000/ss?click&jinx&3af04db0
========================================================
General security news
---------------------
----------------------------------------------------------------------------
E-COMMERCE FIRMS FACING MORE ONLINE SECURITY RISKS
Online security can pose a threat to the IT industry world over. According to
the managing director of Safe Acript Atul Saran, the industry suffered losses
to the tune of $10 billion during the last two years. Speaking at a seminar -
Consilience-2000 - organised by the National Law School of India University
here on Sunday, he said the companies could cut down on problems by
taking precautionary measures.
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.timesofindia.com/today/07info13.htm
A CRITIQUE OF MEDIA REPORTAGE OF VIRUSES
In this article, George Smith takes a critical look at the way the media reports
viruses. Specifically, he critiques the shortcomings of the 'crisis' mode used by
the media to report virus threats and virus-writing competitions and examines
the effects of that school of reportage on the public's reaction to viruses.
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.securityfocus.com/focus/virus/articles/diseased.html
HACKERS DENIED ACCESS
Access Research, a security firm founded earlier this year, has unveiled its
security products to protect corporate data. Access Denied is a strong
authentication system, preventing unauthorised users from connecting to
company servers. It protects firms from hackers' spoofing, denial of service
and Trojan attacks at the IP level, safeguarding Web servers and clients, the
company said. The technology scans traffic at the TCP/IP connection level,
alongside other security features, such as firewalls, and controls communication
channels between Web servers and clients.
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.zdnet.co.uk/news/2001/18/ns-22662.html
NT SERVICE PACK 7: D.O.A.
SP7 is now officially dead. This is unfortunate, since it makes fixing all the
security holes present on an NT system more difficult. For day-to-day
operations, the lack of service packs won't make a huge difference. In the
last few years, Microsoft has only released six service packs for NT (not
counting multiple releases of Service Pack 6 that were broken to various
degrees). Administrators typically apply Microsoft's hotfixes as they become
available; otherwise, it is trivial in most cases for attackers to break into
unpatched systems.
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://securityportal.com/articles/ntspseven20010507.html
WORMS COME UNDER ATTACK
When the ILoveYou virus swept through corporate networks around the
world last May, it took everyone by surprise - especially anti-virus software
developers. As the one-year anniversary of the Love Bug's attack passed
last week, McAfee Corp., Trend Micro Inc. and other anti-virus vendors
were working on new technologies and strategies that they hope will
reduce the likelihood of another outbreak of that scale.
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.zdnet.com/eweek/stories/general/0,11011,2715700,00.html
NEO-NAZIS ATTACK LIBRARY'S WEB SITE
The State Library of NSW was inundated with calls after an attacker replaced
its Web site with images of Hitler and a Nazi swastika across an Australian flag
in an unprecedented racially motivated attack.
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.smh.com.au/news/0105/07/national/national16.html
EXODUS CUSTOMER SECURITY SITE HACKED
Internet hosting company Exodus Communications suffered an embarrassing
break-in of one of its security-related Web sites Friday night. Hackers left a
message bragging that they had access to the companys network and posted
personal information about a company employee on www.security.exodus.net.
Exodus, which co-hosts big-name Web sites like Yahoo.com and eBay.com,
confirmed the break-in. But company officials say the attackers were only
able to access arcane Web server log files for a few Exodus customers.
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.msnbc.com/news/569965.asp
THE NEW SECURITY PRO
"The really bad security breaches that would make the hair on the back of
your neck stand up are not being reported [in the media]," says David Foote,
a managing partner at Foote Partners LLC, a New Canaan, Conn.-based
research and consulting firm specializing in the IT workforce. "But companies
know about them, and they're scared." As companies place an increased
emphasis on security, says Foote, the role of the security professional is
changing from a strictly back-office IT support role to one that's strategically
tied in with the entire company.
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.computerworld.com/cwi/story/0,1199,NAV47_STO60207,00.html
2600 CLUBS
The Washington Post's Ariana Eunjung Cha did an article on 2600 clubs
around the states. "Club members still draw the attention of authorities.
But the perception that their meetings are solely a place where hackers
exchange trade secrets and plot electronic break-ins is exaggerated, or
at least outdated".
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.chicagotribune.com/business/printedition/article/0,2669,SAV-0105070210,FF.html
HACKERS BREAK INTO INFOSYS BANKING SITE
Hackers reached IT major Infosys, with unidentified miscreants breaking in into
the companys banking division website. According to an Infosys spokesperson,
the companys technical personnel were attempting to rectify the damage and
restore the site. "Work is on at present and the site should be up soon," the
spokesperson said. The hackers changed the content of the site though it is
not clear how and why the break in occurred.
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.hindustantimes.com/nonfram/080501/detECO10.asp
STREAMER.MICROSOFT.COM HACKED
According to Alldas.de, a Web server located within Microsoft's .com domain at
streamer.microsoft.com was cracked and defaced in the early hours of Tuesday
morning by a computer crackers calling themselves Prime Suspectz. Just last
Friday, the same group, which claims to be based in Brazil, vandalised three
international Microsoft Web sites, Microsoft UK, Mexico and Saudi Arabia.
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.zdnet.co.uk/news/2001/18/ns-22672.html
HACKER ATTACKS UTV SITE
UTV are investigating how an attacker managed to link the front page of their
web site to a commemoration site for hunger-striker Bobby Sands last weekend.
According to UTV, the attacker changed a link early Saturday morning, May 5th.
The problem was rectified within hours of being spotted.
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.ireland.com/newspaper/breaking/2001/0508/breaking44.htm
IIS ATTACKING WORM OUT THERE
CERT issued an advisory on a new piece of self-propagating malicious code.
Based on preliminary analysis, the sadmind/IIS worm exploits a vulnerability in
Solaris systems and subsequently installs software to attack Microsoft IIS web
servers. In addition, it includes a component to propagate itself automatically
to other vulnerable Solaris systems. It will add "+ +" to the .rhosts file in the
root user's home directory. Finally, it will modify the index.html on the host
Solaris system after compromising 2,000 IIS systems.
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.cert.org/advisories/CA-2001-11.html
WHY OPENBSD WILL NEVER BE AS SECURE AS LINUX
OpenBSD fans everywhere simultaneously draw their flame guns and set them
to "well done". OpenBSD claims to be "secure by default", and has undergone
an extensive code audit -- so the question is this: has Kurt been hit in the
head with a blunt object, or what? Wait! Before you hit the send button and
put me out of my ignorance-induced misery, please read the whole article.
Your thoughts will probably be addressed.
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://securityportal.com/closet/closet20010509.html
WHITEHAT HACKER MADE FBI PATSY
American federal officials used threats and a false promise of leniency to lure
computer security researcher and admitted cyber intruder Max Butler into
becoming an undercover FBI informant, according to a defense motion filed
in the case Tuesday. It was only when Butler balked at covertly recording a
friend and colleague, and instead sought advice from an attorney, that the
government threw the book at him, the motion charges. "The government as
much as promised him he would receive consideration," says defense attorney
Jennifer Granick. "At least until he hired an attorney."
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.theregister.co.uk/content/8/18817.html
AUSTRALIAN PARLIAMENT HIT BY VBSWG.X
VBSWG.X has hit the Australian parliament's e-mail system opening a selection
of pornographic websites on its victims' screens. International research company
Trend Micro says the virus was first detected in the US and has spread to more
than 50 Australian businesses. At least 2,500 cases of the virus have also been
recorded in New Zealand.
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.ananova.com/news/story/sm_287043.html
AN INTRODUCTION TO NESSUS
"There are a number of security scanners out there. Most of them are vendor
specific, and each boasts a number of vulnerability checks to determine what
is secure on your system and what is not. So what if you are a hardcore open
source paranoid like myself who wouldn't think to spend a dime on the latest
commercial security scanner from CyberSlueths or CrackerCops? Well there is
a superior alternative that is regularly updated, free, and open source. It's
called Nessus, and it is by far the best scanner available."
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.linuxsecurity.com/feature_stories/feature_story-86.html
BALTIMORE WILL FIRE 10% OF STAFF?
Baltimore Technologies Plc, a security software maker that issued two lowered
profit forecasts this year, may fire as many as 120 workers or about 10 percent
of its staff, the Irish Independent newspaper said, citing analysts.
Link: http://news.cnet.com/investor/news/newsitem/0-9900-1028-5868866-0.html
VBSWG.X UPDATE
A spokesman for the antiviral software company Sophos said that 80 companies
have reported being hit by the virus, and several said that they have each sent
out up to 100,000 infected e-mails. Another antiviral firm, MessageLabs, reports
similar statistics, adding that its data indicates Homepage is spreading faster
than the Kournikova virus.
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.wired.com/news/culture/0,1284,43681,00.html
"WAR" IS OVER
Chinese 'hackers', engaged in a "cyberwar" with their counterparts in the
United States, boasted on Wednesday they had defaced 1,000 U.S. Web
sites, but called a truce to the conflict.
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.zdnet.com/zdnn/stories/news/0,4586,5082576,00.html
DUMMY INTERNET FIRM USED TO SNAG RUSSIAN HACKERS
Invita Security Corp. looked like a typical Internet company: It had offices,
computers, employees, even a secure computer system. The only thing
missing was the customers. Far from a failed start-up, the aptly named
Invita turned out to be a bogus company set up by the Federal Bureau
of Investigation to ensnare a pair of young Russian hackers accused of
breaking into U.S. Internet companies' computers, stealing financial and
other sensitive data and demanding extortion payments. Authorities say
Alexey Ivanov, 21, and Vasily Gorshkov, 25, both of Chelyabinsk, fell for
the bait. Arrested and jailed on 20 criminal counts including conspiracy
and wire fraud, they are set to go on trial May 29 in federal court in Seattle.
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.dallasnews.com/technology/362473_fbihackers_10b.html
WINDOWS VS. LINUX - TAKING SECURITY SERIOUSLY
Network security cannot be left to chance these days. It is incumbent on
businesses, given the throng of Internet connections across the globe, that
their systems - no matter what types of operating systems or servers involved,
are patched, hardened and secure. Then again, if it is up to individual
organisations to protect what they have, perhaps the role of OS vendors is to
strengthen the security features they offer. Just which vendor does this better
is difficult to establish. While proponents of Linux systems maintain that the
many security vulnerabilities and attacks coming to the fore are due to
Microsoft's dominance in the market and its inherent vulnerabilities, others
believe that Bill Gates' behemoth company is beginning to hold its own in
acknowledging and addressing security issues. With fame, however,
misfortune can follow.
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.westcoast.com/securecomputing/2001_05/special/special.html
USING SENDMAIL AND AMAVIS TO HALT VIRUS DISTRIBUTION
Unlike days past where viruses were primarily spread through sneaker-net
distribution of floppy disks, most modern viruses are spread via e-mail.
Advanced scripting languages for the Windows platform coupled with the
relative insecurity of certain Windows mail clients have increased the ranks
of the virus, worm, and other mal-ware authors. Fortunately, most Unix
servers and mail systems can halt the spread of such mal-ware. This tutorial
will focus on integrating the AMaViS (0.2.1) anti-virus cleanser with Sendmail
8.9.1b, the default mail server shipped with Solaris 7. However, the setup and
configuration procedures are very similar on Linux and xBSD.
Link: http://www.sunhelp.org/pages.php?page=article-amavis
SECURING LINUX WITH AIDE
It is often difficult to assess damage from an intrusion through syslogs and good
old-fashioned sysadmin work alone. Host-based intrusion detection systems can
assist in these efforts. One such host-based IDS for Unix operating systems is
AIDE. AIDE is a valuable, configurable tool that takes a snapshot of a system
in its original state in order to track subsequent changes in the system. This
article will discuss various aspects of using AIDE on Linux systems, including:
configuring and using AIDE, troubleshooting your configuration, reviewing logs
and cleaning up rulesets.
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.securityfocus.com/focus/linux/articles/linuxaide.html
MAC: RIPE FOR A HACK?
"Think Different" has been an Apple rallying cry for the last few years. And
recently, many Mac fans have begun to think different(ly) - about computer
security. Macs have rarely been the target of hack attacks or viruses, due
in part to the fact that many malicious hackers are unfamiliar with the Mac
operating system. But Apple's new operating system, OS X, is built around
an open-source, Unix-based core - an operating system that many hackers
are already very familiar with.
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.wired.com/news/infostructure/0,1377,43638,00.html
INFOSYS TRACKING ATTACKERS
India's top software firm Infosys Technologies said Tuesday it has tracked down
the origin of computer hackers who targeted its website on Monday. "The attack
seems to have been launched from an educational institution. We are trying to
reach the administrators of the institution to pinpoint the source," the company
said in a statement.
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.timesofindia.com/090501/09info17.htm
ICSA LABS TO CERTIFY PC FIREWALLS
TruSecure Corp.'s ICSA Labs division has added PC Firewalls to its list of security
applications that it certifies. Through the personal firewall certification program,
personal firewall vendors will have their software tested, assessed, and validated
by ICSA's independent labs.
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.informationweek.com/story/IWK20010510S0003
GOVERNMENT AGENCIES DEFLECT "HOMEPAGE" WORM
We havent seen anything significant in the United States, said a spokesman
for FedCIRC, the governments computer intrusion response center. It has
mostly been overseas.
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.gcn.com/vol1_no1/daily-updates/4221-1.html
GATEWAY UK TURNS PERSONAL INFO PUBLIC
A security gaffe by Gateway 2000 has resulted in the exposure of sensitive
customer information on the PC vendor's web site. Up until late this afternoon
searching for 'delivery cost' on Gateway's UK site returned two copies of an
Excel spreadsheet containing order details, customer contacts and phone
numbers.
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.theregister.co.uk/content/8/18867.html
DMZS FOR DUMMIES
You've ordered a new firewall, and you want to get it running on your network
ASAP. Your first reaction is probably to put every client and server behind it.
That's fine for a small company, but a larger company should consider creating
a perimeter security network called a demilitarized zone (DMZ) that separates
the internal network from the outside world.
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.zdnet.com/enterprise/stories/main/0,10228,2717224,00.html
ASK BUFFY
Questions this week cover Logging Root Commands; WINS, NetBIOS problems;
Protecting Solaris from IP Spoofing; xinetd and tcp_wrappers; and BCC Email
Tracking.
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://securityportal.com/buffy/buffy20010510.html
ANOTHER HOTMAIL SCAM
"You're one of 100 hotmail winners!" reads the title from an email apparently
sent from from the "Hotmail Staff" and presents the users with a form to indicate
sign-in name, password, comments and..a picture. Infact the email was sent by
a "max@relay.1c.kiev.ua" and over html code directly links to http://193.125.79.67/,
which according to the RIPE whois data base belongs the Tara Shevchenko Kiev
University, 01033 Kiev, Ukraine. The only price to win would be your hacked
hotmail account.
IIS WORM - 8836 IP ADDRESSES ATTACKED
On Tuesday, May 8, Attrition staff received email containing a list of 8836 IP
addresses that were said to be victims of the "sadmind/IIS Worm". From there,
they broke the list down into a few major types of machines/names; ADSL
boxes, Cable Modems, DHCP servers, DNS machines, DSL boxes, Mail hosts,
personal machines, "regular" servers and "in-addr" addresses.
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.attrition.org/security/commentary/worm01.html
2600.COM WASN'T HIJACKED; NSI PROBLEMS
2600.com reported that their domain got hijacked yesterday - "Imagine our
surprise when we were told by readers that 2600.com no longer belongs to
2600.com! That's the nightmare that we were greeted with on Friday due to
a bizarre foulup with Network Solutions." In a short time they were able to
track down the right people at Network Solutions Inc, so the mistake got fixed.
Link: http://www.2600.com/news/display.shtml?id=412
Link: http://www.2600.com/news/display.shtml?id=413
STATE DEPARTMENT'S OFFICE OF IIP SITE DEFACED
A confidential U.S. State Department Web site (State Department's Office of
International Information Programs) was defaced and some internal Internet
servers were shut down in a cyberattack launched earlier this week by an
unknown assailant, department spokeswoman Victoria DeLong announced.
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.computerworld.com/cwi/stories/0,1199,NAV47-68-84-88_STO60494,00.html
PROTOCOL TO SECURE DATA FOR WLANS
Industry experts are tipping Kerberos to become the accepted security standard
for roaming between access points in the growing wireless local area network
(WLAN) market. Concerns about the rival Wireless Equivalent Privacy (WEP)
security protocol used in the 802.11b WLAN standard have surfaced recently,
putting IT managers off adopting the technology, due to fears about the
security of connections and the verification of users as they 'roam' from
one access point to another.
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.zdnet.co.uk/news/2001/18/ns-22764.html
0WN THIS BOX CHALLENGE
Cylant's "0wn this box challenge" is a research effort providing a good
challenge to skilled crackers. Dave Wreski and Benjamin Thomas of
LinuxSecurity.com interview Cylant Technology, Inc.seeking to find
more information regarding the work to create this contest, and the
experiences gained from holding it.
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.linuxsecurity.com/feature_stories/feature_story-87.html
----------------------------------------------------------------------------
Security issues
---------------
All vulnerabilities are located at:
http://net-security.org/text/bugs
----------------------------------------------------------------------------
DEBIAN LINUX: CRON LOCAL ROOT EXPLOIT
A recent (fall 2000) security fix to cron introduced an error in giving up
privileges before invoking the editor. A malicious user could easily gain
root access. This has been fixed in version 3.0pl1-57.3 (or 3.0pl1-67
for unstable). No exploits are known to exist, but we recommend that
you upgrade your cron packages immediately.
Link: http://www.net-security.org/text/bugs/989242718,76559,.shtml
IIS 5.0 PROPFIND DoS #2
It is possible to remotely restart all IIS related services using specially
crafted request. If this request is repeated continously this seriously
affects IIS performance.
Link: http://www.net-security.org/text/bugs/989242918,59658,.shtml
MP3MYSTIC VULNERABILITY
MP3Mystic is a webserver that lets a visitor browse your harddrive only
showing MP3 files. It is vulnerable to the dot dot bug.
Link: http://www.net-security.org/text/bugs/989345433,40148,.shtml
ELECTROCOMM 2.0 VULNERABILITY
ElectroComm allows you to connect to a comm port on a computer over a
network using any Telnet client. The program can fall victim to a DoS.
Link: http://www.net-security.org/text/bugs/989345489,35284,.shtml
VIRTUAL DNS VULNERABILITY
Virtual DNS (Vdns) allows users with DSL & ADSL type connections to run their
own web server with their own domain name. It suffers from a DoS.
Link: http://www.net-security.org/text/bugs/989345611,74236,.shtml
LINUX MANDRAKE - PINE UPDATE
Versions of the Pine email client prior to 4.33 have various temporary file
creation problems, as does the pico editor. These issues allow any user
with local system access to cause any files owned by any other user,
including root, to potentially be overwritten if the conditions were right.
Link: http://www.net-security.org/text/bugs/989351502,70657,.shtml
TURBOLINUX SECURITY ANNOUNCEMENT: VIXIE-CRON
A security hole has been discovered in the package vixie-cron. Please
update the packages in your installation as soon as possible.
Link: http://www.net-security.org/text/bugs/989408997,40125,.shtml
TURBOLINUX SECURITY ANNOUNCEMENT: SQUID
A security hole has been discovered in the package squid. Please update
this package in your installation as soon as possible.
Link: http://www.net-security.org/text/bugs/989409105,89300,.shtml
TURBOLINUX SECURITY ANNOUNCEMENT: DHCP
A security hole has been discovered in the dhcp packages. Please update
the packages in your installation as soon as possible.
Link: http://www.net-security.org/text/bugs/989409220,8713,.shtml
TURBOLINUX SECURITY ANNOUNCEMENT: XNTP3
A security hole has been discovered in the xntp3 packages. Please update
the packages in your installation as soon as possible.
Link: http://www.net-security.org/text/bugs/989409271,97178,.shtml
WINDOWS 2000 KERBEROS DoS
The Kerberos service and kerberos password service contain a flaw that could
allow a malicious attacker to cause a Denial of Service on the Kerberos service
and thus making all domain authentication impossible.
Link: http://www.net-security.org/text/bugs/989436098,15488,.shtml
DEBIAN LINUX - SAMBA SECURITY FIX UPDATE
Marc Jacobsen from HP discovered that the security fixes from samba 2.0.8 did
not fully fix the /tmp symlink attack problem. The samba team released version
2.0.9 to fix that, and those fixes have been added to version 2.0.7-3.3 of the
Debian samba packages.
Link: http://www.net-security.org/text/bugs/989582948,34149,.shtml
RED HAT LINUX: UPDATED NEDIT PACKAGES
nedit creates temporary files in an insecure fashion. This version has been
patched to use mkstemp().
Link: http://www.net-security.org/text/bugs/989583041,52988,.shtml
SQL SERVER 7.0 SERVICE PACK PASSWORD BUG
When SQL Server 7.0 Service Packs 1, 2, or 3 are installed on a machine that
is configured to perform authentication using Mixed Mode, the password for the
SQL Server standard security System Administrator (sa) account is recorded in
plaintext in the files %TEMP%\sqlsp.log and %WINNT%\setup.iss. The default
permissions on the files would allow any user to read them who could log onto
the server interactively.
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.microsoft.com/technet/security/bulletin/MS00-035.asp
VULNERABILTY IN TYPSOFT FTP SERVER V0.95
An attacker with anonymous access to the ftp server can break out of the ftp
root using the dot vulnerability.
Link: http://www.net-security.org/text/bugs/989607354,81774,.shtml
DENICOMP REXECD/RSHD DENIAL OF SERVICE
There exists a problem in the port-handling code of mentioned products which
exposes the services provided by these to a DoS attack.
Link: http://www.net-security.org/text/bugs/989607535,50259,.shtml
DEBIAN LINUX - GFTP REMOTE EXPLOIT
The gftp package as distributed with Debian GNU/Linux 2.2 has a problem
in its logging code: it logged data received from the network but it did
not protect itself from printf format attacks. An attacker can use this
by making a FTP server return special responses that exploit this.
Link: http://www.net-security.org/text/bugs/989607865,68250,.shtml
----------------------------------------------------------------------------
Security world
--------------
All press releases are located at:
http://net-security.org/text/press
----------------------------------------------------------------------------
TRAFFIC LIMITING INTRUSION DETECTION SYSTEM (TLIDS) - [07.05.2001]
Captus Networks, the world leader in protecting against Denial of Service
attacks, announced a major software enhancement to its CaptIO family of
network security solutions that greatly simplifies the task of systems
administrators for ensuring the security and availability of their Internet
networks.
Press release:
< http://www.net-security.org/text/press/989243503,12040,.shtml >
----------------------------------------------------------------------------
SAFENET PARTNERS WITH TEXAS INSTRUMENTS - [07.05.2001]
SafeNet, a leading provider of Internet security technology that is the de facto
standard in the VPN industry, announced that it has been chosen to partner
with Texas Instruments to provide a new wireless security library for next
generation (2.5 and 3G) wireless devices. SafeNet's encryption technology,
combined with TI's DSP-based OMAP family of processors, will enable the
strongest security for next generation wireless devices including personal
digital assistants, cell phones, and pagers. The OMAP architecture is fast
becoming a de facto standard for 2.5 and 3G wireless devices. Today, TI's
OMAP architecture has been publicly endorsed by Nokia, Ericsson, Sony,
Sendo, HTC, Symbian, Microsoft, and Sun Microsystems.
Press release:
< http://www.net-security.org/text/press/989243541,30009,.shtml >
----------------------------------------------------------------------------
PROACTIVENET 4.0 PROVIDES ROOT CAUSE ANALYSIS - [08.05.2001]
ProactiveNet, Inc., a leading provider of performance management solutions for
Internet, intranet and extranet applications, today announced ProactiveNet 4.0,
the company's flagship management application. The product makes its debut at
the Networld + Interop show in Las Vegas this week, in ProactiveNet's booth #1825.
Press release:
< http://www.net-security.org/text/press/989316924,18917,.shtml >
----------------------------------------------------------------------------
STONEBRIDGE TECHNOLOGIES AND ISS PARTNER - [08.05.2001]
Stonebridge Technologies, an award-winning technology consulting firm,
announced that the company is extending its infrastructure service offerings
through a strategic alliance with Internet Security Systems (ISS), a leading
provider of security management solutions for the Internet.
Press release:
< http://www.net-security.org/text/press/989317193,42924,.shtml >
----------------------------------------------------------------------------
ANTI-VIRUS INFORMATION EXCHANGE NETWORK GROWS - [08.05.2001]
The Anti-Virus Information Exchange Network and its associated Early Warning
System continue to increase their growth at a fast pace. At the end of April,
2001, with just 6 months of activity, AVIEN already includes antivirus specialists
who support more than 2 million end users.
Press release:
< http://www.net-security.org/text/press/989336150,58744,.shtml >
----------------------------------------------------------------------------
WATCHGUARD: FIREBOX 2500 AND FIREBOX 4500 - [08.05.2001]
WatchGuard Technologies, Inc., a leader in Internet security solutions, introduced
its next generation of award-winning Firebox Internet security appliances at the
NetWorld + Interop Conference in Las Vegas. The Firebox III family, consisting of
the Firebox 2500 and Firebox 4500, redefine price/performance by delivering
industry-leading performance at prices that are affordable for larger distributed
organizations and Internet data centers with the need to secure a large number
of VPN connections.
Press release:
< http://www.net-security.org/text/press/989336211,66652,.shtml >
----------------------------------------------------------------------------
RAINBOW IVEA AWARDED AT N+I - [08.05.2001]
Rainbow iVEA, a Rainbow Technologies (Nasdaq: RNBO) company and a leading
provider of high-performance security solutions for the Internet and eCommerce,
announced that the CryptoSwift 600 eCommerce accelerator captured a Well
Connected Award by Network Computing Magazine at the Spring 2001 Networld+
Interop Conference in Las Vegas. The CryptoSwift 600 defeated the nCipher
nForce 300 and the Compaq AXL2000 Accelerator PCI Card for "Best SSL
Acceleration Solution."
Press release:
< http://www.net-security.org/text/press/989350887,96012,.shtml >
----------------------------------------------------------------------------
F-SECURE ALERTS USERS ON VBSWG.X WORM - [09.05.2001]
F-Secure Corporation, a leading provider of centrally-managed, widely
distributed security solutions is alerting computer users worldwide about
a new, rapidly spreading e-mail worm named VBSWG.X, also known as
Homepage, is an encrypted e-mail worm found in the wild on May 9th,
2001.
Press release:
< http://www.net-security.org/text/press/989407841,43920,.shtml >
----------------------------------------------------------------------------
VISUALSOFT CRYPT WINS JOLT PRODUCTIVITY AWARD - [09.05.2001]
VisualSoft Technologies, a leading Software Products and Solutions development
company, today announced that VisualSoft Crypt won Software Development
magazine's Jolt Productivity Award in the category of "Libraries, Frameworks and
Components". The Jolt Awards were announced by CMP's Software Development
magazine on April 11th, 2001 at Software Development West Conference and
Exposition at the San Jose Convention Center in San Jose, CA.
Press release:
< http://www.net-security.org/text/press/989407988,53034,.shtml >
----------------------------------------------------------------------------
INFOEXPRESS WINS NETWORK COMPUTINGS AWARD - [09.05.2001]
InfoExpress, a pioneer in enterprise remote access security solutions,
announced that its CyberArmor Suite Enterprise Personal Firewall 1.1 has
been named a winner of CMP Media LLCs Network Computing for a 2001
Well-Connected Award in the category of Desktop Firewall. CyberArmor
was chosen for its innovative centralized security policy management
capability to protect corporate assets from various malicious Internet
attacks. CyberArmor also offers the industrys only environmentally
sensitive policy- based solution. It can select the active policy by
differentiating between users on the corporate network, when a
remote VPN session is active, or when they are surfing the Internet.
Press release:
< http://www.net-security.org/text/press/989431870,88278,.shtml >
----------------------------------------------------------------------------
MELCAM SURVEILLANCE APPLICATION FOR PC CAMERAS - [10.05.2001]
MelCam is easy to operate, keeps real-time tabs on vulnerable assets and
increases security levels. Physical areas that are secured with a MelCam
system benefit from Melioris' proprietary "Multi-Channel Security" - the
ability to monitor and respond to incidents in a multiple number of ways,
concurrently.
Press release:
< http://www.net-security.org/text/press/989494304,54252,.shtml >
----------------------------------------------------------------------------
NEW DEVICELOCK MILLENNIUM EDITION RELEASED - [10.05.2001]
SmartLine, Inc. announced the new release of DeviceLock Millennium Edition, a
Windows service for restricting access to local devices running Windows 95/98/Me.
Preventing the introduction of inappropriate software and data is important when
trying to protect and administer a company's computer network. The traditional
solution has been a physical lock on the floppy drive. DeviceLock Me eliminates
the need for physical locks and has a number of advantages. It is easy to install
and administrators can have instant access from the remote computers when
necessary. There are no physical keys to store and manage - DeviceLock Me
is a software-only solution.
Press release:
< http://www.net-security.org/text/press/989519175,1325,.shtml >
----------------------------------------------------------------------------
SOPHOS DEFENDS IRISH SCHOOLS THROUGH ICL - [10.05.2001]
Sophos, a world leader in corporate anti-virus protection, announced that it is
to protect IT systems in all of Northern Ireland's schools from virus attack.
Sophos will defend the schools as part of a deal with eBusiness services company,
ICL. Under the terms of the deal, all Northern Irish secondary schools will switch
from their existing anti-virus protection (provided through CLASS - the
Computerisation of Local Administration Systems in Schools) to that provided
by Sophos. All of the region's primary school IT systems are already protected
by Sophos Anti-Virus.
Press release:
< http://www.net-security.org/text/press/989519256,16494,.shtml >
----------------------------------------------------------------------------
SURFCONTROL SLAMS THE DOOR ON VBSWG.X - [11.05.2001]
SurfControl, the Internet Filtering Company, announced that SurfControl is part
of the preventative measures that corporations are putting in place to protect
themselves from email born viruses like the recent "homepage" attack. Given that
SurfControl's SuperScout Email Filter sits between the email server and the virtual
boarder, and works with a corporation's existing anti-virus software, the product
can stop viruses at the door before they get to the email server.
Press release:
< http://www.net-security.org/text/press/989533926,93756,.shtml >
----------------------------------------------------------------------------
CHECKPOINT AND ISS CO-SPONSOR ENET - [11.05.2001]
Check Point Software Technologies Ltd. and Internet Security Systems (ISS),
two Internet security leaders, today announced that they have been selected
for the fourth consecutive year as network security co-sponsors of the Interop
Net Event Network (eNet) at NetWorld+Interop in Las Vegas. Check Point and
ISS have provided integrated Internet security technology, real-time monitoring
and expertise for protecting the complex network. The eNet is an integral part
of NetWorld+Interop, held May 7-11, 2001 at the Las Vegas Convention Center.
Press release:
< http://www.net-security.org/text/press/989533992,80558,.shtml >
----------------------------------------------------------------------------
SURFCONTROL ANNOUNCES GRANT OF US PATENT - [11.05.2001]
SurfControl, the Internet Filtering Company, is pleased to announce today
that the US Patent Office has granted to SurfControl a patent on its core
web filtering technology and processes. The US Patent 6,219,786, granted
to SurfControl, Inc., describes the unique system for managing access
control to resources of a distributed network, and more particularly to
monitoring computer users' access to those resources from within and
outside the network.
Press release:
< http://www.net-security.org/text/press/989534017,22824,.shtml >
----------------------------------------------------------------------------
ZEASOFT RELEASES TASK TERMINATOR - [11.05.2001]
ZeaSoft is proud to announce a new release of our free utility, Task Terminator
(http://www.zeasoft.com/products/taskterm.htm). Task Terminator is a free
utility from ZeaSoft which allows you to terminate any task or window running
on your machine, even hidden programs and services which are invisible to the
Windows Task Manager (that window that pops up when you hit Ctrl-Alt-Del).
Task Terminator has the look and feel of the Windows Task Manager to make
it instantly familiar to Windows users.
Press release:
< http://www.net-security.org/text/press/989583281,21227,.shtml >
----------------------------------------------------------------------------
EEYE DIGITAL SECURITY RELEASES SECUREIIS - [11.05.2001]
SecureIIS is the latest in proactive network security tools from eEye Digital
Security. SecureIIS protects Microsoft IIS Web servers from known and
unknown hacker attacks. SecureIIS wraps around IIS and works within it,
verifying and analyzing incoming and outgoing Web server data for any
possible security breaches. It prevents these breach attempts from
penetrating the server, and alerts the network administrator when such
attacks occur. SecureIIS combines the best features of Intrusion Detection
Systems and Network Firewalls all into one, and it is custom tailored to your
Web server.
Press release:
< http://www.net-security.org/text/press/989583781,34566,.shtml >
----------------------------------------------------------------------------
LEADING SECURITY COMPANIES COMBINE PRODUCTS - [11.05.2001]
At Networld + Interop today, networking, antivirus and Internet security leaders
Linksys, TrendMicro Inc., and Zone Labs announced they will combine their
products and technologies into one comprehensive, best-of-breed security
solution for the small/medium business and home networking market. Linksys
EtherFast Cable/DSL Router users will benefit from ironclad protection for their
networks consisting of Zone Labs' ZoneAlarm Pro Internet security utility and
Trend Micro's PC-cillin antivirus software as part of a complete hardware
and software solution.
Press release:
< http://www.net-security.org/text/press/989583975,40156,.shtml >
----------------------------------------------------------------------------
TRIPWIRE HONORED AS UPSIDE MAGAZINE - [12.05.2001]
Tripwire Inc., the leading provider of data and network integrity (DNI) software,
announced that it has been selected by UPSIDE Magazine as one of the 2001
Hot 100 private companies. Tripwire was selected by the editors of UPSIDE and
an advisory panel comprised of venture capitalists, financial analysts and market
researchers. More than 800 companies were nominated for this year's UPSIDE
Hot 100 Awards. Each company was judged on the basis of its technological
achievements, customer acceptance of products or services, financial
performance, industry partnerships, financial backing, and management
experience.
Press release:
< http://www.net-security.org/text/press/989625999,42397,.shtml >
----------------------------------------------------------------------------
MCAFEE USERS UNAFFECTED BY HOMEPAGE WORM - [12.05.2001]
McAfee, a division of Network Associates, Inc. and recognized leader in anti
virus security solutions, today announced that its gateway anti-virus products
and services protected leading businesses from the recently discovered
Homepage worm. McAfee's advanced scanning technology detected and
cleaned the Homepage worm at Major League Soccer, Loancity.com, Affinity
Health System and other leading McAfee corporate businesses. Similar to the
AnnaKournikova virus detected earlier this year, McAfee AVERT (Anti-Virus
Emergency Response Team) worked closely with customers to provide up-to-
date diagnostics and information regarding the virus.
Press release:
< http://www.net-security.org/text/press/989659179,31194,.shtml >
----------------------------------------------------------------------------
PREPARATIONS FOR RSA CONFERENCE 2001 ASIA - [12.05.2001]
As e-commerce continues to gain a strong foothold in Asia, RSA Security Inc.,
the most trusted name in e-security, announced the program for RSA Conference
2001, Asia, which will be held July 9 - 12, 2001 at the Singapore International
Convention and Exhibition Center in Suntec City, Singapore. RSA Security's first
annual e-security conference and exposition in the Asia-Pacific region is designed
to address the critical e-security and privacy issues facing business, government
and the public. RSA Conference 2001, Asia is modeled after the U.S.-based RSA
Conference, the world's largest security event, which drew more than 10,000
attendees last April in San Francisco, Calif.
Press release:
< http://www.net-security.org/text/press/989659469,10481,.shtml >
----------------------------------------------------------------------------
ALADDIN'S ESAFE PROTECTS OF HOMEPAGE WORM - [12.05.2001]
Aladdin Knowledge Systems, a global leader in the field of Internet content and
software security, today announced its eSafe Internet content security solution
successfully blocks the new medium-risk vandal named VBS.Homepage.
Press release:
< http://www.net-security.org/text/press/989659605,74425,.shtml >
----------------------------------------------------------------------------
BIOMETRIC SECURITY FOR NEW NASA FACILITY - [12.05.2001]
Bioscrypt Inc., a leading provider of biometric authentication solutions, announced
that the Triana Science and Operations Center (TSOC), a NASA funded facility at
the University of California in San Diego, is using Bioscrypt's advanced biometric
technology to control physical access and provide security for their operations.
Press release:
< http://www.net-security.org/text/press/989659723,75766,.shtml >
----------------------------------------------------------------------------
Featured products
-------------------
The HNS Security Database is located at:
http://www.security-db.com
Submissions for the database can be sent to: staff@net-security.org
----------------------------------------------------------------------------
GENUITY SECURITY ADVANTAGE
Genuity Security Advantage service lets you outsource your security needs
and gives you local access to security management services independent of
any specific ISP, hardware platform, or operating system. Furthermore, the
service uses IPsec-compliant hardware and software, enabling you to
establish secure, site-to-site Virtual Private Networks (VPNs), thereby
avoiding costly leased-line fees.
Read more:
< http://www.security-db.com/product.php?id=149 >
This is a product of Genuity, for more information:
< http://www.security-db.com/info.php?id=27 >
----------------------------------------------------------------------------
LT AUDITOR+
Blue Lance´s LT Auditor+ is a Windows-based intrusion detection/audit trail
security software solution. LT Auditor+ is designed to protect organizational
assets accessible through NT and/or Novell networks. LT Auditor+ provides
around-the-clock monitoring of network activity across the enterprise. LT
Auditor+ is used to secure corporate assets against unauthorized access,
fraud and theft. Highly acclaimed by Netware Users International, Blue
Lance's LT Auditor+ is in use by the world´s largest banks, government
agencies and corporations.
Read more:
< http://www.security-db.com/product.php?id=436 >
This is a product of Blue Lance, for more information:
< http://www.security-db.com/info.php?id=97 >
----------------------------------------------------------------------------
LANGUARD NETWORK SCANNER
LANguard network scanner is a freeware security scanner to audit your network
security. It scans entire networks and provides NETBIOS information for each
computer such as hostname, shares, logged on user name. It does OS detection,
password strength testing, detects registry issues and more. Reports are
outputted in HTML.
A security scanner that is always up to date
Many commercial security scanning tools exist that claim to find all security holes
in an OS. Fact is, because of the number of OS versions (service packs) & amount
of security issues discovered daily, these database based products are almost
immediately out of date.
Read more:
< http://www.security-db.com/product.php?id=640 >
This is a product of GFI Software Ltd., for more information:
< http://www.security-db.com/info.php?id=146 >
----------------------------------------------------------------------------
Security Software
-------------------
All programs are located at:
http://net-security.org/various/software
----------------------------------------------------------------------------
VISUALSOFT FILESECURE
VisualSoft FileSecure encrypts selected files and/or folders and produces a
self-decryption archive. The encrypted file can be decrypted simply by double
clicking the archive with the given passphrase. The user needs no installation
of any application to decrypt the files. The user can also split the generated
self-decryption archive by choosing appropriate settings. VisualSoft FileSecure
uses Blowfish symmetric key for both encryption and de-cryptio. It can also
provides file compression and secure file transfer using FTP.
Info/Download:
< http://www.net-security.org/various/software/989519664,9161,windows.shtml >
----------------------------------------------------------------------------
VISUALSOFT CRYPT V.3.0
VisualSoft Crypt provides strong cryptographic algorithms for secure enterprise
application development. Information such as Passwords, Credit Card numbers,
Email and other transaction data can be securely transferred on the untrusted
networks like Internet etc., using this component. It encrypts and decrypts
files using Advanced Encryption Standard (Rijndael) algorithm and Industry
standard Cryptography methodologies namely Serpent, Mars, DES, TDES,
BlowFish, and IDEA. This component also supports MIME Format files. It is
can also be used to store or transport information securely within a
network environment.
Info/Download:
< http://www.net-security.org/various/software/989519782,27322,windows.shtml >
----------------------------------------------------------------------------
PORT SCAN ATTACK DETECTOR
Port Scan Attack Detector (psad) is a perl program that is designed to work
with Linux firewalling code (iptables in the 2.4.x kernels, and ipchains in the
2.2.x kernels) to detect port scans. It features a set of highly configurable
danger thresholds (with sensible defaults provided), verbose alert messages
that include the source, destination, scanned port range, begin and end times,
TCP flags and corresponding nmap options (Linux 2.4.x kernels only), email
alerting, and automatic blocking of offending IP addresses via dynamic
configuration of ipchains/iptables firewall rulesets. In addition, for the 2.4.x
kernels psad incorporates many of the TCP signatures included in Snort to
detect highly suspect scans for various backdoor programs (e.g. EvilFTP,
GirlFriend, SubSeven), DDoS tools (mstream, shaft), and advanced port
scans (syn, fin, Xmas) which are easily leveraged against a machine
via nmap.
Info/Download:
< http://www.net-security.org/various/software/989519878,70603,linux.shtml >
----------------------------------------------------------------------------
PC VIPER
PC Viper is the first product of its kind to provide strong firewall security to
your home PC's as you surf the absolutely no protection against Internet
Intrusion. The PC Viper Personal Edition solves this problem by providing an
extremely strong firewall located on the user's machine. PC Viper sits between
the operating system and the modem to monitor all traffic. Because it is resident
on the same machine that it is protecting, Viper can monitor any PC applications
that access the Internet to protect against Trojan Horse Viruses from transmitting
user-sensitive information. PC Viper also features an adult-material filter built in
which can be enabled to prevent adult content or pornography from reaching the
protected machine.
Info/Download:
< http://www.net-security.org/various/software/989520145,24540,windows.shtml >
----------------------------------------------------------------------------
Defaced archives
------------------------
[07.05.2001]
Original: http://www.commerzbank.com.uy/
Defaced: http://defaced.alldas.de/mirror/2001/05/07/www.commerzbank.com.uy/
OS: Windows
Original: http://www.blizzard.com/
Defaced: http://defaced.alldas.de/mirror/2001/05/07/www.blizzard.com/
OS: Windows
Original: http://investor2.cnet.com/
Defaced: http://defaced.alldas.de/mirror/2001/05/07/investor2.cnet.com/
OS: Windows
Original: http://www.opel.dk/
Defaced: http://defaced.alldas.de/mirror/2001/05/07/www.opel.dk/
OS: Windows
Original: http://www.bmw.com.mx/
Defaced: http://defaced.alldas.de/mirror/2001/05/07/www.bmw.com.mx/
OS: Windows
Original: http://www.toyota.co.ug/
Defaced: http://defaced.alldas.de/mirror/2001/05/07/www.toyota.co.ug/
OS: Windows
Original: http://www.sanyo.com.mx/
Defaced: http://defaced.alldas.de/mirror/2001/05/07/www.sanyo.com.mx/
OS: Windows
[08.05.2001]
Original: http://www.mcdonalds.co.id/
Defaced: http://defaced.alldas.de/mirror/2001/05/08/www.mcdonalds.co.id/
OS: Windows
Original: http://www.fujifilm.co.kr/
Defaced: http://defaced.alldas.de/mirror/2001/05/08/www.fujifilm.co.kr/
OS: Windows
Original: http://www.honda.com.au/
Defaced: http://defaced.alldas.de/mirror/2001/05/08/www.honda.com.au/
OS: Windows
Original: http://www.puma.com/
Defaced: http://defaced.alldas.de/mirror/2001/05/08/www.puma.com/
OS: Windows
Original: http://www.dinersclub.com.ph/
Defaced: http://defaced.alldas.de/mirror/2001/05/08/www.dinersclub.com.ph/
OS: Windows
Original: http://www.toyota.kz/
Defaced: http://defaced.alldas.de/mirror/2001/05/08/www.toyota.kz/
OS: Windows
Original: http://www.unicef.no/
Defaced: http://defaced.alldas.de/mirror/2001/05/08/www.unicef.no/
OS: Windows
Original: http://streamer.microsoft.com/
Defaced: http://defaced.alldas.de/mirror/2001/05/08/streamer.microsoft.com/
OS: Windows
[09.05.2001]
Original: http://www.agfa.co.za/
Defaced: http://defaced.alldas.de/mirror/2001/05/09/www.agfa.co.za/
OS: Windows
Original: http://pc.microsoft.is/
Defaced: http://defaced.alldas.de/mirror/2001/05/09/pc.microsoft.is/
OS: Windows
Original: http://www.twbookmark.com/
Defaced: http://defaced.alldas.de/mirror/2001/05/09/www.twbookmark.com/
OS: Windows
Original: http://www.sanyo.com.mx/
Defaced: http://defaced.alldas.de/mirror/2001/05/09/www.sanyo.com.mx/
OS: Windows
[10.05.2001]
Original: http://webonair.worldonline.co.za/
Defaced: http://defaced.alldas.de/mirror/2001/05/10/webonair.worldonline.co.za/
OS: Windows
Original: http://www.quantum.it/
Defaced: http://defaced.alldas.de/mirror/2001/05/10/www.quantum.it/
OS: Windows
Original: http://www.compaq.co.jp/
Defaced: http://defaced.alldas.de/mirror/2001/05/10/www.compaq.co.jp/
OS: Windows
Original: http://www.wintek.be/
Defaced: http://defaced.alldas.de/mirror/2001/05/10/www.wintek.be/
OS: Windows
[11.05.2001]
Original: http://www.shipping.co.il/
Defaced: http://defaced.alldas.de/mirror/2001/05/11/www.shipping.co.il/
OS: Windows
Original: http://www.camelot.com/
Defaced: http://defaced.alldas.de/mirror/2001/05/11/www.camelot.com/
OS: Windows
Original: http://www.stockphotos.com.br/
Defaced: http://defaced.alldas.de/mirror/2001/05/11/www.stockphotos.com.br/
OS: Windows
[12.05.2001]
Original: http://www.datasun.com.hk/
Defaced: http://defaced.alldas.de/mirror/2001/05/12/www.datasun.com.hk/
OS: Windows
Original: http://www.chaintech.com.tw/
Defaced: http://defaced.alldas.de/mirror/2001/05/12/www.chaintech.com.tw/
OS: Windows
Original: http://www.exergy.net/
Defaced: http://defaced.alldas.de/mirror/2001/05/12/www.exergy.net/
OS: Windows
Original: http://www.twphillips.com/
Defaced: http://defaced.alldas.de/mirror/2001/05/12/www.twphillips.com/
OS: Windows
[13.05.2001]
Original: http://pmacrae.oracle.co.uk/
Defaced: http://defaced.alldas.de/mirror/2001/05/13/pmacrae.oracle.co.uk/
OS: Windows
Original: http://www.newport.com.hk/
Defaced: http://defaced.alldas.de/mirror/2001/05/13/www.newport.com.hk/
OS: Windows
----------------------------------------------------------------------------
========================================================
Advertisement - HNS Security Database
========================================================
HNS Security Database consists of a large database of security related
companies, their products, professional services and solutions. HNS
Security Database will provide a valuable asset to anyone interested in
implementing security measures and systems to their companies' networks.
Visit us at http://www.security-db.com
========================================================
Questions, contributions, comments or ideas go to:
Help Net Security staff
staff@net-security.org
http://net-security.org
http://security-db.com
