Copy Link
Add to Bookmark
Report
Net-Sec Issue 054
HNS Newsletter
Issue 54 - 12.03.2001
http://net-security.org
http://security-db.com
This is a newsletter delivered to you by Help Net Security. It covers weekly
roundups of security events that were in the news the past week. Visit Help
Net Security for the latest security news - http://www.net-security.org.
Subscribe to this weekly digest on:
http://www.net-security.org/text/newsletter
Archive of the newsletter in TXT and PDF format is available here:
http://www.net-security.org/news/archive/newsletter
Current subscriber count to this digest: 2014
Table of contents:
1) General security news
2) Security issues
3) Security world
4) Security software
5) Defaced archives
General security news
---------------------
----------------------------------------------------------------------------
DEMONIZING CRYPTOGRAPHY
Judging from recent headlines, one would think cryptography is responsible for
all current evils, from child pornography to global terrorism. But is it really
something to fear?
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.unixinsider.com/unixinsideronline/swol-02-2001/swol-0223-unixsecurity.html
HACKING EXPOSED REVIEW
If you spend enough time with Hacking Exposed, you could probably learn
enough to start hacking networks yourself, although anyone else who has
the book could probably learn enough to stop you. The fact is, if you really
want to protect your network, youll need more information than any one
book can hold. But if you want a head start on keeping your network safe,
make sure Hacking Exposed is on your bookshelf.
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.unixreview.com/books/casad/0102Hackex.shtml
BUSH FORWARDS CLINTON INFRASTRUCTURE SECURITY REPORT
The Bush administration has forwarded to Congress a report on the Clinton
administration's efforts to protect the nation's most critical computer systems
from cyber-attack. The 200-page study was completed more than a week
before Bill Clinton left office, but never was signed by Clinton or forwarded
to Congress, as required by law.
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.computeruser.com/news/01/03/05/news11.html
SHOCKS WITH PHONE BILLS
Annette Leech received quite an unpleasant surprise when she was informed
that $700 of calls had been rung up on her phone in a single afternoon. Watch
out what are you downloading, because there are lot of programs that dial sex
lines through your computer.
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.smh.com.au/news/0103/05/national/national2.html
VIERIKA WORM
F-Secure has issued a level two alert to users of its Radar virus alerting
service this morning. The firm has warned about a visual basic worm called
Vierika, which is known to be circulating "in the wild." As usual with VBS
viruses, F-Secure said that this worm spreads like LoveLetter. The firm said
it consists of two different script parts: one that arrives in an MS-Outlook
message as an attachment and another that is available on a Web site.
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.newsbytes.com/news/01/162695.html
SURVEY: BREACHES DRIVE SECURITY UPGRADES
A major security breach within a company is the single greatest catalyst for
effecting increased security measures across that organization, according to
the results of a recently released survey from IDC. Other big drivers of increased
security measures include the growth in Internet usage and the trend toward
mobile computing, according to IDC. A majority of the 1,000 companies that
responded to the survey identified viruses as the most common security problem,
with 90% saying they had been hit by a virus. The other most common security
problem was unauthorized use of system resources and data.
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.computerworld.com/cwi/stories/0,1199,NAV47-68-84-88_STO58255,00.html
CHECK POINT FIREWALL-1 ON LINUX, PART TWO
This article is the second in a series of three by SecurityFocus writer David "Del"
Elson that looks at Check Point Firewall-1 for Linux. The first article consisted of
a brief introductory overview of Firewall-1, and a discussion of installation,
post-installation tasks, as well as single and multi-system installations. This
installment will cover Firewall-1 concepts such as network objects, firewall
rules, address translation rules, and NAT, as well as features and limitations
of Firewall-1. The final article will then discuss aspects of Firewall-1 such as
file and directory layout, rulesets, migrating existing Firewall-1 installation to
Linux, and back-up and standby configurations.
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.securityfocus.com/focus/linux/articles/checkpoint2.html
SQL 7.0 SECURITY MODES COVERED
In this article, Alexander Chigrik talks about two security modes
(authentication modes) in SQL Server 7.0.
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.swynk.com/friends/achigrik/SQL70SecurityModes.asp
FBI ROOTS OWN SYSTEMS TO FIND SPY'S BACKDOOR
The FBI is systematically searching for evidence that suspected double agent
Robert Hanssen, who has computer programming skills, compromised systems
at the Bureau and/or the State Department with some manner of malicious
backdoor. "The jury is still out as to what he was able to do," the official is
quoted as saying. But "because of the possibilities, weve got to take a look."
Hanssen had the highest security clearance, which gave him access to
extremely sensitive data. The FBI fears that he might have enabled Russian
spies to access secure systems used by the FBI, State and other agencies.
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.theregister.co.uk/content/8/17359.html
CREDIT CARD INFO STOLEN FROM BIBLIOFIND?
After Bibliofind web site got defaced past month, internal investigation showed
that attacker(s) had access to Bibliofind server from October 2000 and
February 2001. Company's representative said all 98,000 customers will
be notified of the incident via e-mail.
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.cnn.com/2001/TECH/internet/03/05/bibliofind/index.html
A TOOL FOR COLD MIRRORING OF SOLARIS SYSTEM DISKS
Minimum downtime and prevention of data loss is important for most system
administrators. The traditional solution is to use backups or RAID to cover for
disk failures. We describe an alternative for "cold mirroring" of system disks -
it mounts a spare disk, copies files to the spare, installs a boot block and
copies over a new vfstab. This creates a fully updated bootable spare disk.
The administrator is notified of success/failure by syslog or email. This tool,
called mirror_boot.sh, has been tested on several Solaris versions.
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://securityportal.com/articles/coldmirroring20010306.html
TOP 50 THINGS TO KNOW TO PASS SAIR EXAM 101
As I mentioned last month, you must pass four Sair exams to become a Linux
Certified Administrator (LCA). One of the four exams is the Installation and
Configuration 101 exam; passing this exam will earn you the designation of
Linux Certified Professional (LCP). All of the Sair exams are available through
Prometric testing centers. The following is a list of 50 key points to know for
Exam 101. There is some overlap between the topics listed here and those I
mentioned for the LPI 101 and 102 exams, due to the fact that they are
competing certifications on the same topics.
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.unixreview.com/columns/dulaney/0103sair.shtml
SECURITY CONSULTANTS TO BE LICENSED
IT security consultants could soon join wheel-clampers and bouncers in
having to apply for licences. The UK government's Private Security Industry
Bill proposes the creation of an authority to set standards of conduct and
training for consultants, and to carry out inspections. The Security Industry
Authority would check a consultant's background for any criminal record
before issuing a licence. It would also keep a public register, and establish
a voluntary body of approved contractors.
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.vnunet.com/News/1118593
NEW ZEALAND PHREAKING CASE
Borislav Misic arrived in New Zealand in April 1998 from Yugoslavia and a year
later was granted refugee status. He was convicted on two counts of fraud
and one count of forgery involving the use of a piece of "blue boxing" software
to make 80,000 minutes of international calls using Telecom's Home Country
Direct service. There are debates over there regarding wheter he did anything
wrong according to the New Zealand law.
Link: http://www.nzherald.co.nz/storydisplay.cfm?storyID=175646&thesection=technology&thesubsection=general
GERMANY SKEPTICAL ON US PLANS
German industry and the German government responded with skepticism to
the news of US plans to build a national defense shield, or firewall, against
attacks on data networks.
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.handelsblatt.com/hbiwwwangebot/fn/relhbi/sfn/buildhbee/cn/bp_artikel_e/strucid/PAGE_201098/pageid/PAGE_201098/docid/391343/SH/0/depot/0/index.html
EMAIL SNOOPING CODE OF PRACTICE DELAYED
The Data Protection Registrar's code of practice for surveillance in the
workplace has been delayed due to the large number of responses from
a public consultation. The code of practice is vital for clarifying what
employees and employers are entitled to do in the workplace following
several pieces of new legislation. The controversial and flawed RIP Act
opens up the possibility of widespread email and phone surveillance. But
this has also to tie in with the Human Rights Act, which enshrines the
right to reasonable privacy, and the Data Protection Act, which insists
that data is recovered "in a fair and proportionate manner".
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.theregister.co.uk/content/8/17365.html
TCP WRAPPERS: PART 2
In the second part of our series on TCP Wrappers, we look at its various
features, implementation and configuration.
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.freeos.com/articles/3768/
CARNIVORE, CYBERCRIME TAKE PRIME TIME
Carnivore, cryptography and cybercrime are just a few of the topics on tap
this week at the Computers Freedom and Privacy Conference 2001 concerning
recent developments in Internet policy and civil liberties. The conference will
feature a forum for privacy watchdogs, free-speech activists and human-rights
specialists to discuss how the Internet is changing society.
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.zdnet.com/zdnn/stories/news/0,4586,2692921,00.html
NAKEDWIFE VIRUS HITS U.S. MILITARY, COMPANIES
A virus advertising itself as an e-mailed photo of someone's wife has started
infecting computers in Europe and the United States and may have started
spreading from the U.S. military. Four different antivirus software companies
have reported that at least 68 organizations have computers infected by
the virus.
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://news.cnet.com/news/0-1003-201-5041693-0.html
WHY HOTMAIL USERS GET SO MUCH SPAM
Hotmail has come under criticism for placing its subscribers' email addresses on
a public Internet directory site when they sign up for the service, making them
easy prey for spammers, something that has got under the skin of privacy
activists. Unless users opt-out by checking a box on Hotmail's registration form,
their addresses can rapidly enter spammers' databases, as Infospace's privacy
protection methods can be bypassed using a number of methods.
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.theregister.co.uk/content/8/17379.html
POWER GRIDS COULD BE VULNERABLE TO "HACKERS"
Nationwide rolling blackouts could have a devastating impact on the economy,
but experts also fear that the stress being placed on the nation's power grid
could make it more susceptible to disruptions from hackers. In California's Silicon
Valley, large Internet data centers have been blamed for stressing the region's
power grid beyond what its Korean War-era design can handle. Now, other
states, including Oregon, Utah and Washington, are preparing for possible
rolling blackouts.
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.cnn.com/2001/TECH/internet/03/06/power.hackers.idg/index.html
THE GREAT SECURITY DEBATE: LINUX VS. WINDOWS
Microsoft operating systems have often been attacked for their vulnerability,
but the perception that the software titan's systems are insecure is changing
as the company shores up its servers and applications. Meanwhile, supposedly
stronger Unix and Linux systems have suffered security breaches of their own.
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.newsfactor.com/perl/story/7907.html
HACKER GROUP FINDS FAULTS IN CRACK CHALLENGE
Hacker advocacy group 2600 Australia has called on a Perth company to honor
its promise to donate $US1 million to charity after its network security device
remained uncracked after a 30-day public trial. 2600 Australia yesterday
criticised the company's decision to move the cracking challenge into a
second phase, which was to have launched on the company's website.
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.it.fairfax.com.au/breaking/20010307/A27390-2001Mar7.html
SECUREWAVE - STUFF MS SHOULD HAVE DONE
"Like many people, I use Microsoft products on a regular basis, but having
spent as much or more (probably more) time in Unix, I find certain things
frustrating. In the Unix world, I take for granted the ability to set permissions
on files and devices. While NT and 2000 have file permissions, you cannot easily
restrict users' access to communications ports and removable media, for example.
I also want to be able to restrict what users can and cannot run. There are a
number of ways to do this in Unix, with varying degrees of difficulty to
implement and of effectiveness."
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://securityportal.com/closet/closet20010307.html
ANTI-VIRUS COMPANY BLASTS MEDIA FOR SCARE TACTICS
Susan Orbuch, spokesperson for Trend Micro, told Newsbytes misinformation
about viruses is more dangerous than the bugs themselves. "There is a vast
body of knowledge and folklore out there, much of which is incorrect," said
Orbuch. "The end user is constantly exposed to misinformation and myths
by the media and by popular fiction such as movies, TV and novels."
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.newsbytes.com/news/01/162786.html
RUNNING SNORT ON IIS WEB SERVERS PART 2
Snort is an rule-based intrusion detection system that monitors network traffic
by applying rules based on known attack signatures. However, in addition to
guarding against known attacks, it is vital that an IDS be able to detect new
or lesser-known exploits. In this article, SecurityFocus writer Mark Burnett
introduces three strategies that will enable administrators to set up Snort to
detect new or obscure exploits. These strategies include: monitoring outgoing
traffic, establishing command-based rules and watching for traffic from online
scanning sites.
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.securityfocus.com/focus/microsoft/iis/mssnort2.html
ESCAN CONTENT CHECKING
eScan is a comprehensive Content Security and Traffic Scanning software
package that checks the content in the e-mails, the attachment files and
all the web pages. The checks are made for viruses, restricted words &
phrases and embedded objects such as Java applets etc. before these
reach the recipient.
Link: http://www.security-db.com/product.php?id=630&cid=141
DESCRAMBLE THAT DVD IN 7 LINES
Descrambling DVDs just got even easier, thanks to a pair of MIT programmers.
Using only seven lines of Perl code, Keith Winstein and Marc Horowitz have
created the shortest-yet method to remove the thin layer of encryption that
is designed to prevent people - including Linux users - from watching DVDs
without proper authorization.
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.wired.com/news/culture/0,1284,42259,00.html
CARNEGIE MELLON AND EIA JOIN FORCES
The Electronic Industries Alliance (EIA) has formed a new alliance with the
nation's top federally funded computer security group in an effort to help
companies evade computer security threats online. The new partnership,
dubbed the Internet Security Alliance, will draw upon the collaborative
efforts of EIA member companies and computer security experts at Carnegie
Mellon's Software Engineering Institute in Pittsburgh, the same unit that hosts
the university's CERT Centers, a research and development organization
sponsored by the Department of Defense.
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.newsbytes.com/news/01/162845.html
MITNICK: IDENTITY THEFT EASY AS PIE
Thanks to lame online security measures, stealing an individual's identity is like
taking candy from a baby, said Kevin Mitnick. Passwords, user names and other
data used by financial institutions and utility companies to verify identity, such
as an account holder's Social Security number, driver's license information and
mother's maiden name, are readily accessible in myriad databases on the Web,
according to Mitnick.
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.computeruser.com/news/01/03/07/news6.html
URL, URL, LITTLE DO WE KNOW THEE
Today we will look closer at URLs and the associated security implications.
"Interesting" ways of using them have been known by spammers for a while,
but now the KB spoof and the February issue of Crypto-Gram have made
the Internet community more aware of what URLs can do.
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://securityportal.com/articles/urlurl20010307.html
ZEN AND THE ART OF BREAKING SECURITY - PART II
There are cases in which "gentle" techniques like timing or power analyses are
not enough to fulfill the attacker's goal. Or the goal itself is not to break the
protection scheme but to break through it, to the end target the mechanism
is protecting, in a modern reenactment of Alexander the Great's "solution" to
the Gordian knot. Enter failure-inducing attacks, in which the technique is to
induce a failure in the very protection mechanism itself.
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://securityportal.com/articles/zenandsecurity20010308.html
NSA AND FBI BIG WINNERS AT BIG BROTHER AWARDS
The great and the good, when it comes to privacy invasion, have been
"honoured" for their efforts to mess up life for the rest on us online. Privacy
International last night handed out "Big Brother" awards to government
agencies, companies and initiatives which have done most to invade
personal privacy. The National Security Agency, the US government's
signals intelligence arm, took a lifetime menace award for "clipper,
Echelon and 50 years of spying". In a separate category, the FBI's
Carnivore email surveillance system was judged the most invasive
proposal of the year.
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.theregister.co.uk/content/8/17428.html
FEDS ESCALATE WARNING ABOUT E-COMMERCE HACKS
The federal government's central computer-crime bureau reported that there
is an ongoing and organized series of hacker attacks against e-commerce Web
sites that has resulted in the theft of more than 1 million individual credit-card
numbers. The National Infrastructure Protection Center said it has been working
with the Federal Bureau of Investigation and the United States Secret Service
for several months on the investigation and has identified more than 40 victim
sites in 20 states.
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.zdnet.com/eweek/stories/general/0,11011,2694098,00.html
LEVY RECOUNTS THE HISTORY OF PUBLIC KEY CRYPTOGRAPHY
What are the roots of cryptography, and how has it evolved over the last 30
years? In this month's Bill's Bookshelf, Bill Rosenblatt reviews Steven Levy's
new book on the history of public key cryptography, and finds it to be a
balanced and engaging work.
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.sunworld.com/unixinsideronline/swol-03-2001/swol-0302-bookshelf.html
DIFFERENT APPROACH TO INTRUSION DETECTION
A security firm has put together two intrusion detection products to create
technology it says takes a different approach to defending against hack attacks.
CentraxICE, from security integrator Articon-Integralis, is positioned as a product
which provides "defence in depth" from hack attacks beyond that offered by
firewalls. It is designed to defend against packet floods - attempts to break
into systems by bombarding an organisation's Web server with traffic and
thereby overwhelming an organisation's defences.
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.theregister.co.uk/content/8/17451.html
UNCOVERING THE SECRETS OF SE LINUX: PART 1
In an uncharacteristic move, the U.S. National Security Agency recently
released a security-enhanced version of Linux - code and all - to the open
source community. This dW-exclusive article takes a first look at this
unexpected development - what it means and what's to come - and
delves into the architecture of SE Linux.
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www-106.ibm.com/developerworks/library/s-selinux/
MICROSOFT CO-OPTS OPEN SOURCE APPROACH
In a major extension of corporate policy, Microsoft has quietly started a
program to provide selected large enterprise customers with copies of the
source code for Windows 2000 (Professional, Server, Advanced Server and
Data Center), Windows XP (released betas) and all related service packs.
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://news.cnet.com/news/0-1003-201-5067896-0.html
LAWYERS WITH HACKING SKILLS
With online and other various computer attacks against companies becoming
increasingly common, corporate lawyers are arming themselves with new
technical skills. "Ultimate Hacking: Hands On," a new crash course offered by
the security-consulting firm Foundstone, will teach lawyers about common
cybercrimes by re-enacting them in the classroom. Lawyers will come out of
the course a bit more dangerous than when they walked in. Among the new
skills they'll acquire is the ability to create a backdoor into a company's
system using a remote-access Trojan, an application that allows crackers
to gain access to restricted networks.
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.wired.com/news/business/0,1367,42278,00.html
CRYPTOGRAPHY TOOLS: ARE THEY REALLY ONLY FOR CROOKS?
"Are there crypto success stories out there? I suspect that the kinds of shops
using crypto are also the kinds of shops that don't talk about their work, but I
hope some of you will write and tell me that crypto is working for your company,
and how so. Until I'm convinced otherwise, I have to stick with the position that
crypto is just more trouble than it's worth, and that it's likely to lull you into a
false sense of security."
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.infoworld.com/articles/op/xml/01/03/12/010312opswatch.xml
EU ENCRYPTION SYSTEM NOT BROKEN
Paranoia is alive and well at the European Union Commission, which has been
forced to officially deny its encryption system has been compromised by the
NSA. Fears of eavesdropping by the ultra-secretive US spy agency grew out
of comments by a Commission employee, Briton Desmond Perkins, who told a
EU Parliamentary committee of regular but unsuccessful attempts by the NSA
to crack the Commission's encryption system.
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.theregister.co.uk/content/8/17492.html
----------------------------------------------------------------------------
Security issues
---------------
All vulnerabilities are located at:
http://net-security.org/text/bugs
----------------------------------------------------------------------------
TROJANED REALITY FUSION APPLICATION
The executable rfupd.exe included in the Reality Fusion products bundled with
many popular cameras sends data to 204.176.10.168 port 80 every time you
use the app, reboot your computer or change configuration.
Link: http://www.net-security.org/text/bugs/983755970,25167,.shtml
SLIMSERVE HTTPD DIRECTORY TRAVERSAL
it is possible to view dir. and (download) files outside of the wwwroot directory.
Link: http://www.net-security.org/text/bugs/983755986,60952,.shtml
BROKER FTP SERVER 5.0 VULNERABILITY
Users can break out of their root directory and list directories. Depending on
the priv. you have other commands like delete maybe executed outside of
the home. directory.
Link: http://www.net-security.org/text/bugs/983756002,47106,.shtml
REMOTE BUFFER OVERFLOW IN POST-QUERY
The overflow condition is *very* easily exploitable, since the code actually
supplies the pointer to the exploit code itself, odd as it maye seem. The
pointer thusly does not need to be second-guessed at all, making life much
easier for crackers.
Link: http://www.net-security.org/text/bugs/983838961,73107,.shtml
VULNERABILITIES IN CURRENT IRCD'S TKSERV
There are 3 major bugs in the current IRCd distribution (as used on the IRCnet
for example). The included service daemon 'tkserv' (tkserv.c v1.3.0 and all
previous versions) suffers from:
a) remote exploitable buffer overflow while querying tklines
b) memory leck due to strdup'ing a string and not freeing the mem
c) format string bug while reading the ircd's config file
Link: http://www.net-security.org/text/bugs/983839093,38311,.shtml
SUSE LINUX - CUPS UPDATE
A SuSE-internal security audit conducted by Sebastian Krahmer and Thomas
Biege revealed several overflows as well as insecure file handling. These bugs
have been fixed by adding length-checks and securing the file-access.
Link: http://www.net-security.org/text/bugs/983840455,45873,.shtml
DEBIAN LINUX - SUDO BUFFER OVERFLOW
Todd Miller announced a new version of sudo which corrects a buffer overflow
that could potentially be used to gain root privilages on the local system. This
bugfix has been backported to the version which was used in Debian GNU/Linux
2.2. The most recent advisory covering sudo missed one architecture that was
released with 2.2. Therefore this advisory is only an addition to DSA 031-1 and
only adds the relevant package for the powerpc architecture.
Link: http://www.net-security.org/text/bugs/983880197,9394,.shtml
DEBIAN LINUX - REMOTE DOS IN PROFTPD
In Debian Security Advisory DSA 029-1 we have reported several vulnerabilities
in proftpd that have been fixed.
Link: http://www.net-security.org/text/bugs/983880227,72205,.shtml
DEBIAN LINUX - MGETTY UPDATE
In Debian Security Advisory DSA 011-1 we have reported insecure creation of
temporary files in the mgetty package that have been fixed.
Link: http://www.net-security.org/text/bugs/983880279,18936,.shtml
DEBIAN LINUX - PROFTPD UPDATE
The following problems have been reported for the version of proftpd in Debian
2.2 (potato):
1. There is a configuration error in the postinst script, when the user enters
'yes', when asked if anonymous access should be enabled. The postinst script
wrongly leaves the 'run as uid/gid root' configuration option in /etc/proftpd.conf,
and adds a 'run as uid/gid nobody' option that has no effect.
2. There is a bug that comes up when /var is a symlink, and proftpd is restarted.
When stopping proftpd, the /var symlink is removed; when it's started again a
file named /var is created.
Link: http://www.net-security.org/text/bugs/983965297,39939,.shtml
LINUX MANDRAKE - JOE UPDATE
The joe text editor looks for configuration files in the current working directory,
the user's home directory, and finally in /etc/joe. A malicious user could create
their own .joerc configuration file and attempt to get other users to use it. If
this were to happen, the user could potentially execute malicious commands
with their own user ID and privileges. This update removes joe's ability to use
a .joerc configuration file in the current working directory.
Link: http://www.net-security.org/text/bugs/983965343,54664,.shtml
DEBIAN LINUX - SGLM-TOOLS PROBLEM
Former versions of sgml-tools created temporary files directly in /tmp in an
insecure fashion. Version 1.0.9-15 and higher create a subdirectory first and
open temporary files within that directory.
We recommend you upgrade your sgml-tools package.
Link: http://www.net-security.org/text/bugs/984081490,22578,.shtml
DEBIAN LINUX - ATHENA WIDGET REPLACEMENTS
It has been reported that the AsciiSrc and MultiSrc widget in the Athena widget
library handle temporary files insecurely. Joey Hess has ported the bugfix from
XFree86 to these Xaw replacements libraries. We recommend you upgrade your
nextaw, xaw3d and xaw95 packages.
Link: http://www.net-security.org/text/bugs/984081556,93503,.shtml
DEBIAN LINUX - MIDNIGH COMMANDER UPDATE
It has been reported that a local user could tweak Midnight Commander of
another user into executing a random program under the user id of the person
running Midnight Commander. This behaviour has been fixed by Andrew V.
Samoilov. We recommend you upgrade your mc package.
Link: http://www.net-security.org/text/bugs/984081612,94030,.shtml
DEBIAN LINUX - MAN2HTML REMOTE DOS
It has been reported that one can tweak man2html remotely into consuming all
available memory. This has been fixed by Nicolás Lichtmaier with help of Stephan
Kulow. We recommend you upgrade your man2html package immediately.
Link: http://www.net-security.org/text/bugs/984081653,45766,.shtml
DEBIAN LINUX - EPERL BUFFER OVERFLOW
Fumitoshi Ukai and Denis Barbier have found several potential buffer overflow
bugs in our version of ePerl as distributed in all of our distributions. When eperl
is installed setuid root, it can switch to the UID/GID of the scripts owner.
Although Debian doesn't ship the program setuid root, this is a useful feature
which people may have activated locally. When the program is used as
/usr/lib/cgi-bin/nph-eperl the bugs could lead into a remote vulnerability as well.
Link: http://www.net-security.org/text/bugs/984081700,15344,.shtml
PROBLEMS WITH CISCO AIRONET 340 SERIES
It is possible to view and modify the bridge's configuration via Web interface
even when Web access is disabled in the configuration. This defect is
documented as Cisco bug ID CSCdt52783. This defect is present in the
following hardware models:
* Aironet AP4500,
* Aironet AP4800,
* Aironet BR100,
* Aironet BR500,
* Cisco Aironet AIR-BR340
Link: http://www.net-security.org/text/bugs/984081837,49416,.shtml
INDEXU AUTHENTICATION BYPASS
INDEXU uses a web frontend to manage every database it uses. The admin
section is located in /admin. When you login there it asks for a user name
and password (defaults to admin/admin). Once you log in it sets a cookie
with the following format:
host.where.indexu.is.installed TRUE / FALSE 1388494785 cooki e_admin_authenticated 1
This cookie will (or should be) deleted when the current session finis hes, and is
used to determine whether you are an admin or not.
Link: http://www.net-security.org/text/bugs/984081986,83035,.shtml
WEBSWEEPER INFINITE HTTP REQUEST DOS
The Websweeper application from Baltimore Technologies is vulnerable to a
Denial of Service attack. Malicious usage can lead to the application crashing.
Link: http://www.net-security.org/text/bugs/984082157,92183,.shtml
VULNERABILITY IN NOVELL NETWARE
Novell Netware allows a user to log into a Novell Network by using a Printer
Server as the username. By default, Novell Print Servers have blank passwords.
In addition, Novell Print Servers do not have intruder detection capability as a
user account would, so they are vulnerable to a brute force attack without risk
of account lockout. When a Print Server is logged into as a User, the account
will have the same rights as are assigned to the container that it resides in.
Link: http://www.net-security.org/text/bugs/984150567,84290,.shtml
LINUX MANDRAKE - SLRN UPDATE
A buffer overflow exists in versions of the slrn news reader prior to 0.9.6.3pl4
as reported by Bill Nottingham. This problem exists in the wrapping/unwrapping
functions and a long header in a message might overflow a buffer which could
result in execution of arbitrary code encoded in the message.
Link: http://www.net-security.org/text/bugs/984331181,9246,.shtml
DEBIAN LINUX - ZOPE UPDATE
This advisory covers several vulnerabilities in Zope that have been addressed.
Link: http://www.net-security.org/text/bugs/984331233,25603,.shtml
ZOPE SECURITY ALERT AND ZOPE HOTFIX
An issue has come to our attention (thanks to Randy Kern) that necessitates
a Zope hotfix. Hotfix products can be installed to incorporate modifications to
Zope at runtime without requiring an immediate installation upgrade. Hotfix
products are installed just as you would install any other Zope product.
Link: http://www.net-security.org/text/bugs/984331340,63840,.shtml
----------------------------------------------------------------------------
Security world
--------------
All press releases are located at:
http://net-security.org/text/press
----------------------------------------------------------------------------
CYLINK: AVAILABILITY OF ISDN ENCRYPTORS - [05.03.2001]
Cylink, a leading provider of e-business security solutions, announced the
general availability in Japan and Europe of ISDN Basic Rate Interface and
Primary Rate Interface (PRI) encryptors for applications including remote
computing, video-conferencing, and LAN-to-LAN communications.
"These solutions mark an important step as we expand our presence in
Japan and begin to penetrate the enormous market for ISDN encryption
products in Europe," said William P. Crowell, President and CEO of Cylink.
"These two cost-effective solutions are powerful additions to our WAN
family of encryptors.
Press release:
< http://www.net-security.org/text/press/983755586,20362,.shtml >
----------------------------------------------------------------------------
CYBERELAN NOW EVINCIBLE - [05.03.2001]
CyberElan, a leading developer of business-to-business (B2B) security solutions
is now Evincible. The company's focus is unchanged, continuing to deliver
scalable and comprehensive policy- centric security solutions that provide
authorization, authentication, confidentiality, integrity, and non-repudiation
capabilities to both Internet and wireless e-business applications. "The name
'Evincible,' which means 'demonstrable,' more closely reflects our mission and
defines our purpose: enabling strong, clear and trustworthy e- business," said
Vijay Takanti, Evincible Chief Executive Officer. "We've made great strides in
identifying market needs, delivering our core products and developing and
patenting new concepts in the last year. 'Evincible' further establishes a
more immediate synergy with our current product direction and identity."
Press release:
< http://www.net-security.org/text/press/983796069,12247,.shtml >
----------------------------------------------------------------------------
BioNetrix and Netmarks Partner - [05.03.2001]
BioNetrix Systems Corporation, provider of the only authentication management
platform that secures data, applications and transactions across the Internet
and the enterprise, announced it has partnered with Tokyo-based integrator
Netmarks, Inc. to launch the internationalized version of BioNetrix's industry-
leading security platform for the Japanese market in the second quarter of
2001. The three-year deal marks BioNetrix's entry into the Japanese market,
a key international target for the company. Netmarks will directly sell and
market BioNetrix's Authentication Suite and engage other value-added
resellers for reselling. In addition, Netmarks will provide support to localize
the product for Kanji and professional services to integrate Japanese
customer applications into the product.
Press release:
< http://www.net-security.org/text/press/983806061,99115,.shtml >
----------------------------------------------------------------------------
NORMAN RECEIVES CHECKMARK CERTIFICATION - [05.03.2001]
Norman Data Defense Systems announced that its award-winning anti-virus
product, Norman Virus Control, has once again earned the Checkmark
Certification from West Coast Labs, a globally recognized, independent
research and test center. Norman Virus Control for Windows 98, Lotus Notes,
NetWare, Windows 2000 Professional, and OS/2 have all attained Anti-Virus
Checkmark Level One, making them among the highest quality and most
reliable security products on the market capable of detecting all viruses
in the wild.
Press release:
< http://www.net-security.org/text/press/983806127,22863,.shtml >
----------------------------------------------------------------------------
ANNOUNCING RSA SECURID CARD STUDIO - [05.03.2001]
RSA Security Inc., the most trusted name in e-security, announced RSA SecurID
Card Studio, a cryptographic smart card personalization system that enables a
single card to be programmed for network access, digital credentials, physical
building access and corporate identification. RSA SecurID Card Studio is
designed to enable organizations to deploy smart cards quickly and effectively
throughout the enterprise by allowing them to securely personalize and manage
the deployment of their smart cards.
Press release:
< http://www.net-security.org/text/press/983806181,82825,.shtml >
----------------------------------------------------------------------------
IPASS'S AND CERTICOM'S STRATEGIC ALLIANCE - [05.03.2001]
iPass Inc., a premier provider of global remote Internet access services, and
Certicom, a leading provider of mobile e-business security, announced an
alliance that will enable mobile professionals to easily and securely access
corporate databases and applications from a handheld device anywhere in
the world. The alliance includes joint sales and marketing initiatives,
interoperability and compatibility testing, development roadmap coordination
and the exchange of support, tools and training.
Press release:
< http://www.net-security.org/text/press/983808678,6218,.shtml >
----------------------------------------------------------------------------
ANTI-VIRUS VIDEO GAME FROM MCAFEE - [05.03.2001]
McAfee, a Network Associates business, debuted an Internet-based anti-virus
video game that engages Value Added Resellers in an online competition against
one another with the chance to win a $500,000 grand prize. Developing the
innovative game entitled "Virus Attack," McAfee has integrated the qualities
of the Internet with interactive marketing and training to capture mind-share
amongst the challenging reseller market. "McAfee is pleased to embark on this
new online adventure with our resellers, building greater awareness of McAfee's
industry-leading solutions," said Diane Seghposs, vice president of channel
marketing for Network Associates. "This creative offering provides our VAR
partners a wealth of knowledge to help enhance our competitiveness and
customer loyalty within the channel."
Press release:
< http://www.net-security.org/text/press/983808731,59333,.shtml >
----------------------------------------------------------------------------
SAFEWEB CHOOSES IVEA'S CRYPTOSWIFT - [06.03.2001]
iVEA Technologies, a Rainbow Technologies company and a leading provider of
high-performance security solutions for the Internet and eCommerce, announced
that SafeWeb, a leading developer of online privacy and security solutions based
in Oakland, has selected iVEA's CryptoSwift eCommerce accelerator to power
secure transactions of secure Web content as well as optimize Web-server
performance. SafeWeb's privacy technology allows Internet users to surf the
Web anonymously and protect themselves against intrusions into their online
activities. By acting as an intermediary, SafeWeb encrypts all data transmitted
between a user and a Web site. CryptoSwift accelerates the encryption process
so SafeWeb users obtain fast and secure transactions for their online
communications.
Press release:
< http://www.net-security.org/text/press/983839393,91021,.shtml >
----------------------------------------------------------------------------
INTERACTIVE WEEK ON E-SHOPLIFTERS - [06.03.2001]
As if business already isn't difficult, online retailers now are being ripped off by
electronic price tag alteration, according to an article in the March 5 issue of
Interactive Week. An estimated one-third of all shopping cart applications at
Internet retailing sites have software holes that make them vulnerable to the
price switching scam, Peggy Weigle, CEO of security software company Sanctum
told the Internet's newspaper. For example, a major PC manufacturer sells a sleek
new laptop for $1,600, but the company's shopping cart software code can be
manipulated to change the price to $1.60. "Thieves are coming in the front door,"
Weigle said.
Press release:
< http://www.net-security.org/text/press/983839480,50791,.shtml >
----------------------------------------------------------------------------
EMED TECHNOLOGIES CHOOSES GUARDENT - [06.03.2001]
eMed Technologies, a leading provider of image management and web solutions
for radiologists, has chosen Guardent, a premier provider of end-to-end digital
security/privacy services, as eMed's trusted security and privacy advisor. eMed
has contracted with Guardent to audit eMed's products and services for
continuing compliance with the privacy and security standards put forth in the
Health Insurance Portability and Accountability Act. "Our relationship with
Guardent is just one of the many measures we have taken to ensure not only
eMed's HIPAA compliance, but also the compliance of our customers who rely
on our technology, Internet, and networking expertise," explains eMed Chief
Executive Officer, Caren Mason. "This was no small investment for eMed, but
it is a big demonstration of our commitment to patient confidentiality and the
secure transmission of sensitive healthcare information."
Press release:
< http://www.net-security.org/text/press/983839526,56929,.shtml >
----------------------------------------------------------------------------
NEW SNIFFER CERTIFIED PROFESSIONAL PROGRAM - [06.03.2001]
Sniffer Technologies, a business unit of Network Associates, is setting a
worldwide standard by introducing its IT certification program for network
management called the Sniffer Certified Professional Program (SCPP). While
meeting the industry's demand for network professionals with vendor-specific
certification, the SCPP will identify IT professionals with first-class Sniffer-
specific troubleshooting and protocol analysis skills to protect and optimize
networks across the enterprise.
Press release:
< http://www.net-security.org/text/press/983839594,24397,.shtml >
----------------------------------------------------------------------------
SOPHOS: INFORMATION ON NAKED WIFE WORM - [07.03.2001]
Sophos, a world leader in corporate anti-virus protection, has reminded
companies of the importance of safe computing practice in the wake of the
latest virus to become widespread via email. The W32/Naked worm arrives as
an attached executable file to an email entitled "Fw: Naked Wife" containing
the text "My wife never look like that! ;-)". The virus is the latest in a long line
to use social engineering in an attempt to lure users into activating it. Earlier
viruses have pretended to be loveletters, pictures of Russian tennis players,
and even the Pikachu Pokemon character.
Press release:
< http://www.net-security.org/text/press/983964479,1538,.shtml >
----------------------------------------------------------------------------
FIRST ANTI VIRUS FOR POSTFIX GATEWAYS - [07.03.2001]
Kaspersky Labs, an international data-security software-development company,
introduces the beta-version of the world's first virus protection software for
Postfix e-mail gateways. Since 1998, Postfix has been known as an alternative
to the widely used Sendmail program. Postfix provides users with nearly the
same capabilities, but it is more effective when processing e-mail, is easier to
use and provides better security and management. These features have
allowed Postfix to enter the top three of the most popular e-mail gateways
for Unix -platforms in only two years.
Press release:
< http://www.net-security.org/text/press/983964626,14579,.shtml >
----------------------------------------------------------------------------
F-SECURE ANTI-VIRUS FOR FIREWALLS ON LINUX - [07.03.2001]
F-Secure Corporation, a leading developer of centrally managed security
solutions for the mobile, distributed enterprise, today brought its acclaimed
anti-virus firewall solution to the open source world. F-Secure Anti-Virus for
Firewalls on Linux provides unsurpassed detection and disinfection of Internet
borne viruses and malicious code passing through OPSEC CVP firewalls. As with
other products in the F-Secure Policy Manager family, the anti-virus firewall
solution operates under a company's established security policies, transparently
to end-users. This means that policies can be enforced, administered, and
monitored remotely without disrupting, or even being noticed by, a user.
Press release:
< http://www.net-security.org/text/press/983964710,32251,.shtml >
----------------------------------------------------------------------------
F-SECURE: ANTI-VIRUS PROTECTION FOR PALMS - [07.03.2001]
F-Secure, a leading provider of security for mobile, distributed enterprises,
announced the release of its second generation anti-virus product and service
for the Palm OS. F-Secure Anti-Virus for Palm OS provides protection against
any known malware (viruses, trojans, etc.) on the Palm platform. The product
offers on-device protection with continuous, automatic update service and
technical support. It supports all Palm OS devices with OS 2.0 or later. "PDAs
are no longer immune to security threats," said Chris Vargas, President of F-
Secure Corporation. "There's no way to predict when the next virus will occur,
but when it does, F-Secure users receive the antidote automatically and get
the fastest possible protection for their devices."
Press release:
< http://www.net-security.org/text/press/983964876,85849,.shtml >
----------------------------------------------------------------------------
HACKERS AT LARGE 2001 CONFERENCE - [07.03.2001]
From August 9th until August 12th, the campus of the University of Twente will
feature a congress that is unique in its kind: Hackers at Large, or HAL 2001. The
congress expects to receive thousands of guests from all over the world and from
many different disciplines to debate issues ranging from advanced technical issues
regarding some obscure aspect of the Internet to easy-to-understand lectures on
some of the dangers of the information society, as well as many, many other
topics. But more than debate, the guests at HAL2001 take ample time to get
on-line, relax, build and discuss cool stuff, and engage in good old analog
interfacing.
Press release:
< http://www.net-security.org/text/press/983965181,1660,.shtml >
----------------------------------------------------------------------------
RAINBOW'S IKEY EARNS OPSEC CERTIFICATION - [08.03.2001]
The Digital Rights Management group of Rainbow Technologies, a leading
provider of security solutions for the Internet and eCommerce, announced
that its iKey 1000 workstation and network security authentication token
has been certified by Check Point Software Technologies Open Platform for
Security Alliance. OPSEC certification proves that Rainbow's iKey VPN Solution
Series is interoperable with Check Point's industry-leading VPN-1 solution, an
integral part of its Secure Virtual Network architecture. With OPSEC certification,
Rainbow has integrated the iKey 1000 VPN Solution Series into the Check
Point VPN-1 software to provide an easy-to-use, two-factor logon
authentication when connecting from a remote location.
Press release:
< http://www.net-security.org/text/press/984080768,72511,.shtml >
----------------------------------------------------------------------------
IDC NAMES ISS WORLDWIDE LEADER IN IDS - [08.03.2001]
Internet Security Systems (ISS) was officially recognized by International Data
Corporation (IDC) as the worldwide leader in the Intrusion Detection and
Vulnerability Assessment (IDnA) market according to a recent market-share
report (Gaining control over the infrastructure: Intrusion Detection and
Vulnerability Assessment). IDC reports that ISS' security software solutions have
continued to gain momentum in the areas of host- and network-based vulnerability
assessment and intrusion detection, capturing 30 percent of the worldwide IDnA
market, the number one ranking for 1999. This number increases to 34 percent
worldwide when hardware revenues associated with Intrusion Detection
purchases are excluded.
Press release:
< http://www.net-security.org/text/press/984080961,95550,.shtml >
----------------------------------------------------------------------------
DEUTSCHE BUNDESBANK USES RSA SECURID - [08.03.2001]
RSA Security Inc., the most trusted name in e-security, announced that the
Deutsche Bundesbank will use its RSA SecurID authentication solutions to
enable secure communication with the information and control module of the
bank's new large-value euro payment system RTGS(plus) (Real Time Gross
Settlement System). The Deutsche Bundesbank chose RSA Security for this
new application based on the bank's experience as an existing RSA Security
customer and because RSA Security solutions are already successfully
implemented in numerous credit institutions throughout Germany and Europe.
Additional factors in the decision-making process were the ease of use and
scalability RSA Security's products are designed to deliver.
Press release:
< http://www.net-security.org/text/press/984081064,87805,.shtml >
----------------------------------------------------------------------------
BIOCONX DELIVERS ADVANCED SECURITY SOFTWARE - [0.03.2001]
BioconX, Inc., a developer of network security software that applies biometrics
to safeguard network and application access, announces the release of version
3.0 of its software. "With 3.0, BioconX is even more adaptable and convenient
for IT professionals seeking to fortify security and control their networks and
applications," says Thor Christensen, chief executive officer of BioconX, Inc.
Press release:
< http://www.net-security.org/text/press/984081193,52482,.shtml >
----------------------------------------------------------------------------
MCAFEE RECEIVES ICSA ANTI-VIRUS CERT. - [08.03.2001]
McAfee, a Network Associates, Inc. business, announced that its Internet
gateway anti-virus solution, WebShield SMTP, has received certification from
ICSA Labs, a worldwide leader in security standards-setting for Internet
connected companies. "Internet gateway virus protection is increasingly
critical in maximizing virus protection in the corporate environment, and
we are pleased to certify McAfee's WebShield SMTP gateway product,"
said Larry Bridwell, Content Security Programs Manager for ICSA Labs.
"McAfee offers a high level of protection at the network perimeter with
the WebShield product, fighting off the latest computer viruses, worms
and malicious code."
Press release:
< http://www.net-security.org/text/press/984081235,3518,.shtml >
----------------------------------------------------------------------------
Security Software
-------------------
All programs are located at:
http://net-security.org/various/software
----------------------------------------------------------------------------
CGIPROXY
CGIProxy is a Perl CGI script that acts as an Internet proxy. Through it, you can
retrieve resources that may be inaccessible from your own machine. No user info
is transmitted, so it can be used as an anonymous proxy. HTTP and FTP are
supported. Options include text-only browsing (to save bandwidth), selective
cookie and script removal, simple ad filtering, encoded target URLs, configuration
by end user, and more.
Info/Download:
< http://www.net-security.org/various/software/984396829,33976,linux.shtml >
----------------------------------------------------------------------------
BLOWCRYPT
Blowcrypt is a file encryption software suite based around the blowfish algorithm.
Blowfish comes with a graphical user interface (Tk front-end), but can also be
used from the command line. The key length is currently set to 448 bits. It
contains two perl scripts and two modules. Encrypt and decrypt are the perl
scripts that manipulate the base programs. Next, are the base modules blowfish
and RSA's md5 that do the actual encryption. Finally, there is a tk program,
called tkblow. This GUI front-end to the perl scripts enables multiple selections
of files for encryption and decryption.
Info/Download:
< http://www.net-security.org/various/software/984397215,23610,linux.shtml >
----------------------------------------------------------------------------
RASLOCK ME V1.0
RASLock Me allows you to set user-level security for Internet dial-up (RAS)
connections. Using RASLock Me you can limit incoming and outgoing traffic,
limit time online, and set allowed and denied time periods for any user. The
program enhances the standard Windows security by allowing you to control
Internet access via modems. RASLock Me runs transparently in the background
and is invisible to users. It automatically disconnects users that exceed allowed
time or traffic.
Info/Download:
< http://www.net-security.org/various/software/984397628,63510,windows.shtml >
----------------------------------------------------------------------------
LOCKTIGHT V2.0
LockTight Security System lets you encrypt files by simply dragging and
dropping them into the LockTight interface. You can mix encryption engines,
keys, and passwords to protect your data.
Info/Download:
< http://www.net-security.org/various/software/984398117,44778,windows.shtml >
----------------------------------------------------------------------------
Defaced archives
------------------------
[05.03.2001]
Original: http://www.ncx.gov.cn/
Defaced: http://defaced.alldas.de/mirror/2001/03/05/www.ncx.gov.cn/
OS: Solaris
Original: http://directnews.net/
Defaced: http://defaced.alldas.de/mirror/2001/03/05/directnews.net/
OS: Linux
Original: http://www.fujitsu.com.hk/
Defaced: http://defaced.alldas.de/mirror/2001/03/05/www.fujitsu.com.hk/
OS: Windows
Original: http://tjfolio.tj.sc.gov.br/
Defaced: http://defaced.alldas.de/mirror/2001/03/05/tjfolio.tj.sc.gov.br/
OS: Windows
Original: http://www.fiat.co.uk/
Defaced: http://defaced.alldas.de/mirror/2001/03/05/www.fiat.co.uk/
OS: Windows
Original: http://www.chenzhou.gov.cn/
Defaced: http://defaced.alldas.de/mirror/2001/03/05/www.chenzhou.gov.cn/
OS: Solaris
Original: http://www.sony.com.my/
Defaced: http://defaced.alldas.de/mirror/2001/03/05/www.sony.com.my/
OS: Windows
[06.03.2001]
Original: http://www.quicktime.com.tw/
Defaced: http://defaced.alldas.de/mirror/2001/03/06/www.quicktime.com.tw/
OS: Linux
Original: http://www.crimebusters.org/
Defaced: http://defaced.alldas.de/mirror/2001/03/06/www.crimebusters.org/
OS: Windows
Original: http://www.audiofind.com/
Defaced: http://defaced.alldas.de/mirror/2001/03/06/www.audiofind.com/
OS: Linux
Original: http://www.linux.org.in/
Defaced: http://defaced.alldas.de/mirror/2001/03/06/www.linux.org.in/
OS: Linux
Original: http://www.capnhq.gov/
Defaced: http://defaced.alldas.de/mirror/2001/03/06/www.capnhq.gov/
OS: Windows
Original: http://www.linux.com.hk/
Defaced: http://defaced.alldas.de/mirror/2001/03/06/www.linux.com.hk/
OS: Linux
[07.03.2001]
Original: http://kungfulinux.com/
Defaced: http://defaced.alldas.de/mirror/2001/03/07/kungfulinux.com/
OS: Linux
Original: http://www.honda.com.mx/
Defaced: http://defaced.alldas.de/mirror/2001/03/07/www.honda.com.mx/
OS: Linux
Original: http://www.hp.com.tw/
Defaced: http://defaced.alldas.de/mirror/2001/03/07/www.hp.com.tw/
OS: Windows
Original: http://arts.endow.gov/
Defaced: http://defaced.alldas.de/mirror/2001/03/07/arts.endow.gov/
OS: Windows
Original: http://goes2.gsfc.nasa.gov/
Defaced: http://defaced.alldas.de/mirror/2001/03/07/goes2.gsfc.nasa.gov/
OS: Windows
[08.03.2001]
Original: http://epg.er.usgs.gov/
Defaced: http://defaced.alldas.de/mirror/2001/03/08/epg.er.usgs.gov/
OS: Windows
Original: http://www.globalnews.it/
Defaced: http://defaced.alldas.de/mirror/2001/03/08/www.globalnews.it/
OS: Windows
Original: http://www.linuxbsa.org/
Defaced: http://defaced.alldas.de/mirror/2001/03/08/www.linuxbsa.org/
OS: Linux
Original: http://www.appeal.tcg.gov.tw/
Defaced: http://defaced.alldas.de/mirror/2001/03/08/www.appeal.tcg.gov.tw/
OS: Unknown
Original: http://www.fbi.com/
Defaced: http://defaced.alldas.de/mirror/2001/03/08/www.fbi.com/
OS: Windows
[09.03.2001]
Original: http://www.ecorecycle.vic.gov.au/
Defaced: http://defaced.alldas.de/mirror/2001/03/09/www.ecorecycle.vic.gov.au/
OS: Windows
Original: http://www.chcc.nsw.gov.au/
Defaced: http://defaced.alldas.de/mirror/2001/03/09/www.chcc.nsw.gov.au/
OS: Windows
Original: http://www.bromley.gov.uk/
Defaced: http://defaced.alldas.de/mirror/2001/03/09/www.bromley.gov.uk/
OS: Windows
Original: http://www.linuxkorea.com/
Defaced: http://defaced.alldas.de/mirror/2001/03/09/www.linuxkorea.com/
OS: Linux
Original: http://www.chifeng.gov.cn/
Defaced: http://defaced.alldas.de/mirror/2001/03/09/www.chifeng.gov.cn/
OS: Windows
[10.03.2001]
Original: http://www.mcdonalds.com.co/
Defaced: http://defaced.alldas.de/mirror/2001/03/10/www.mcdonalds.com.co/
OS: Windows
Original: http://see.msfc.nasa.gov/
Defaced: http:
7;/defaced.alldas.de/mirror/2001/03/10/see.msfc.nasa.gov/
OS: Windows
Original: http://www.scs.df.gov.br/
Defaced: http://defaced.alldas.de/mirror/2001/03/10/www.scs.df.gov.br/
OS: Windows
----------------------------------------------------------------------------
Questions, contributions, comments or ideas go to:
Help Net Security staff
staff@net-security.org
http://net-security.org
http://security-db.com
