💾 Archived View for clemat.is › saccophore › library › ezines › textfiles › ezines › HNS › issue027.… captured on 2022-01-08 at 15:56:46.
⬅️ Previous capture (2021-12-03)
-=-=-=-=-=-=-
Net-Sec newsletter Issue 27 - 28.08.2000 http://net-security.org Net-Sec is a newsletter delivered to you by Help Net Security. It covers weekly roundups of security events that were in the news the past week. Visit Help Net Security for the latest security news - http://www.net-security.org. Subscribe to this weekly digest on: http://www.net-security.org/text/newsletter Table of contents: 1) General security news 2) Security issues 3) Security world 4) Featured articles 5) Security books 6) Security software 7) Defaced archives ============================================================ In association with Kaspersky Lab (www.kasperskylabs.com), HNS staff created a new section of the site, with about 400 descriptions of well known and not so know viruses. Specially interesting part of that section are screenshots of 50 virus infections. All viruses are well categorized and easy to browse. Point your browser to this URL: http://www.net-security.org/text/viruses ============================================================ General security news --------------------- ---------------------------------------------------------------------------- TROJAN USERS CAUGHT IN CHINA Three local high school students were arrested on Monday for allegedly running Trojan programs to steal dial-up account passwords from compromised computer systems. Reporter speaks about SunSeven trojan program, but it is obvious that SubSeven was used... Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.chinatimes.com.tw//english/esociety/89082202.htm ATTACKING WEB SITES TO GET THE MESSAGE OUT Several sites around the world were reportedly broken into and changed last week by one or more people claiming to be calling attention to the fight between the music industry and the digital music-swapping Web site Napster. A manifesto of sorts was posted in support of Napster's fight against music industry labels, titled "The Save Napster Hack Attack." Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.cnn.com/2000/TECH/computing/08/21/napster.hacks.idg/index.html HIRING HACKERS - RANT "Palante", who works in an unnamed Fortune 500 company's infosec consulting division, posted his opinion on all those struggles that some companies started with saying that people shouldn't hire hackers. Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.globetechnology.com/archive/gam/News/20000822/ROUTS.html PRETENDER Someone tried to dupe several Malaysian Internet users into giving away their private financial information by posing as an online executive at Maybank company. The article has a standard mistake - trojans are connected with the word hacker. Link: http://thestar.com.my/tech/story.asp/2000/8/22/technology/22hack&sec=technology TREND MICRO ITALIA SITE DEFACED Italian branch of anti virus company Trend Micro (www.trendmicro.it), got its site defaced yesterday for two times. A note was left for the admins - "secure yourself man, *hint - securityfocus.com". Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.attrition.org/mirror/attrition/2000/08/21/www.trendmicro.it/ WRISTWATCHES COULD PROVIDE THE KEY TO BETTER IT SECURITY A US company has devised a plan to make IT security as simple as telling the time - by incorporating an automated PC locking device into wristwatches. Michigan-based Ensure technologies argue that despite the furore about attackers, most breaches of security occur in-house - namely in users' complacency in leaving PCs switched on or divulging their passwords to others. Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.ananova.com/news/story/technology_us-gadgets-privacy_942524.html SECURE MESSAGING OFFERED VeriSign and Slam Dunk Networks are teaming up to offer a message delivery infrastructure that will guarantee business-to-business transaction participants that their messages will be protected, delivered, and properly accepted at their rightful destinations. Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.infoworld.com/articles/hn/xml/00/08/22/000822hnverslam.xml AUSTRALIA FEARS HACKERS MAY TARGET GAMES Computer experts will work around the clock during the Sydney Olympics to keep out cyber hackers who might try to vandalize Games Web sites. Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.mercurycenter.com/svtech/news/breaking/internet/docs/334890l.htm THE WORLD'S MOST SECURE OPERATING SYSTEM "OpenBSD is probably one of the most secure operating systems out there," says Chris Brenton, author of Mastering Network Security. "The crew does a fantastic job of locking down and being responsive when vulnerabilities are found." Such a good job that the U.S. Department of Justice uses 260 copies of OpenBSD to store and transmit its most sensitive data..." Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.thestandard.com/article/article_print/1,1153,17541,00.html BT WEB SITE SECURITY BLUNDER The Insight Interactive portion of the BT.com Web site has a gaping hole in its security. Any registered user's details can be accessed by entering their user name and password. The trouble is, the same password works whichever username you use. Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.theregister.co.uk/content/6/12794.html WILL 3G DEVICES BE SECURE? While anticipating the delights of 3G, be aware of the inherent dangers. According to computer security experts, all this connectivity and functionality will inevitably mean an increased risk of attack by mobile viruses and worms as well as malicious attackers. Evidence of potential for new threats can already be seen. Earlier this month Japan's highly successful mobile broadband standard i-mode ran into its first major security issue highlighting the dangers ahead. Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.zdnet.co.uk/news/2000/33/ns-17466.html YET ANOTHER CONTEST Noted Chinese consumer electronics production company, Hisense, has challenged everybody to penetrate a server equipped with its newly developed firewall products before September 1 to win 500,000 yuan. Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://english.peopledaily.com.cn/200008/23/eng20000823_48861.html PIMPSHIZ INTERVIEWED BY HWA HWA Security has an interview with 16 year old 'pimpshiz' who reportedly defaced over 60 sites in a pro-napster social disobedience action. Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.hwa-security.net/pimpshiz.txt BIG BROTHER DATABASE APPARENTLY COMPROMIZED An unknown attacker has apparently gained unauthorized access to the main database of contestants for Spain's version of Big Brother, called Gran Hermano in Spain. According to reports, the database contains details including credit history, IQs, and mental health on over 1,700 would-be contestants. Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.geek.com/news/geeknews/q22000/gee2000824002209.htm NASTY PGP BUG Ralf Senderek has found a nasty bug in PGP versions 5 and 6. It's of scientific interest because it spectacularly confirms a prediction made by a number of researchers in the paper on `The Risks of Key Recovery, Key Escrow, and Trusted Third-Party Encryption' that key escrow would make it much more difficult than people thought to build secure systems. Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://cryptome.org/pgp-badbug.htm PIKACHU WORM SPREADING A computer worm featuring the cuddly Japanese cartoon character Pikachu has been found in computers in the United States, leaving some operating systems devastated, an anti-virus software firm said on Thursday. The worm was found by Trend Micro near two months ago. Link: http://net-security.org/text/viruses/962474496,16084,.shtml HOW TO SPY ON YOUR EMPLOYEES Companies that want to spy on employees' Internet usage already have an array of tools. Research firm IDC predicts that in four years, the industry will generate $562 million in revenue. But employers fixated on monitoring employees may be wasting time and killing morale. Moreover, they may be setting themselves up to be sued. Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.msnbc.com/news/449233.asp?cp1=1 YAHOO TO OFFER ENCRYPTED EMAIL OPTION Yahoo plans to let its email account holders use data scrambling to protect the privacy of their messages, marking a potentially significant advance for the mainstream use of encryption. Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://news.cnet.com/news/0-1005-200-2605437.html TRUSTE PRIVACY SITUATION Interhack Corporation has issued a report stating that visitors to the TRUSTe website have themselves unknowingly been tracked and were having pseudonymous information about them being directed to a third party, TheCounter.com. Link: http://www.securitywatch.com/scripts/news/list.asp?AID=3697 RSA UPGRADING SECURITY SOFTWARE RSA Security next week will unveil an upgraded version of its PKI software, adding support for digital certificates from multiple vendors and making it easier for security administrators to register users to receive certificates through an automated download process. Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.infoworld.com/articles/hn/xml/00/08/25/000825hnrsa.xml HOAX HITS EMULEX Shares of Emulex tumbled to $43 from their previous close of $113.063 after false news circulated that the California-based company was restating its earnings, that its CEO had quit, and that it was under investigation by the Securities and Exchange Commission. Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.techserver.com/noframes/story/0,2294,500243647-500360148-502111278-0,00.html NEW PGP RELEASE MIT Distribution Center for PGP software has the new version of the program posted on-line. This release corrects a security-related bug with Additional Decryption Keys (ADKs) that may allow sophisticated attackers to add unauthorized ADK key IDs to the unhashed areas of PGP public keys. Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://web.mit.edu/network/pgp.html KOREAN MINISTRY WEBSITE HIT BY DOS The Ministry of Information and Communication fell prey to attackers who managed to bring the Web site to a standstill for 10 hours Saturday. The Web site was downed at 12 but all services were restored by 10 p.m. Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://koreaherald.co.kr/news/2000/08/__10/20000828_1038.htm MAC OS X SERVER - SECURITY GUIDELINES This document outlines some security measures for the Mac OS X Server 1.0 - 1.2 platform. While Mac OS X Server (OSXS) is a fairly secure environment out of the box, these basic measures help create a more secure computing environment. Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.securemac.com/osxsecurity.cfm ARACHNE BROWSER ARCHITECT DISMISSES VIRUS CHARGE Michael Polak, a Czech scientist whose browser has been causing so many problems for its users that he was accused of disseminating a virus, issued an explanation on his Web site this week. Polak, who offers Arachne free of charge for non-commercial use, had received numerous complaints from people who had their files wiped out after they installed the browser. Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.computeruser.com/news/00/08/28/news1.html BUG HUNTERS Associated Press has an article entitled "Bug hunters consider whether to reveal software flaws" which speaks of bug reporting to software vendors. The interesting part is that they have quotes from bug hunters and several companies about reacting to security issues. Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.techserver.com/noframes/story/0,2294,500244316-500361480-502123615-0,00.html ---------------------------------------------------------------------------- Security issues --------------- All vulnerabilities are located at: http://net-security.org/text/bugs ---------------------------------------------------------------------------- FRONTPAGE SERVER EXTENSIONS SHTML.EXE DOS The FrontPage Server Extensions are vulnerable to a remote denial of service attack that will disable all FrontPage operations on a web site. By requesting a URL that includes a DOS device name, the server extensions will hang and will not service any further requests. To re-enable the server extensions requires restarting IIS or rebooting the server. Link: http://www.net-security.org/text/bugs/967048516,37265,.shtml REMOTE DOS IN PRAGMA TELNETSERVER 2000 The Ussr Labs team has recently discovered a buffer overflow memory problem in the rpc module of the Pragma TelnetServer 2000. What happens is by performing an attack with a malformed request to port 512 it will cause the process containing the services to crash. Link: http://www.net-security.org/text/bugs/967122232,16999,.shtml WEBSERVER PRO 2.3.7 VULNERABILITY The vulnerability (or bad server administration) allow any user to create arbitrary files with arbitrary text on the victim machine, from the Internet Web Browser. Link: http://www.net-security.org/text/bugs/967214843,48495,.shtml [MANDRAKE LINUX] XCHAT UPDATE XChat 1.3.9 and later allow users to right-click on a URL appearing in an IRC discussion and select the "Open in Browser" option. To open the URL in a browser, XChat passes the command to /bin/sh. This allows a malicious URL the ability to execute arbitrary shell commands as the user that is running XChat. This update changes the functionality of XChat to bypass the shell and execute the browser directly. Thanks go to Red Hat for providing the patch. Link: http://www.net-security.org/text/bugs/967214951,8515,.shtml [CALDERA LINUX] LD.SO UNSETENV PROBLEM A bug has been discovered in ld.so that could allow local users to obtain super user privilege. The dynamic loader ld.so is responsible for making shared libraries available within a program at run-time. Normally, a user is allowed to load additional shared libraries when executing a program; they can be specified with environment variables like LD_PRELOAD. Link: http://www.net-security.org/text/bugs/967215087,33684,.shtml "IIS CROSS-SITE SCRIPTING" VULNERABILITIES PATCHED Microsoft has released a patch that eliminates security vulnerabilities in Microsoft Internet Information Server. The vulnerabilities could allow a malicious web site operator to misuse another web site as a means of attacking users. Link: http://www.net-security.org/text/bugs/967298521,30706,.shtml "MONEY PASSWORD" VULNERABILITY PATCHED Microsoft has released a patch that eliminates a security vulnerability in Microsoft Money. The vulnerability could allow a malicious user to obtain the password of a Money data file. Link: http://www.net-security.org/text/bugs/967298631,3545,.shtml ADVISORY: MGETTY LOCAL COMPROMISE Faxrunqd follows symbolic links when creating certain files. The default location for the files is /var/spool/fax/outgoing, which is a world-writable directory. Local users can destroy the contents of any file on a mounted filesystem because faxrunqd is usually run by root Link: http://www.net-security.org/text/bugs/967304131,68635,.shtml KERBEROS PASSWORD AUTHENTICATION ISSUES Kerberized programs that perform password authentication may be vulnerable to an attacker with the ability to spoof KDC responses (either as a race condition on the LAN, or via DNS cache poisoning, spoofed ICMP redirects or router advertisments, etc.). Link: http://www.net-security.org/text/bugs/967488533,33506,.shtml ---------------------------------------------------------------------------- Security world -------------- All press releases are located at: http://net-security.org/text/press ---------------------------------------------------------------------------- PKI-BASED DIGITAL SIGNING OF WEB PAGES - [22.08.2000] Celo Communications, a global innovator in the development and deployment of digital signatures, announced a unique digital signature product for secure Internet transactions. CeloCom eSigner is based on Public Key Infrastructure, and enables digital signing of entire web pages. The CeloCom eSigner allows complex legal documents and contracts to be digitally signed, authenticated and validated, bringing e-business transaction security to new levels. Press release: < http://www.net-security.org/text/press/966913616,96346,.shtml > ---------------------------------------------------------------------------- CERTIFICATION FOR CHECK POINT VPN-1/FIREWALL-1 - [22.08.2000] Foundry Networks, Inc., a leader in high-performance end-to-end switching and routing solutions, announced that Foundry's ServerIron Internet traffic and content management switches are the first to receive OPSEC (Open Platform for Security) Certification from Check Point Software Technologies Ltd., for Check Point VPN-1/FireWall-1 high availability with load balancing. Check Point certified that Foundry's award winning ServerIronXL switches are the first to provide load balancing and fail-over of all active sessions, including VPN-1 sessions, for Check Point's VPN-1/FireWall-1 4.1 products. Press release: < http://www.net-security.org/text/press/966913668,25089,.shtml > ---------------------------------------------------------------------------- NORTON INTERNET SECURITY WITH INTEL DESKTOP BOARDS - [22.08.2000] Symantec Corp., a world leader in Internet security, announced that Intel Corp., the leader in desktop PC technology, has chosen Norton Internet Security Family Edition to ship with selected Intel Desktop Boards. The combination of Symantec's award-winning security software with the performance and quality of Intel Desktop Boards provides a solid foundation with superior Internet protection for the consumers' home office and small business environments. Press release: < http://www.net-security.org/text/press/966913803,24061,.shtml > ---------------------------------------------------------------------------- NEW ONLINE ANTI-VIRUS SCANNER CERTIFICATION - [23.08.2000] ICSA.net announced an expansion of its anti-virus product certification-testing suite with the introduction of the new Online Anti-Virus Scanner Certification Program. The Internet security leader also announced that HouseCall from Trend Micro Inc. is the first product to achieve the certification. Trend Micro is a leading provider of tools to detect and block viruses, malicious code and related Internet security threats. The new certification program's criteria initially will include monthly testing for 100 percent of viruses currently found "in the wild," as well as for 100 percent of the current common infectors list. Press release: < http://www.net-security.org/text/press/966994207,5238,.shtml > ---------------------------------------------------------------------------- WAVE SYSTEMS ANNOUNCES TRUST @ THE EDGE - [23.08.2000] Wave Systems Corp., announced a strategic new security architectural model for creating multi-party trust in user devices. Trust @ the Edge specifies the integration of strong security in every user device, a major breakthrough in the challenge of creating trusted and private digital relationships while enabling reliable electronic exchange and commerce over the Internet. Press release: < http://www.net-security.org/text/press/966994343,19617,.shtml > ---------------------------------------------------------------------------- NEW BOOK BY BRUCE SCHNEIER - [23.08.2000] Bruce Schneier, computer security expert, CTO and founder of Counterpane Internet Security, Inc., has written a new book specifically for corporate managers. Secrets and Lies: Digital Security in a Networked World is a practical, straightforward guide to understanding and achieving security throughout computer networks. Schneier draws on his extensive field experience to dispel myths as well as help business executives assess corporate security risks to choose the right solutions and implement the right processes. Press release: < http://www.net-security.org/text/press/966994526,44171,.shtml > ---------------------------------------------------------------------------- TREND MICRO LAUNCHES ANTIVIRUS AFFILIATE PROGRAM - [23.08.2000] Trend Micro, Inc., announced the launch of an affiliate marketing program that further enables mutually beneficial relationships between Trend Micro and on-line service providers including ISPs. The Affiliate Program is part of Trend Micro's eDoctor Global Network, a worldwide Internet security initiative comprised of service providers that offer virus scanning and information as a value-added service to their customers. Through the Antivirus Affiliate Program Trend Micro is inviting U.S. and Canadian ISPs and other on-line service providers to add valuable content and links to their web sites to help their visitors and customers to enjoy a safer Internet experience including: - Virus alerts and other informational content - Hot links to Trend Micro's "Virus Encyclopedia" - Options to link or frame Trend Micro's HouseCall online virus scanner - 10% commissions on Trend Micro product sales to their Websites' Press release: < http://www.net-security.org/text/press/967047592,24761,.shtml > ---------------------------------------------------------------------------- ADVANCED VIRUS PROTECTION FOR MAIL.COM - [25.08.2000] Mail.com, Inc., a leading Messaging Service Provider to businesses, announced the next generation in its scalable, fully outsourced e-mail firewall services - enhanced MailWatch solution- providing innovative and robust protection for corporate e-mail systems against viruses, spam, offensive or threatening content, and inappropriate attachments. The advanced MailWatch service features are available to businesses as a stand-alone service or can work in conjunction with Mail.com's leading edge business e-mail services. As an additional layer of security, customers of Mail.com's business e-mail services are protected through SSL encryption for all user authentication and messaging. Press release: < http://www.net-security.org/text/press/967215417,80712,.shtml > ---------------------------------------------------------------------------- SECURANT TECHNOLOGIES PARTNERS WITH BALTIMORE TECH - [25.08.2000] Securant Technologies, the access management company that secures e-business, announced its partnership with Baltimore Technologies, a global leader in e-security solutions. Through the Baltimore PKI World program, Securant will deliver integrated solutions for protecting eBusiness resources based on the award winning ClearTrust SecureControl access management system and Baltimore UniCERT Certificate Management system. This will allow enterprises, government agencies and service providers to centrally control and personalize access to Web-based and Web-presented applications, content and transactions by marrying Baltimore e-security with Securant's dynamic, rules-based authorization and access management platform. Press release: < http://www.net-security.org/text/press/967215503,81794,.shtml > ---------------------------------------------------------------------------- Featured articles ----------------- All articles are located at: http://www.net-security.org/text/articles Articles can be contributed to staff@net-security.org Listed below are some of the recently added articles. ---------------------------------------------------------------------------- CONSOLE IOCTLS UNDER LINUX by Shok (Matt Conover) Console IOCTLs can be very useful and powerful. These are the IOCTls that involve the console. They are the user interface to manipulation of the console. I am going to go over these console IOCTLs and give you examples of them. You can make some pretty powerful programs, whether they be general utilities or security programs, with these (such as Auto Console Switching and Console Access Protection). The structure of this article will be the name of the IOCTL, and then example source code to uses of the IOCTL. Article: < http://www.net-security.org/text/articles/console.shtml > ---------------------------------------------------------------------------- LKM: KERNEL HACKING MADE EASY by Nicolas Dubee - w00w00.org The following applies to the Linux i86 2.0.x kernel series. It may also be accurate for previous releases, but has not been tested. 2.1.x kernels introduced a bunch of changes, notably in the memory managment routines, and are not discussed here. Article: < http://www.net-security.org/text/articles/kernel.shtml > ---------------------------------------------------------------------------- Featured books ---------------- The HNS bookstore is located at: http://net-security.org/various/bookstore Suggestions for books to be included into our bookstore can be sent to staff@net-security.org ---------------------------------------------------------------------------- SECRETS AND LIES: DIGITAL SECURITY IN A NETWORKED WORLD Internationally recognized computer security expert Bruce Schneier offers a practical, straightforward guide to achieving security throughout computer networks. Schneier uses his extensive field experience with his own clients to dispel the myths that often mislead IT managers as they try to build secure systems. This practical guide provides readers with a better understanding of why protecting information is harder in the digital world, what they need to know to protect digital information, how to assess business and corporate security needs, and much more. Book: < http://www.amazon.com/exec/obidos/ASIN/0471253111/netsecurity > ---------------------------------------------------------------------------- WINDOWS 2000 SYSTEM ADMINISTRATION HANDBOOK From the Inside Flap: Welcome to the Windows 2000 Systems Administration Training Course. As IT professionals, we have watched Windows 2000 slowly mature from a very rough NT5 beta 1 to a robust, polished Windows 2000 released product. As authors, we have attempted to bring you a collection of the topics most relevant to systems administration while adding insight from our own personal experiences implementing and administering Windows 2000 throughout the lengthy beta period, up to and including the final release. We hope that you will find this multimedia training course useful as you study and develop your Windows 2000 system administration skills. Book: < http://www.amazon.com/exec/obidos/ASIN/0130270105/netsecurity > ---------------------------------------------------------------------------- WINDOWS 2000 AND MAINFRAME INTEGRATION The following topics are covered for both Windows 2000 and OS/390 (except the topics that are inherently Windows 2000 specific): History of the operating systems; overview of the operating systems; system architecture; memory management; multitasking (multiprogramming); i/o device management; file system; how programs are loaded and managed by the OS; job and task management; Windows Scripting Host; catalogs and directories (including, briefly, Windows 2000 Active Directory Service); DNS; printer management; operator control of OS features; security; networking; transaction, database, and message processing; communicating with OS/390 using terminal emulation or an SNA server; SNA subdomains; overview of integrating Windows 2000 and mainframe applications; using Mainframe Express to create a mainframe development environment on a workstation; scalability; and availability. Book: < http://www.amazon.com/exec/obidos/ASIN/1578702003/netsecurity > ---------------------------------------------------------------------------- TRUST ON TRIAL: HOW THE MICROSOFT CASE IS REFRAMING THE RULES OF COMPETITION Is Microsoft truly a classic monopoly, whose aggressive pursuit of markets for Internet browsers and operating systems is harmful to consumers and worthy of government intervention? Or has it actually been a victim of aggressive rivals (led by Sun, Novell, Oracle, and IBM) who called in high-level favors to keep Bill Gates & Company out of the lucrative market for network servers? Richard McKenzie, a noted economist and the author of more than 20 books, is convinced of the latter. He advances a formidable argument on that behalf in Trust on Trial, which maintains "the Microsoft case has shown--and not for the first time - how politics can taint the antitrust enforcement process." Starting with copies of major U.S. antitrust laws, McKenzie shows how cases such as this eventually may affect consumers in both the short and long term. Book: < http://www.amazon.com/exec/obidos/ASIN/0738203319/netsecurity > ---------------------------------------------------------------------------- PROFESSIONAL WAP Wireless Application Protocol and its related technologies are emerging as the standard way of creating network-wise software for wireless computing devices, such as mobile telephones. Wrox Press's crack team of programmer-writers have put together a winner in Professional WAP. To a greater extent than any other WAP book on the market, this volume shows its readers how to do real work by using WAP, Wireless Markup Language (WML), WMLScript, and various toolkits and servers that ease wireless application development. Best of all, the authors realize that most folks working as WAP developers have Web roots; they explain their subjects in terms that anyone with a bit of HTML and Web-scripting (JavaScript or VBScript) background should be able to follow easily. Book: < http://www.amazon.com/exec/obidos/ASIN/1861004044/netsecurity > ---------------------------------------------------------------------------- DESIGNING SECURE WEB-BASED APPLICATIONS FOR MICROSOFT WINDOWS 2000 "Web-based applications" is getting to be a redundant term, but that only highlights the fact that up-to-date programmers need to be familiar with the strategies and practices used to build modern networked software. Designing Secure Web-Based Applications for Microsoft Windows 2000 explains precisely what its title specifies: the mechanisms for allowing Windows programs to communicate over the network while maintaining security, plus their ways of fitting into complete product architectures. It's an engineering document with considerable information on identifying security threats, giving them relative weight, and deciding how to deal with them in the designs of your systems. The author has both done his homework and worked in the industry, and it's a pleasure to read his distilled knowledge. Book: < http://www.amazon.com/exec/obidos/ASIN/0735609950/netsecurity > ---------------------------------------------------------------------------- Security Software ----------------- All programs are located at: http://net-security.org/various/software ---------------------------------------------------------------------------- FIRESTARTER 0.4.1 (LINUX) The goal of FireStarter is to provide an easy to use, yet powerful, GUI tool for setting up, administrating and monitoring firewalls for Linux machines. FireStarter is made for the GNOME desktop. It can actively monitor your firewall and list any unauthorized connection attempts made to your machine in a readable table format. Changes: Better service determination, can launch firewall on PPP connect, and bug fixes. Link: < http://net-security.org/cgi-bin/file.cgi?firestarter-0.4.1.tar.gz > ---------------------------------------------------------------------------- APPSTRAKA 3.10 AppsTraka is a powerful security program you can use to paint a very clear picture of how others are using your computer. You can set it up to log all open windows, including title, time, and duration, and to save screenshots of your desktop at a regular interval of your choosing. Beyond surveillance, AppsTraka allows you to deny access to any programs on your computer, based on the current user. You can simply deny access altogether, impose a time limit, or require a password to access any program you add to the secured list. You can also hide items from the Start menu and select drives. You can run AppsTraka in stealth mode, making the program all but undetectable, or make it as visible as you wish, complete with warning messages. This download expires after 30 days. The cost to register is $30. Link: < http://net-security.org/cgi-bin/file.cgi?appstraka310.exe > ---------------------------------------------------------------------------- QMAIL-SCANNER 0.92 (LINUX) Qmail-Scanner (also known as Scan4Virus) is an addon that enables a Qmail e-mail server to scan all gatewayed e-mail for certain characteristics. It is typically used for its anti-virus protection functions, in which case it is used in conjunction with commercial virus scanners. But it also enables a site to react to e-mail that contains specific strings in particular headers, or particular attachment filenames or types. Qmail-Scanner is integrated into the mail server at a lower level than some other Unix-based virus scanners, resulting in better performance. It is capable of scanning not only locally sent/received e-mail, but also e-mail that crosses the server in a relay capacity. Link: < http://net-security.org/cgi-bin/file.cgi?qmail-scanner-0.92.tgz > ---------------------------------------------------------------------------- WINFINGERPRINT 227 Advanced remote windows OS detection. Current Features: Determine OS using SMB Queries, PDC (Primary Domain Controlller), BDC (Backup Domain Controller), NT MEMBER SERVER, NT WORKSTATION, SQLSERVER, NOVELL NETWARE SERVER, WINDOWS FOR WORKGROUPS, WINDOWS 9X, Enumerate Servers, Enumerate Shares including Administrative ($), Enumerate Global Groups, E numerate Users, Displays Active Services, Ability to Scan Network Neighborhood, Ability to establish NULL IPC$ session with host, Ability to Query Registry (currently determines Service Pack Level & Applied Hotfixes. Link: < http://net-security.org/cgi-bin/file.cgi?winfingerprint-227.zip > ---------------------------------------------------------------------------- SPYTECH NETARMOR 1.0.2 Spytech NetArmor is a secure Internet protection utility for your Windows PC. NetArmor's main objective is to detect possible malicious hacker intrusions and alert you so you can safely shutdown your machine, log off, or disconnect from the Internet. NetArmor is not a firewall, but a connection monitoring utility - good for personal and corporate protection. NetArmor can detect attacks from over 350 common backdoors. The unregistered version limits monitoring sessions to 10 minutes. Registration costs $19.95. Link: < http://net-security.org/cgi-bin/file.cgi?netarmor.zip > ---------------------------------------------------------------------------- NMAP 2.54 BETA (LINUX) Nmap is a utility for port scanning large networks, although it works fine for single hosts. Sometimes you need speed, other times you may need stealth. In some cases, bypassing firewalls may be required. Not to mention the fact that you may want to scan different protocols (UDP, TCP, ICMP, etc.). Nmap supports Vanilla TCP connect() scanning, TCP SYN (half open) scanning, TCP FIN, Xmas, or NULL (stealth) scanning, TCP ftp proxy (bounce attack) scanning, SYN/FIN scanning using IP fragments (bypasses some packet filters), TCP ACK and Window scanning, UDP raw ICMP port unreachable scanning, ICMP scanning (ping-sweep), TCP Ping scanning, Direct (non portmapper) RPC scanning, Remote OS Identification by TCP/IP Fingerprinting, and Reverse-ident scanning. Nmap also supports a number of performance and reliability features such as dynamic delay time calculations, packet timeout and retransmission, parallel port scanning, detection of down hosts via parallel pings. Link: < http://net-security.org/cgi-bin/file.cgi?nmap-2.54BETA3.tgz > ---------------------------------------------------------------------------- Defaced archives ------------------------ [21.08.2000] - Compunet Engineering Original: http://www2.cne-kc.com/ Defaced: http://www.attrition.org/mirror/attrition/2000/08/21/www2.cne-kc.com/ [21.08.2000] - Computer multimedia and internet technology Pvt.Ltd Original: http://www.visionindia.net/ Defaced: http://www.attrition.org/mirror/attrition/2000/08/21/www.visionindia.net/ [21.08.2000] - National Oceanic and Atmospheric Administration Original: http://vortex.cmdl.noaa.gov/ Defaced: http://www.attrition.org/mirror/attrition/2000/08/21/vortex.cmdl.noaa.gov/ [21.08.2000] - Malaysian Department of Immigration Original: http://www.imi.gov.my/ Defaced: http://www.attrition.org/mirror/attrition/2000/08/21/www.imi.gov.my/ [21.08.2000] - Atlantic City Free Public Library LibGate Original: http://libgate.atlantic.city.lib.nj.us/ Defaced: http://www.attrition.org/mirror/attrition/2000/08/21/libgate.atlantic.city.lib.nj.us/ [21.08.2000] - Interactive Media, Inc. Original: http://www.iowa.com/ Defaced: http://www.attrition.org/mirror/attrition/2000/08/21/www.iowa.com/ [21.08.2000] - Trend Micro Italy Original: http://www.trendmicro.it/ Defaced: http://www.attrition.org/mirror/attrition/2000/08/21/www.trendmicro.it/ [22.08.2000] - Ars Electronica Center FORCE Server Original: http://force.aec.at/ Defaced: http://www.attrition.org/mirror/attrition/2000/08/22/force.aec.at/ [22.08.2000] - Machine Intelligent System International Original: http://misasia.com.sg/ Defaced: http://www.attrition.org/mirror/attrition/2000/08/22/misasia.com.sg/ [22.08.2000] - Linux Malaga Original: http://www.linux-malaga.org/ Defaced: http://www.attrition.org/mirror/attrition/2000/08/22/www.linux-malaga.org/ [22.08.2000] - Gridlink Internet Services (primary nameserver) Original: http://ns1.gridlink.com/ Defaced: http://www.attrition.org/mirror/attrition/2000/08/22/ns1.gridlink.com/ [22.08.2000] - South Georgia Business Systems Original: http://www.sogbs.com/ Defaced: http://www.attrition.org/mirror/attrition/2000/08/22/www.sogbs.com/ [22.08.2000] - Ticketmaster UK Ltd Original: http://www.ticketmaster.co.uk/ Defaced: http://www.attrition.org/mirror/attrition/2000/08/22/www.ticketmaster.co.uk/ [23.08.2000] - American Association for Higher Education Original: http://aahe.org/ Defaced: http://www.attrition.org/mirror/attrition/2000/08/23/aahe.org/ [24.08.2000] - Highgate & Islington Internet Original: http://www.digitalcertificate.co.uk/ Defaced: http://www.attrition.org/mirror/attrition/2000/08/24/www.digitalcertificate.co.uk/ [24.08.2000] - APG SA Original: http://linux.atomis.com/ Defaced: http://www.attrition.org/mirror/attrition/2000/08/24/linux.atomis.com/ [25.08.2000] - JPL Space Exploration Post 509 Original: http://www.post509.org/ Defaced: http://www.attrition.org/mirror/attrition/2000/08/25/www.post509.org/ [26.08.2000] - Net Deamon Original: http://www.netdeamon.net/ Defaced: http://www.attrition.org/mirror/attrition/2000/08/26/www.netdeamon.net/ [26.08.2000] - Eutelsat Original: http://www.euteltracs.org/ Defaced: http://www.attrition.org/mirror/attrition/2000/08/26/www.euteltracs.org/ [26.08.2000] - Solution Bankcard Original: http://www.solutionbankcard.com/ Defaced: http://www.attrition.org/mirror/attrition/2000/08/26/www.solutionbankcard..com/ [26.08.2000] - Gamescentral.com Original: http://www.gamescentral.com/ Defaced: http://www.attrition.org/mirror/attrition/2000/08/26/www.gamescentral.com/ ---------------------------------------------------------------------------- Questions, contributions, comments or ideas go to: Help Net Security staff staff@net-security.org http://net-security.org