AIDE (Advanced Intrusion Detection Environment) is a free replacement for Tripwire(tm). It generates a database that can be used to check the integrity of files on server. It uses regular expressions for determening which files get added to the database. You can use several message digest algorithms to ensure that the files have not been tampered with.
610841fb570d981144819861826946c135519cacd58d9a663cca8b9cccf9b0d9
ipac is an IP accounting package for Linux which collects, summarizes, and nicely displays IP accounting data. The output of ipac can be a simple ASCII table, an ASCII graph, or even images with graphs showing traffic progression. ipac can be used for IP traffic analysis and for accounting purposes.
576b12c6f67175435fa099d65afe7de4e6fec5f681f26b6f35e4d8f136ce10cc
Heimlich, Proof-of-concept tool for Win98 (47kB), can be used in regards to the eToken vulnerability.
e5390c8b75806baaa27c74a678646870c5365f289d405ed1d4af243d35942274
l0pht Security Advisory - eToken Private Information Extraction and Physical Attack. Aladdin Knowledge Systems' (http://www.ealaddin.com) eToken is a portable USB (Universal Serial Bus) authentication device providing complete access control for digital assets. eToken stores private keys, passwords or electronic certificates in a hardware token the size of a house key. The eToken makes use of two-factor authentication. Using the legitimate user's PIN number ("what you know") and the physical USB key ("what you have"), access to the public and private data within the key will be granted.
5e11a6c4d048dd58ac24b30009579e749a7e507f27f37ea2471b6b99db381e0e
l0pht Security Advisory - NetStructure 7180 remote backdoor vulnerability. The NetStructure 7180 can be compromised via the admin console even after the admin password has been changed. Root access can be obtained via the Internet when used in a poorly configured or default configuration. Additionally, web based management authentication is done in the clear.
4854fb06112b66ca72941157560b7a842a404d0f516aea9f03dae226f42d97c8
l0pht Security Advisory - NetStructure 7110 console backdoor. The NetStructure 7110 can be compromised via the admin console even after the admin password has been changed. An undocumented command list exists known as 'wizard' mode. Through this mode there is a password that overides the admin password and allows full access to the internal components of the NetStructure 7110. This password can be used from within the admin command line interface or to overide the admin password at an initial login prompt.
4ead9479ca81ffd872a5fc81c32f7f1d4fdb5da8fd4ac54122f3ad5287bd75f0
IPTraf 2.2.0 is an ncurses-based IP LAN monitor that generates various network statistics including TCP info, UDP counts, ICMP and OSPF information, Ethernet load info, node stats, IP checksum errors, and others.
33b09d3346d8722349d688f9e2bfea03ca319a6b4f50b2b8c0d4be2831a9f103
This is a Linux/portable port of OpenBSD's excellent OpenSSH. OpenSSH is based on the last free version of Tatu Ylonen's SSH with all patent-encumbered algorithms removed, all known security bugs fixed, new features reintroduced, and many other clean-ups.
91856ef8182acf1a2607e9b9c146f96c7424cb3be779666665e028891b01ce10
Major security issue with networksolutions.com(easysteps.pl). This is being distributed amongst the irc.
5bb0b27956ea17dfff4e3397488439c628f1b4637003f3b6a938c243e772152c
-(- Neon beta4 -)- Simple Host or Iplist Cgi Scanner ( 356 ) Checks
86681f46a5aad3c105b7e34f6aa49625105ec65e6f590da99bbab08a785ed388
Palmpower PilotDis is a disasssembler for palm binaries.
7982c63360fc750b72c1625a12103651fe362272e452d74b3001c6559cedaa52
Exploit/DoS for OmniHTTPd pro v.2.06 Win98 (NT not tested). The result is crash of remote server.
2ea397fa4d6ffdc85217872360f6e43ddc49e9256b4f705751e1ef43b7bc9c7c
FreeBSD Security Advisory - gnapster(version 1.3.8 and earlier), from the ports collection, contains a vulnerability which allows remote gnapster users to view any file on the local system which is accessible to the user running gnapster. Gnapster does not run with elevated privileges, so it is only the user's regular filesystem access permissions which are involved.
69ed9dcc7886fb5f9adf2ddd1350e1cdaf8a2578ede67d938abc17aa8862e07d
FreeBSD Security Advisory - A buffer overflow in libmytinfo may yield increased privileges with third-party software.
3832d40e3327ea7eda4ec16114bfa1c90b83b9fb81c6bee6cd7d2d88ea06a650
FreeBSD Security Advisory - golddig, from the ports collection, erroneously installs a level-creation utility setuid root, which allows users to overwrite the contents of arbitrary local files. It is not believed that any elevation of privileges is possible with this vulnerability because the contents of the file are a textual representation of a golddig game level which is highly constrained.
e35c5a7e1a7a8214224d477eab6c49b55489f2f6cad625ca22ab7a29910327d8
Chameleon is a new experimental file encryption tool using a password-generated, plaintext-feedbacked 2048 bit key, feedbacked xor-chains, and a dummy-header system. It is designed to give the encrypted files a better security against brute-force and known-plaintext attacks.
51a3fc06d5c96306f455177417d10383b1956febb0008818b3b5eba92b661054
Fwctl is a program that intends to make it easier to configure a tight firewall. It provides a configuration syntax that is easier to use and more expressive than the low-level primitives offered by ipchains. It supports multiple interfaces, masquerading and packet accounting. Fwctl doesn't replace a good security engineer, but it can make the job of the security engineer simpler.
15e7941cc0079a3d6717b6002923a1c87cfed3b56beb8752535c6023e9d06e8a
Possible source to the Love Letter virus. Originally submitted to Packet Storm as Win32DLL.txt. Submitted by Ingenius N.N. who warns "Do not rename Win32DLL.txt with .vbs extention".
4ae4b7187960ee682b407a426778c63f0296772866564c5fe3472dd9db6982b2
The top 10 vulnerabilities represent the most commonly found and exploited high-risk vulnerabilities on the Internet. This list is derived from various trusted sources including ISS X-Force analysis, customer input, ISS Professional Services, and security partners. The top 10 list is maintained by ISS X-Force and distributed quarterly with the ISS Alert Summary.
b59317a46aa265aa95d222a66676bc3b18cb46a84911dc76c951b58d3d4f5a9e
Ethereal is a GTK+-based network protocol analyzer, or sniffer, that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and to give Ethereal features that are missing from closed-source sniffers.
0d54fdae0e23e7284e42e2cb096fad95888eba55e843f4597b52b83c4ed856e2
IRC plugin for BO2K v1.0. It is an IRC client, Channel Bot style. Is fully customizable and once logged into an IRC server, it is remotely administrable through the IRC /msg or /query commands. The bot will rejoin any channel where get kicked, reconnect on disconnect, generate random nicks on raw 432 or 433, can delete, list, copy, spawn files on remote machine through irc... Archive password is set to p4ssw0rd. Use at your own risk.
8105da12312c875dc119733fb95285ae00e609c51d3801e702bd58bb65a57da4
Jport is a simple Java portscanner. Source and binary included. Works best under linux, uses 150 threads. The New version has more features than ever including Port Identifications and New Threading System Increases Speed.
e9b358fa969b04de8f60451731c2236d117a412656235d7b93a8a5e56aab9343
Nmap 2.53 - Nmap v2.53 is a utility for network exploration or security auditing. It supports ping scanning (determine which hosts are up), many port scanning techniques (determine what services the hosts are offering), and TCP/IP fingerprinting (remote host operating system identification). Nmap also offers flexible target and port specification, decoy scanning, determination of TCP sequence predictability characteristics, sunRPC scanning, reverse-identd scanning, and more.
1db6e7179a28b1dc0dc8184a1ae2c924efce5979f031c4675f47e414345858e4
A paper written to describe and give a brief overview of events on the whole www.apache.org hack.
035a9e7bb77445aa8367ab496c49b9d7c99748af5fdd6aafe0dc6768bc2f8339
The Linux Intrusion Detection System is a patch which enhances the kernel's security. When it's in effect, many system administration operations can be made impossible even for root. You can turn the security protection on or off online and you can hide sensitive processes and prevent anyone from using ptrace or any other capability on your system. LIDS can also provide raw device and I/O access protection.
5138ae2fea9b31117aad8d714e5c613440480d2f78abba70dcdfa59e3b3ea5b8