Nessus is a free, up-to-date, and full featured remote security scanner for Linux, BSD, Solaris and some other systems. It is multithreaded, plugin-based, has a nice GTK interface, and currently performs over 340 remote security checks. It has powerful reporting capabilities (HTML, LaTeX, ASCII text) and not only points out problems, but suggests a solution for each of them.
e55eded8fa809f940510764078fa3d13dfd291cdce1be9db7d27bccbed82b300
Snoopy v1.00 is designed to log all commands executed by providing a transparent wrapper around calls to execve() via LD_PRELOAD. Logging is done via syslogd and written to authpriv, allowing secure offsite logging of activity.
1172a939c24a3fd25efe328fb438490399b82dcaeb8acc83549b5aef9fd98d10
Patch advisory for Sun Microsystems. Please read for details.
bda53867e4a90fc16d63f77960201c45c0567df589176ca381c7878e3314f194
Ethereal is a GTK+-based network protocol analyzer, or sniffer, that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and to give Ethereal features that are missing from closed-source sniffers.
8f6512204d48376024d324a630d31f035d59947ddc9795979738290d365c1dcf
ISS Security Alert Summary August 1, 2000 - 37 new vulnerabilities were reported last month. This document has links to more information and full advisories on each. Includes: analogx-proxy-ftp-crash, analogx-proxy-pop3-crash, analogx-proxy-socks4-crash, roxen-null-char-url, wftpd-stat-info, bair-security-removal, roxen-admin-pw-readable, wftpd-stat-dos, wftpd-rest-dos, wftpd-mlst-dos, outlook-express-mail-browser-link, winamp-playlist-parser-bo, outlook-date-overflow, tomcat-error-path-reveal, tomcat-snoop-info, website-webfind-bo, alibaba-cgi-script-directory-listing, alibaba-get-dos, website-httpd32-bo, alibaba-script-file-overwrite, zeroport-weak-encryption, linux-usermode-dos, blackboard-courseinfo-dbase-modification, lsoft-listserv-querystring-bo, linux-nfsutils-remote-root, iis-absent-directory-dos, blackboard-courseinfo-plaintext, cvsweb-shell-access, webactive-long-get-dos, worldclient-dir-traverse, http-cgi-bigbrother-bbhostsvc, apache-source-asp-file-write, netware-port40193-dos, netscape-admin-server-password-disclosure, cisco-pix-firewall-tcp, mssql-manager-password, and minivend-viewpage-sample.
608bac3811e7784a7d30e0063ead0d9b6ab115e59950211ddd511b3ca2d93e8d
MindTerm is a complete GPL'd ssh-client in pure java which can be used either as a standalone java-application or as a java-applet. Includes a vt102/xterm-terminal with the ssh protocol and also "drop-in" socket replacements to use ssh tunnels transparently from a java application/applet.
ec96c48385cd58025243e1c2925497216c44b890432e4900de31255d59b293e3
Guardent Security Advisory - Microsoft Windows 2000 Service Control Manager Named Pipe Impersonation vulnerability. A problem in the way Windows 2000 handles named pipes allows any non-privileged user to elevate his or her current security context to that of an arbitrary service (started by the service control manager). This bug prompted Microsoft to issue ms00-053.
4ac72630f7e2cc4adfcedb4515cf0e2c16bfb767898a36445cdffb854597463d