Ntop is a very useful Unix / Windows network sniffing tool that shows the network usage, similar to what the popular top Unix command does for processes. Has an interactive mode and a web mode for greater functionality and options, shows network traffic sorted according to various criteria, displays traffic statistics, shows IP traffic distribution among the various protocols, analyses IP traffic and sorts it according to the source/destination, displays IP Traffic Subnet matrix (who's talking to who?), reports IP protocol usage sorted by protocol type. In Web mode, it acts as a Web server, creating an HTML dump of the network status. Can be used as a a lightweight network IDS.
8eaf1c5baa1736ee4e3e51b9ad8e7646873b516fb60233d92ba8a98c9c9a809aFreeBSD Security Advisory FreeBSD-SA-02:04 - The mutt ports, versions prior to mutt-1.2.25_1 and mutt-devel-1.3.24_2, contain a buffer overflow in the handling of email addresses in headers.
6464640afeffbb8d80576dd583eb27af4174a3e9efeeb58196d1a98b1625fbedScans for rh7 boxes running ssh-2.1.1 that can be exploited using the TESO sshd exploit.
337efffdc164fbd36652c6593639bccf08d6e9a4cece4b53782e75423ac0d2efHosting Controller v1.4.1, an all-in-one administrative hosting tool for Windows, contains multiple vulnerabilities. It allows remote users to read any file on the system and browse non-public directories. Exploit URL's included.
2c63387a7684382d591e3e044e8f1a8a19214823af3c83775b0ffd2fbe8abd58AOLserver v3.4.2 for Windows has a remote vulnerability which allows users to gain read access of known password protected files residing on an AOLserver host.
7fb93b6be8c7f43a99b7ec8616ce778988a9cbbe97e38d11620a6b969a3101dbThe Savant Web Server v3.0 for Windows 95, 98, ME, NT, and 2000 has a remotely exploitable buffer overflow. Fix available at http://savant.sourceforge.net.
225cd09a44933b83edcf3f7b0099bcd1bc96a920de2607ada83c729477a76cbcThis is a Windows(tm) backdoor for ICQ 2001b that was tested on Version 5.18, but I may also work on future versions. This backdoor uses ICQ to indirectly access the internet, so most firewalls can't detect it. It has many features, you can use all of the standard socket functions remotely via this backdoor, you can remotely execute code on the target machine, and two example programs are included. NOTE: To understand this backdoor, you need knowledge of sockets programming and, if you need this feature, you should be familiar with the assembly language. This backdoor isn't thought for script kiddies, but for true programmers to experiment with it. Please do not misuse it! Archive password is set to p4ssw0rd. Use at your own risk.
82cccb2f7f4fb663b8e0a9dbd319347f280c341600dae3fdfde443f629bffea2FreeBSD Security Advisory FreeBSD-SA-02:03 - The mod_auth_pgsql port, versions prior to mod_auth_pgsql-0.9.9, contain a vulnerability that may allow a remote user to cause arbitrary SQL code to be execute. mod_auth_pgsql constructs a SQL statement to be executed by the PostgreSQL server in order to lookup user information. The username given by the remote user is inserted into the SQL statement without any quoting or other safety checks.
5f769d230b41592e415fa574769fd87226cc6e898a2af4b5608b7a041bbdb895FreeBSD Security Advisory FreeBSD-SA-02:02 - When creating, removing, or modifying system users, the pw utility modifies the system password file '/etc/master.passwd'. This file contains the users' encrypted passwords and is normally only readable by root. During the modification, a temporary copy of the file is created. However, this temporary file is mistakenly created with permissions that allow it to be read by any user. A race condition is created.
1bca2b877dbf7bc0f01b60bb2153ba2303a661e6157a04f5d85a15c9e26d28d6NT PHP.exe remote exploit. Allows any file on the webserver to be read.
c70fec2805964960bbe0e6b210553f178550aa358ea04a158de1e717aa0fec37Illusion isn't like every logs cleaner on earth, it's also able to check in syslog.conf for other possible logs, clean the logs of a possible sniffer, search the whole box for logs not linked to syslogd (on/off), and uses a lkm to hide the "syslogd restart".
04da10fdda4a307e11c60ee027d92cf7f62ecbba6b50aa47d0e13ba8f676cd94A small scanner and shell-like interface for the IIS unicode vulnerability (exploits directory traversal to reach cmd.exe).
4860665cc48f26976b79b732fa136524cf9ebb9a045a491dc290fe975295b816The Cisco UBR 900 series routers allow remote users snmp read access with any community string.
9bd0f26ff7a2fc4740da643357c7a9d680e9716d015dce7ba90644ab12c220b7SAStk (Slackware Administrators Security tool kit) aims to provide a set of tools and utilities to install and maintain a reasonable level of security for the Slackware GNU/Linux distribution. At the same time, it should ease administration with a new centralized initialization setup and background information on what each daemon does.
e8d58562c90ddb3a272d51a44618f317594336f14b2e8a320e3adcccf3dab181IP Accounter is an IP accounting package for Linux. It collects, summarizes, and nicely displays IP accounting data. Its output can be a simple ASCII table, or graph images. Ipchains and iptables are supported. Logs are stored in files, gdbm, or even a PostgreSQL database.
9fe874b940303fa7e678dd1ade2cdee3f5d842f99ed8d20bd065c2e97d86f3d1Firewall Builder consists of object-oriented GUI and set of policy compilers for various firewall platforms. In Firewall Builder, firewall policy is a set of rules, each rule consists of abstract objects which represent real network objects and services (hosts, routers, firewalls, networks, protocols). Firewall Builder helps user maintain database of objects and allows policy editing using simple drag-and-drop operations. Firewall Builder can be used to manage firewalls built on variety of platforms including, but not limited to, Linux running iptables and FreeBSD or Solaris running ipfilter.
80b59520a98620ba44421bb9e45a9efd8e1bbdf16a7ccdaf28b0f6caefbf806aDarkstat is an ntop-workalike network statistics gatherer. Built to be faster and smaller than ntop, it uses libpcap to capture network traffic and serves up Web page reports of statistics such as data transferred by host, port, and protocol. It also has a neat bandwidth usage graph.
32e62b45981d2e0e618ad7096e7355385f807499f1b999933ec4d70b33b05a42Syscall Tracker is a powerful tool for Linux 2.2 and 2.4 which allows you to write rules to track system calls. Currently only logging the invocation is supported, but in the future, you will be able to fail the system call (i.e. force it to return some error code), or suspend the process executing it. Allows you find out info that is hard to find, for instance to determine which process touched a certain file.
285a707cd25909f1e0882fb55f785dc10285b821c910327d64feea4091004ac5Knocker is a simple and easy-to-use TCP security port scanner written in C. It is able to analyze hosts and the network services which are running on them. Knocker it is available for Linux and Unix platforms. Both a console version and a GTK+ version are available.
2db8aae36f6a9dcdb90c260df0e113add22932a1bde2bcd311ceafdde4df09cbThe Anomy mail sanitizer is a filter designed to block email-based attacks such as trojans and viruses. It reads an RFC822 or MIME message and removes or renames attachments, truncate unusually long MIME header fields and sanitizes HTML by disabling Javascript and Java. It uses a single-pass pure Perl MIME parser, which can make it both more efficient and more precise than other similar programs and has built-in support for third-party virus scanners.
bf2a5e302454c5dee5adcfb683fdd11d6d40f054cf17d5741ce71fe4d145508aLcrzoex is a toolbox for network administrators and network hackers. Lcrzoex contains over 200 functionalities using network library lcrzo. For example, one can use it to sniff, spoof, create clients/servers, create decode and display packets, etc. The Ethernet, IP, UDP, TCP, ICMP, ARP and RARP protocols are supported. Lcrzoex and lcrzo were successfully installed under Linux, FreeBSD and Solaris. This archive contains Lcrzo and Lcrzoex. Windows binaries available here.
715d178b2057f3d69a78c3fe750e6eaf936143c7fa2965ce00393c50f0dec8ad
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed