| Date: | 3 May 2005 23:00:22 -0000 |
From: | "Peter Laborge" <plaborge@securityfocus.com>
| To: | linux-secnews@securityfocus.com |
Subject: | SecurityFocus Linux Newsletter #234 |
SecurityFocus Linux Newsletter #234
------------------------------------
Need to know what's happening on YOUR network? Symantec DeepSight
Analyzer
is a free service that gives you the ability to track and manage
attacks.
Analyzer automatically correlates attacks from various Firewall and
network
based Intrusion Detection Systems, giving you a comprehensive view of
your
computer or general network. Sign up today!
http://www.securityfocus.com/sponsor/Symantec_sf-news_041130
------------------------------------------------------------------------
I. FRONT AND CENTER
1. Sarbanes Oxley for IT Security?
2. Cleanliness next to Rootliness
II. LINUX VULNERABILITY SUMMARY
1. PHPBB Profile.PHP Cross-Site Scripting Vulnerability
2. PHPBB Viewtopic.PHP Cross-Site Scripting Vulnerability
3. Affix Bluetooth Protocol Stack Signed Buffer Index Vulnerabi...
4. SNMPPD SNMP Proxy Daemon Remote Format String Vulnerability
5. Horde Vacation Remote Cross-Site Scripting Vulnerability
6. Horde MNemo Remote Cross-Site Scripting Vulnerability
7. Horde Nag Remote Cross-Site Scripting Vulnerability
8. Horde Chora Remote Cross-Site Scripting Vulnerability
9. Horde Accounts Module Remote Cross-Site Scripting Vulnerabil...
10. Horde Forward Module Remote Cross-Site Scripting
Vulnerabili...
11. Invision Power Board QPid Parameter SQL Injection
Vulnerabil...
12. TCPDump BGP Decoding Routines Denial Of Service
Vulnerabilit...
13. TCPDump LDP Decoding Routines Denial Of Service
Vulnerabilit...
14. TCPDump RSVP Decoding Routines Denial Of Service
Vulnerabili...
15. TCPDump ISIS Decoding Routines Denial Of Service
Vulnerabili...
16. Rootkit Hunter Local Insecure Temporary File Creation
Vulner...
17. Debian CVS-Repouid Remote Authentication Bypass
Vulnerabilit...
18. Debian CVS-Repouid Denial Of Service Vulnerability
19. BakBone NetVault NVStatsMngr.EXE Local Privilege Escalation
...
20. HP OpenView Radia Management Portal Remote Command
Execution...
21. Notes Module for PHPBB SQL Injection Vulnerability
22. LAM/MPI Runtime For Mandrake Linux Insecure Account
Creation...
23. Squid Proxy Synchronization Remote Cache Poisoning
Vulnerabi...
24. Squid Proxy HTTP Response Splitting Remote Cache Poisoning
V...
25. Linux Kernel Itanium System Call Local Denial Of Service
Vul...
26. RedHat Enterprise Linux Native POSIX Threading Library
Local...
III. LINUX FOCUS LIST SUMMARY
NO NEW POSTS FOR THE WEEK 2005-04-26 to 2005-05-03.
IV. NEW PRODUCTS FOR LINUX PLATFORMS
1. CoreGuard Core Security System
2. EnCase Forensic Edition
3. KeyGhost SX
4. SafeKit
5. Astaro Linux Firewall
6. CAT Cellular Authentication Token and eAuthentication Servic...
V. NEW TOOLS FOR LINUX PLATFORMS
1. Umbrella v0.6
2. Kernel Socks Bouncer 2.6.11
3. NuFW 1.0.0
4. ldaupenum 0.02alpha
5. File System Saint 1.02a
6. Travesty 1.0
VII. SPONSOR INFORMATION
I. FRONT AND CENTER
-------------------
1. Sarbanes Oxley for IT Security?
By Mark Rasch
Sarbanes Oxley seems wholly focused on the accuracy of a company's
financial records and controls around these records, so where does IT
security come into the picture?
http://www.securityfocus.com/columnists/322
2. Cleanliness next to Rootliness
By Daniel Hanson
Linspire's arguments to only run a desktop system as root has
everything to
do with privilege seperation, privilege escalation, and some design
choices
made along the way.
http://www.securityfocus.com/columnists/321
II. LINUX VULNERABILITY SUMMARY
-------------------------------
1. PHPBB Profile.PHP Cross-Site Scripting Vulnerability
BugTraq ID: 13344
Remote: Yes
Date Published: Apr 23 2005
Relevant URL: http://www.securityfocus.com/bid/13344
Summary:
phpBB is prone to a cross-site scripting vulnerability. This issue is
due to a failure in the application to properly sanitize user-supplied
input.
An attacker may leverage this issue to have arbitrary script code
executed in the browser of an unsuspecting user. This may facilitate the
theft of cookie-based authentication credentials as well as other
attacks.
2. PHPBB Viewtopic.PHP Cross-Site Scripting Vulnerability
BugTraq ID: 13345
Remote: Yes
Date Published: Apr 23 2005
Relevant URL: http://www.securityfocus.com/bid/13345
Summary:
phpBB is prone to a cross-site scripting vulnerability. This issue is
due to a failure in the application to properly sanitize user-supplied
input.
An attacker may leverage this issue to have arbitrary script code
executed in the browser of an unsuspecting user. This may facilitate the
theft of cookie-based authentication credentials as well as other
attacks.
3. Affix Bluetooth Protocol Stack Signed Buffer Index Vulnerabi...
BugTraq ID: 13347
Remote: No
Date Published: Apr 25 2005
Relevant URL: http://www.securityfocus.com/bid/13347
Summary:
A local signed buffer index vulnerability affects Affix Bluetooth
Protocol Stack. This issue is due to a failure of the affected utility to
properly handle user-supplied buffer size parameters.
This issue may be leveraged by a local attacker to gain escalated
privileges on an affected computer.
4. SNMPPD SNMP Proxy Daemon Remote Format String Vulnerability
BugTraq ID: 13348
Remote: Yes
Date Published: Apr 25 2005
Relevant URL: http://www.securityfocus.com/bid/13348
Summary:
A remote format string vulnerability affects the SNMPPD SNMP Proxy
Daemon. This issue is due to a failure of the application to properly
sanitize user-supplied input data prior to using it in a formatted-printing
function.
A remote attacker may leverage this issue to execute arbitrary code
within the context of the affected application; this may facilitate
unauthorized access and privilege escalation.
5. Horde Vacation Remote Cross-Site Scripting Vulnerability
BugTraq ID: 13360
Remote: Yes
Date Published: Apr 25 2005
Relevant URL: http://www.securityfocus.com/bid/13360
Summary:
A remote cross-site scripting vulnerability affects Horde Vacation.
This issue is due to a failure of the application to properly sanitize
user-supplied input prior to including it in dynamically generated Web
content.
An attacker may leverage this issue to have arbitrary script code
executed in the browser of an unsuspecting user. This may facilitate the
theft of cookie-based authentication credentials as well as other
attacks.
6. Horde MNemo Remote Cross-Site Scripting Vulnerability
BugTraq ID: 13362
Remote: Yes
Date Published: Apr 25 2005
Relevant URL: http://www.securityfocus.com/bid/13362
Summary:
A remote cross-site scripting vulnerability affects Horde Mnemo. This
issue is due to a failure of the application to properly sanitize
user-supplied input prior to including it in dynamically generated Web
content.
An attacker may leverage this issue to have arbitrary script code
executed in the browser of an unsuspecting user. This may facilitate the
theft of cookie-based authentication credentials as well as other
attacks.
7. Horde Nag Remote Cross-Site Scripting Vulnerability
BugTraq ID: 13363
Remote: Yes
Date Published: Apr 25 2005
Relevant URL: http://www.securityfocus.com/bid/13363
Summary:
A remote cross-site scripting vulnerability affects Horde Nag. This
issue is due to a failure of the application to properly sanitize
user-supplied input prior to including it in dynamically generated Web content.
An attacker may leverage this issue to have arbitrary script code
executed in the browser of an unsuspecting user. This may facilitate the
theft of cookie-based authentication credentials as well as other
attacks.
8. Horde Chora Remote Cross-Site Scripting Vulnerability
BugTraq ID: 13364
Remote: Yes
Date Published: Apr 25 2005
Relevant URL: http://www.securityfocus.com/bid/13364
Summary:
A remote cross-site scripting vulnerability affects Horde Chora. This
issue is due to a failure of the application to properly sanitize
user-supplied input prior to including it in dynamically generated Web
content.
An attacker may leverage this issue to have arbitrary script code
executed in the browser of an unsuspecting user. This may facilitate the
theft of cookie-based authentication credentials as well as other
attacks.
9. Horde Accounts Module Remote Cross-Site Scripting Vulnerabil...
BugTraq ID: 13365
Remote: Yes
Date Published: Apr 25 2005
Relevant URL: http://www.securityfocus.com/bid/13365
Summary:
A remote cross-site scripting vulnerability affects Horde Accounts
Module. This issue is due to a failure of the application to properly
sanitize user-supplied input prior to including it in dynamically generated
Web content.
An attacker may leverage this issue to have arbitrary script code
executed in the browser of an unsuspecting user. This may facilitate the
theft of cookie-based authentication credentials as well as other
attacks.
10. Horde Forward Module Remote Cross-Site Scripting Vulnerabili...
BugTraq ID: 13366
Remote: Yes
Date Published: Apr 25 2005
Relevant URL: http://www.securityfocus.com/bid/13366
Summary:
A remote cross-site scripting vulnerability affects Horde Forward
Module. This issue is due to a failure of the application to properly
sanitize user-supplied input prior to including it in dynamically generated
Web content.
An attacker may leverage this issue to have arbitrary script code
executed in the browser of an unsuspecting user. This may facilitate the
theft of cookie-based authentication credentials as well as other
attacks.
11. Invision Power Board QPid Parameter SQL Injection Vulnerabil...
BugTraq ID: 13375
Remote: Yes
Date Published: Apr 26 2005
Relevant URL: http://www.securityfocus.com/bid/13375
Summary:
Invision Power Board is prone to an SQL injection vulnerability. This
issue is due to a failure in the application to properly sanitize
user-supplied input before using it in an SQL query.
Successful exploitation could result in a compromise of the
application, disclosure or modification of data, or may permit an attacker to
exploit vulnerabilities in the underlying database implementation.
This issue reportedly affects Invision Power Board version 2.0.1; other
versions may also be vulnerable.
12. TCPDump BGP Decoding Routines Denial Of Service Vulnerabilit...
BugTraq ID: 13380
Remote: Yes
Date Published: Apr 26 2005
Relevant URL: http://www.securityfocus.com/bid/13380
Summary:
tcpdump is prone to a vulnerability that may allow a remote attacker to
cause a denial of service condition in the software. The issue occurs
due to the way tcpdump decodes Border Gateway Protocol (BGP) packets.
A remote attacker may cause the software to enter an infinite loop by
sending malformed BGP packets resulting in the software hanging.
tcpdump versions up to and including 3.8.3 are reported prone to this
issue.
13. TCPDump LDP Decoding Routines Denial Of Service Vulnerabilit...
BugTraq ID: 13389
Remote: Yes
Date Published: Apr 26 2005
Relevant URL: http://www.securityfocus.com/bid/13389
Summary:
tcpdump is prone to a vulnerability that may allow a remote attacker to
cause a denial of service condition in the software. The issue occurs
due to the way tcpdump decodes Label Distribution Protocol (LDP)
datagrams. A remote attacker may cause the software to enter an infinite
loop by sending malformed LDP datagrams resulting in the software hanging.
tcpdump versions up to and including 3.8.3 are reported prone to this
issue.
14. TCPDump RSVP Decoding Routines Denial Of Service Vulnerabili...
BugTraq ID: 13390
Remote: Yes
Date Published: Apr 26 2005
Relevant URL: http://www.securityfocus.com/bid/13390
Summary:
tcpdump is prone to a vulnerability that may allow a remote attacker to
cause a denial of service condition in the software. The issue occurs
due to the way tcpdump decodes Resource ReSerVation Protocol (RSVP)
packets. A remote attacker may cause the software to enter an infinite
loop by sending malformed RSVP packets resulting in the software hanging.
tcpdump versions up to and including 3.9.x/CVS are reported prone to
this issue.
15. TCPDump ISIS Decoding Routines Denial Of Service Vulnerabili...
BugTraq ID: 13392
Remote: Yes
Date Published: Apr 26 2005
Relevant URL: http://www.securityfocus.com/bid/13392
Summary:
tcpdump is prone to a vulnerability that may allow a remote attacker to
cause a denial of service condition in the software. The issue occurs
due to the way tcpdump decodes Intermediate System to Intermediate
System (ISIS) packets. A remote attacker may cause the software to enter
an infinite loop by sending malformed ISIS packets resulting in the
software hanging.
tcpdump versions up to and including 3.9.x/CVS are reported prone to
this issue.
16. Rootkit Hunter Local Insecure Temporary File Creation Vulner...
BugTraq ID: 13399
Remote: No
Date Published: Apr 26 2005
Relevant URL: http://www.securityfocus.com/bid/13399
Summary:
A local insecure file creation vulnerability affects Rootkit Hunter.
This issue is due to a design error that causes a file to be insecurely
opened or created and subsequently written to.
An attacker may leverage this issue to corrupt arbitrary files with the
privileges of an unsuspecting user that activates the affected
application.
17. Debian CVS-Repouid Remote Authentication Bypass Vulnerabilit...
BugTraq ID: 13402
Remote: Yes
Date Published: Apr 27 2005
Relevant URL: http://www.securityfocus.com/bid/13402
Summary:
A remote authentication bypass vulnerability affects Debian CVS. This
issue is due to an error with Debian's CVS cvs-repouid patch.
A remote attacker may leverage this issue to bypass CVS authentication
requirements and gain unauthorized access to a vulnerable repository.
18. Debian CVS-Repouid Denial Of Service Vulnerability
BugTraq ID: 13403
Remote: Yes
Date Published: Apr 27 2005
Relevant URL: http://www.securityfocus.com/bid/13403
Summary:
A denial of service vulnerability affects Debian CVS. This issue is
due to an error with Debian's CVS cvs-repouid patch.
A remote attacker may leverage this issue to cause the CVS process to
crash, effectively denying service to legitimate users.
19. BakBone NetVault NVStatsMngr.EXE Local Privilege Escalation ...
BugTraq ID: 13408
Remote: No
Date Published: Apr 27 2005
Relevant URL: http://www.securityfocus.com/bid/13408
Summary:
BakBone NetVault is affected by a local privilege escalation
vulnerability. A local user can manipulate 'nvstatsmngr.exe' to escalate
privileges to that of the LocalSystem account.
An attacker can exploit this vulnerability to gain SYSTEM level
privileges on an affected computer.
20. HP OpenView Radia Management Portal Remote Command Execution...
BugTraq ID: 13414
Remote: Yes
Date Published: Apr 28 2005
Relevant URL: http://www.securityfocus.com/bid/13414
Summary:
A remote command execution vulnerability affects HP OpenView Radia
Management Portal. This issue is due to a failure of the application to
properly secure access to critical functionality.
An unauthenticated, remote attacker may leverage this issue to execute
arbitrary commands on an affected computer with SYSTEM privileges on
the Microsoft Windows platform and elevated privileges on UNIX-based
platforms.
21. Notes Module for PHPBB SQL Injection Vulnerability
BugTraq ID: 13417
Remote: Yes
Date Published: Apr 28 2005
Relevant URL: http://www.securityfocus.com/bid/13417
Summary:
The notes module for phpBB is prone to an SQL injection vulnerability.
This issue is due to a failure in the application to properly sanitize
user-supplied input before using it in an SQL query.
Successful exploitation could result in a compromise of the
application, disclosure or modification of data, or may permit an attacker to
exploit vulnerabilities in the underlying database implementation.
22. LAM/MPI Runtime For Mandrake Linux Insecure Account Creation...
BugTraq ID: 13431
Remote: Yes
Date Published: Apr 28 2005
Relevant URL: http://www.securityfocus.com/bid/13431
Summary:
The LAM/MPI Runtime environment for Mandrake Linux is prone to an
insecure account creation vulnerability. The package creates an account
'mpi' without a corresponding password during installation.
23. Squid Proxy Synchronization Remote Cache Poisoning Vulnerabi...
BugTraq ID: 13434
Remote: Yes
Date Published: Apr 23 2005
Relevant URL: http://www.securityfocus.com/bid/13434
Summary:
A remote cache poisoning vulnerability affects Squid Proxy. This issue
is due to a failure of the affected proxy to consistently interpret
malformed request boundaries.
An attacker may leverage this issue to poison the cache of an affected
Squid Proxy. This may facilitate man-in-the-middle attacks as well as
others.
24. Squid Proxy HTTP Response Splitting Remote Cache Poisoning V...
BugTraq ID: 13435
Remote: Yes
Date Published: Apr 23 2005
Relevant URL: http://www.securityfocus.com/bid/13435
Summary:
A remote cache poisoning vulnerability affects Squid Proxy. This issue
is due to a failure of the affected proxy to handle CR/LF characters in
HTTP requests.
An attacker may leverage this issue to poison the cache of an affected
Squid Proxy. This may facilitate man-in-the-middle attacks as well as
others.
25. Linux Kernel Itanium System Call Local Denial Of Service Vul...
BugTraq ID: 13438
Remote: No
Date Published: Apr 29 2005
Relevant URL: http://www.securityfocus.com/bid/13438
Summary:
A local denial of service vulnerability affects the Linux kernel. This
issue is due to a failure of the affected kernel to handle system calls
with missing arguments.
An attacker can leverage this issue to cause the affected kernel to
crash, denying service to legitimate users.
26. RedHat Enterprise Linux Native POSIX Threading Library Local...
BugTraq ID: 13444
Remote: No
Date Published: Apr 29 2005
Relevant URL: http://www.securityfocus.com/bid/13444
Summary:
A local information disclosure and denial of service vulnerability
affects RedHat Enterprise Linux. This issue is due to a design error caused
by a flawed back port of the Native POSIX Threading Library (NPTL).
An attacker may leverage this issue to gain read and write access to
other users' terminal TTY sessions as well as crash the affected
computer. This issue may facilitate disclosure of information, command
execution with escalated privileges, and denial of service attacks.
III. LINUX FOCUS LIST SUMMARY
-----------------------------
NO NEW POSTS FOR THE WEEK 2005-04-26 to 2005-05-03.
IV. NEW PRODUCTS FOR LINUX PLATFORMS
------------------------------------
1. CoreGuard Core Security System
By: Vormetric
Platforms: AIX, Linux, Solaris, Windows 2000, Windows XP
Relevant URL: http://www.vormetric.com/products/#overview
Summary:
CoreGuard System profile
The CoreGuard System is the industry's first solution that enforces
acceptable use policy for sensitive digital information assets and
protects personal data privacy across an enterprise IT environment.
CoreGuard's innovative architecture and completeness of technology
provide a comprehensive, extensible solution that tightly integrates
all
the elements required to protect information across a widespread,
heterogeneous enterprise network, while enforcing separation of duties
between security and IT administration. At the same time, CoreGuard is
transparent to users, applications and storage infrastructures for ease
of deployment and system management.
CoreGuard enables customers to:
* Protect customer personal data privacy and digital information assets
* Protect data at rest from unauthorized viewing by external attackers
and unauthorized insiders
* Enforce segregation of duties between IT administrators and security
administration
* Ensure host & application integrity * Block malicious code, including
zero-day exploits
2. EnCase Forensic Edition
By: Guidance Software Inc.
Platforms: DOS, FreeBSD, Linux, MacOS, NetBSD, OpenBSD, PalmOS,
Solaris, UNIX, Windows 2000, Windows 95/98, Windows NT, Windows XP
Relevant URL:
http://www.guidancesoftware.com/products/EnCaseForensic/index.shtm
Summary:
EnCase Forensic Edition Version 4 delivers the most advanced features
for computer forensics and investigations. With an intuitive GUI and
superior performance, EnCase Version 4 provides investigators with the
tools to conduct large-scale and complex investigations with accuracy and
efficiency. Guidance Software?s award winning solution yields
completely non-invasive computer forensic investigations while allowing
examiners to easily manage large volumes of computer evidence and view all
relevant files, including "deleted" files, file slack and unallocated
space.
The integrated functionality of EnCase allows the examiner to perform
all functions of the computer forensic investigation process. EnCase's
EnScript, a powerful macro-programming language and API included within
EnCase, allows investigators to build customized and reusable forensic
scripts.
3. KeyGhost SX
By: KeyGhost Ltd
Platforms: BeOS, DOS, Linux, OS/2, Solaris, SunOS, Windows 2000,
Windows 95/98, Windows NT, Windows XP
Relevant URL: http://www.keyghost.com/SX/
Summary:
KeyGhost SX discreetly captures and records all keystrokes typed,
including chat conversations, email, word processor, or even activity within
an accounting or specialist system. It is completely undetectable by
software scanners and provides you with one of the most powerful stealth
surveillance applications offered anywhere.
Because KeyGhost uses STRONG 128-Bit encryption to store the recorded
data in it?s own internal memory (not on the hard drive), it is
impossible for a network intruder to gain access to any sensitive data stored
within the device.
4. SafeKit
By: Evidian Inc.
Platforms: AIX, HP-UX, Linux, Solaris, Windows 2000
Relevant URL: http://www.evidian.com/safekit/index.htm
Summary:
Evidian's SafeKit technology makes it possible to render any
application available 24 hours per day. With no extra hardware: just use your
existing servers and install this software-only solution.
This provides ultimate scalability. As your needs grow, all you need to
do is add more standard servers into the cluster. With the load
balancing features of SafeKit, you can distribute applications over multiple
servers. If one system fails completely, the others will continue to
serve your users.
5. Astaro Linux Firewall
By: Astaro
Platforms: Linux
Relevant URL: http://www.astaro.com/php/statics.php?action=asl&lang=gb
Summary:
Astaro Linux Firewall: All-in-one firewall, virus protection, content
filtering and spam protection internet security software package for
Linux.
Free download for home users.
6. CAT Cellular Authentication Token and eAuthentication Servic...
By: Mega AS Consulting Ltd
Platforms: Java, Linux, OpenBSD, Os Independent, SecureBSD, Solaris,
UNIX, Windows 2000, Windows NT
Relevant URL: http://www.megaas.co.nz
Summary:
Low cost, easy to use Two Factor Authentication One Time Password token
using the Cellular. Does not use SMS or communication, manages multiple
OTP accounts - new technology. For any business that want a safer
access to its Internet Services. More information at our site.
We also provide eAuthentication service for businesses that will not
buy an Authentication product but would prefer to pay a monthly charge
for authentication services from our our CAT Server.
V. NEW TOOLS FOR LINUX PLATFORMS
--------------------------------
1. Umbrella v0.6
By: Umbrella
Relevant URL: http://umbrella.sourceforge.net/
Platforms: Linux
Summary:
Umbrella is a security mechanism that implements a combination of
Process-Based Access Control (PBAC) and authentication of binaries through
Digital Signed Binaries (DSB). The scheme is designed for Linux-based
consumer electronic devices ranging from mobile phones to settop boxes.
Umbrella is implemented on top of the Linux Security Modules (LSM)
framework. The PBAC scheme is enforced by a set of restrictions on each
process.
2. Kernel Socks Bouncer 2.6.11
By: Paolo Ardoino
Relevant URL: http://ksb.sourceforge.net/
Platforms: Linux
Summary:
Kernel Socks Bouncer is a Linux Kernel 2.6.x patch that redirects tcp
connections [SSH, telnet, browsers...] to follow through socks5. KSB26
uses a character device to pass socks5 and target ips to the Linux
Kernel.
3. NuFW 1.0.0
By: INL
Relevant URL: http://www.nufw.org
Platforms: Linux
Summary:
NuFW performs an authentication of every single connections passing
through the IP filter, by transparently requesting user's credentials
before any filtering decision is taken. Practically, this brings the notion
of user ID down to the IP layers.
4. ldaupenum 0.02alpha
By: Roni Bachar & Sol Zehnwirth
Relevant URL: https://sourceforge.net/projects/ldapenum
Platforms: Linux, Perl (any system supporting perl), Windows 2000,
Windows 95/98, Windows NT, Windows XP
Summary:
ldapenum is a perl script designed to enumerate system and password
information from domain controllers using the LDAP service when IPC$ is
locked. The script has been tested on windows and linux.
5. File System Saint 1.02a
By: Joshua Fritsch
Relevant URL: http://www.unixgeeks.org/saint
Platforms: Linux, UNIX
Summary:
A fast, flexible, lightweight perl-based host IDS.
6. Travesty 1.0
By: Robert Wesley McGrew
Relevant URL: http://cse.msstate.edu/~rwm8/travesty/
Platforms: Linux
Summary:
Travesty is an interactive program for managing the hardware addresses
(MAC) of ethernet devices on your computer. It supports manually
changing the MAC, generating random addresses, and applying different vendor
prefixes to the current address.
It also allows the user to import their own lists of hardware
addresses and descriptions that can be navigated from within the Travesty
interface. Travesty is written in Python, and is very simple to add
functionality to, or modify.
VII. SPONSOR INFORMATION
-----------------------
Need to know what's happening on YOUR network? Symantec DeepSight
Analyzer
is a free service that gives you the ability to track and manage
attacks.
Analyzer automatically correlates attacks from various Firewall and
network
based Intrusion Detection Systems, giving you a comprehensive view of
your
computer or general network. Sign up today!
http://www.securityfocus.com/sponsor/Symantec_sf-news_041130
------------------------------------------------------------------------