| Date: | 5 Oct 2004 17:31:42 -0000 |
From: | "Peter Laborge" <plaborge@securityfocus.com>
| To: | linux-secnews@securityfocus.com |
Subject: | SecurityFocus Linux Newsletter #204 |
SecurityFocus Linux Newsletter #204
------------------------------------
This Issue is Sponsored By: SecurityFocus
Stay up to date. All the latest news, columns, jobs and more in a
convenient html newsletter - Even a glimpse of upcoming columns and
feature
articles! Sign up today!
http://www.securityfocus.com/htmlnewsletter/subscribe
------------------------------------------------------------------------
I. FRONT AND CENTER
1. Lessons Learned from Virus Infections
2. Strike One!
II. LINUX VULNERABILITY SUMMARY
1. Multiple Vendor TCP Packet Fragmentation Handling Denial Of ...
2. MySQL Bounded Parameter Statement Execution Remote Buffer Ov...
3. Debian GNU/Linux Sendmail Package Default SASL Password Vuln...
4. IBM CTSTRTCASD Utility Local File Corruption Vulnerability
5. Illustrate dBpowerAMP Music Converter and Audio Player Buffe...
6. XMLStarlet Command Line XML Toolkit Multiple Unspecified Buf...
7. Icecast Server HTTP Header Buffer Overflow Vulnerability
8. ParaChat Directory Traversal Vulnerability
9. Freenet6 Client Default Installation Configuration File Perm...
10. Samba Remote Arbitrary File Access Vulnerability
11. GNU GetText Unspecified Insecure Temporary File Creation
Vul...
12. W-Agora Multiple Remote Input Validation Vulnerabilities
13. GhostScript Unspecified Insecure Temporary File Creation
Vul...
14. GNU GLibC Unspecified Insecure Temporary File Creation
Vulne...
15. GNU Troff (Groff) Unspecified Insecure Temporary File
Creati...
16. GNU GZip Unspecified Insecure Temporary File Creation
Vulner...
17. MIT Kerberos 5 Unspecified Insecure Temporary File Creation
...
18. Trustix LVM Utilities Unspecified Insecure Temporary File
Cr...
19. MySQL Unspecified Insecure Temporary File Creation
Vulnerabi...
20. NetaTalk Unspecified Insecure Temporary File Creation
Vulner...
21. OpenSSL Unspecified Insecure Temporary File Creation
Vulnera...
22. Perl Unspecified Insecure Temporary File Creation
Vulnerabil...
23. PostgreSQL Unspecified Insecure Temporary File Creation
Vuln...
24. GNU Sharutils Multiple Buffer Overflow Vulnerabilities
25. Proxytunnel Local Proxy Credential Disclosure Vulnerability
26. Kerio MailServer Unspecified Vulnerability
27. RealNetworks RealOne Player And RealPlayer Unspecified Web
P...
28. RealNetworks RealOne Player And RealPlayer Unspecified File
...
29. RealNetworks RealOne Player And RealPlayer PNen3260.DLL
Remo...
III. LINUX FOCUS LIST SUMMARY
1. iptables & tcp wrappers (Thread)
IV. NEW PRODUCTS FOR LINUX PLATFORMS
1. Cyber-Ark Inter-Business Vault
2. EnCase Forensic Edition
3. KeyGhost SX
4. SafeKit
5. Astaro Linux Firewall
6. CAT Cellular Authentication Token and eAuthentication Servic...
V. NEW TOOLS FOR LINUX PLATFORMS
1. PIKT - Problem Informant/Killer Tool v1.17.0
2. ID-Synch 3.1
3. Nmap v3.70
4. THC-Hydra v4.3
5. Pads 1.1
6. cenfw 0.3b
VII. SPONSOR INFORMATION
I. FRONT AND CENTER
-------------------
1. Lessons Learned from Virus Infections
By Jason Gordon
This article discusses how a virus outbreak will produce a few unique
opportunities to examine the health of an organization's network -- and
learn ways to further harden the network from future automated attacks.
http://www.securityfocus.com/infocus/1804
2. Strike One!
By Mark Rasch
A New York judge did the right thing last week when he threw out a
USA-PATRIOT Act provision that forced ISPs to secretly cooperate with
the
FBI, and gave them no obvious avenue for appeal.
http://www.securityfocus.com/columnists/270
II. LINUX VULNERABILITY SUMMARY
-------------------------------
1. Multiple Vendor TCP Packet Fragmentation Handling Denial Of ...
BugTraq ID: 11258
Remote: Yes
Date Published: Sep 27 2004
Relevant URL: http://www.securityfocus.com/bid/11258
Summary:
Multiple vendor implementations of the TCP stack are reported prone to
a remote denial of service vulnerability.
The issue is reported to present itself due to inefficiencies present
when handling fragmented TCP packets.
The discoverer of this issue has dubbed the attack style the "New Dawn
attack", it is a variation of a previously reported attack that was
named the "Rose Attack".
This vulnerability may aid a remote attacker in impacting resources on
an affected computer. Specifically, a remote attacker may exploit this
vulnerability to deny service to a vulnerable computer.
Microsoft Windows 2000/XP, Linux kernel 2.4 tree and undisclosed Cisco
systems are reported prone to this vulnerability other products may
also be affected.
2. MySQL Bounded Parameter Statement Execution Remote Buffer Ov...
BugTraq ID: 11261
Remote: Yes
Date Published: Sep 27 2004
Relevant URL: http://www.securityfocus.com/bid/11261
Summary:
It is reported that MySQL is susceptible to a buffer overflow
vulnerability. This issue is due to a failure of the application to properly
ensure the size of a buffer is sufficient to handle user-supplied input
data before performing operations that may overflow into adjacent memory
regions.
This vulnerability reportedly allows for remote attackers to crash
affected servers. It is unconfirmed, but there may be a possibility of
remote code execution in the context of the affected server. It would
likely require a complex exploit, in order to take advantage of overwriting
memory contents with NULL bytes. Attackers may be able to take
advantage of the structured, predictable nature of the memory operations in
order to control the flow of execution of the application.
MySQL versions 4.1.3-beta and 4.1.4 are reported vulnerable, but other
versions are also likely affected.
3. Debian GNU/Linux Sendmail Package Default SASL Password Vuln...
BugTraq ID: 11262
Remote: Yes
Date Published: Sep 27 2004
Relevant URL: http://www.securityfocus.com/bid/11262
Summary:
It is reported that the Sendmail package contained in the Debian
GNU/Linux operating system is prone to a default password vulnerability,
potentially allowing unauthorized use of the Sendmail MTA. This would
likely facilitate UCE (Unsolicited Commercial Email, or SPAM) message
relaying through affected installations.
Versions of the Debian Sendmail packages prior to 8.12.3-7.1 for Debian
stable (woody), and versions prior to 8.13.1-13 for Debian unstable
(sid) are reported vulnerable.
4. IBM CTSTRTCASD Utility Local File Corruption Vulnerability
BugTraq ID: 11264
Remote: No
Date Published: Sep 27 2004
Relevant URL: http://www.securityfocus.com/bid/11264
Summary:
It is reported that IBMs 'ctstrtcasd' utility is susceptible to a local
file corruption vulnerability. This issue is due to a failure of the
application to properly validate the permissions of the invoking user
before overwriting a file specified by the user. This utility is setuid to
the superuser, allowing for the overwriting of any file on affected
computers, or the creation of files in any location.
As this vulnerability allows attackers to overwrite arbitrary files
with superuser privileges, attackers have the ability to destroy data, or
cause the computer to fail in such a manner that it will have to be
reinstalled from backups. This will deny service to legitimate users.
RSCT versions 2.3.0.0 and higher running on AIX 5.2 and 5.3 on pSeries,
AIX on i5/OS (iSeries), Linux (pSeries, xSeries, zSeries), and
pSeries/iSeries Hardware Management Console are reported vulnerable.
5. Illustrate dBpowerAMP Music Converter and Audio Player Buffe...
BugTraq ID: 11266
Remote: Yes
Date Published: Sep 28 2004
Relevant URL: http://www.securityfocus.com/bid/11266
Summary:
dBpowerAMP Music Converter and Audio Player reported prone to remote
buffer overflow vulnerabilities when processing malformed audio and
playlist files. This issues exists due to insufficient boundary checks
performed by the applications and may allow an attacker to gain unauthorized
access to a vulnerable computer.
Reportedly, these issues affect dBPowerAmp Music Converter 10.0 and
Audio Player 2.0. Other versions may be vulnerable as well.
6. XMLStarlet Command Line XML Toolkit Multiple Unspecified Buf...
BugTraq ID: 11270
Remote: Yes
Date Published: Sep 28 2004
Relevant URL: http://www.securityfocus.com/bid/11270
Summary:
XMLStarlet command line XML toolkit is affected by multiple unspecified
buffer overflow vulnerabilities. These issues are caused by a failure
of the application to validate the lengths of user-supplied strings
prior to copying them into finite process buffers.
An attacker may leverage this issue to manipulate process memory,
potentially facilitating arbitrary code execution.
7. Icecast Server HTTP Header Buffer Overflow Vulnerability
BugTraq ID: 11271
Remote: Yes
Date Published: Sep 28 2004
Relevant URL: http://www.securityfocus.com/bid/11271
Summary:
It is reported that the Icecast server is susceptible to a buffer
overflow vulnerability. This issue is due to a failure of the application to
properly enforce boundary conditions when dealing with user-supplied
input data.
This vulnerability allows for remote code execution in the context of
the Icecast server.
It is reported that this vulnerability is only exploitable to execute
remote code on Microsoft Windows platforms. This buffer overflow affects
all platforms, however it is only exploitable if a sensitive address is
located adjacent to the affected buffer. On other platforms, denial of
service or code execution may be possible, but this has not been
confirmed.
Verions 2.x up to 2.0.1 are reported vulnerable to this issue.
8. ParaChat Directory Traversal Vulnerability
BugTraq ID: 11272
Remote: Yes
Date Published: Sep 28 2004
Relevant URL: http://www.securityfocus.com/bid/11272
Summary:
It is reported that ParaChat is susceptible to a directory traversal
vulnerability. This issue is due to a failure of the application to
properly sanitize user-supplied input data.
This vulnerability allows remote attackers to retrieve the contents of
arbitrary, potentially sensitive files located on the serving computer
with the credentials of the ParaChat server process.
Version 5.5 is reported susceptible to this vulnerability. Other
versions may also be affected.
9. Freenet6 Client Default Installation Configuration File Perm...
BugTraq ID: 11280
Remote: No
Date Published: Sep 30 2004
Relevant URL: http://www.securityfocus.com/bid/11280
Summary:
Freenet6 is affected by a default install configuration file permission
vulnerability. This issue is due to a default configuration error..
An attacker may leverage this issue to steal authentication information
from the configuration file that is by default set as world readable.
10. Samba Remote Arbitrary File Access Vulnerability
BugTraq ID: 11281
Remote: Yes
Date Published: Sep 30 2004
Relevant URL: http://www.securityfocus.com/bid/11281
Summary:
Samba is affected by a remote arbitrary file access vulnerability.
This issue is due to a failure of the application to properly validate
user-supplied file names.
An attacker may leverage this issue to gain access to files outside of
a Samba share's path on a vulnerable computer. Information gained in
this way may reveal sensitive information aiding in further attacker
against the computer.
11. GNU GetText Unspecified Insecure Temporary File Creation Vul...
BugTraq ID: 11282
Remote: No
Date Published: Sep 30 2004
Relevant URL: http://www.securityfocus.com/bid/11282
Summary:
GNU gettext is affected by an unspecified insecure temporary file
creation vulnerability. This issue is likely due to a design error that
causes the application to fail to verify the existance of a file before
writing to it.
An attacker may leverage this issue to overwrite arbitrary files with
the privileges of an unsuspecting user that activates the vulnerable
application. Reportedly this issue is unlikely to facilitate privilege
escalation.
12. W-Agora Multiple Remote Input Validation Vulnerabilities
BugTraq ID: 11283
Remote: Yes
Date Published: Sep 30 2004
Relevant URL: http://www.securityfocus.com/bid/11283
Summary:
Multiple vulnerabilities are reported to affect the application. These
issues arise due to insufficient sanitization of user-supplied data. A
remote attacker may leverage these vulnerabilities to carry out SQL
injection, cross-site scripting, and HTTP response splitting attacks.
These issues were identified in W-Agora 4.1.6a, however, it is possible
that other versions are also affected.
13. GhostScript Unspecified Insecure Temporary File Creation Vul...
BugTraq ID: 11285
Remote: No
Date Published: Sep 30 2004
Relevant URL: http://www.securityfocus.com/bid/11285
Summary:
Ghostscript is affected by an unspecified insecure temporary file
creation vulnerability. This issue is likely due to a design error that
causes the application to fail to verify the existence of a file before
writing to it.
An attacker may leverage this issue to overwrite arbitrary files with
the privileges of an unsuspecting user that activates the vulnerable
application. Reportedly this issue is unlikely to facilitate privilege
escalation.
14. GNU GLibC Unspecified Insecure Temporary File Creation Vulne...
BugTraq ID: 11286
Remote: No
Date Published: Sep 30 2004
Relevant URL: http://www.securityfocus.com/bid/11286
Summary:
GNU glibc is affected by an unspecified insecure temporary file
creation vulnerability. This issue is likely due to a design error that
causes the application to fail to verify the existence of a file before
writing to it.
An attacker may leverage this issue to overwrite arbitrary files with
the privileges of an unsuspecting user that activates the vulnerable
application. Reportedly this issue is unlikely to facilitate privilege
escalation.
15. GNU Troff (Groff) Unspecified Insecure Temporary File Creati...
BugTraq ID: 11287
Remote: No
Date Published: Sep 30 2004
Relevant URL: http://www.securityfocus.com/bid/11287
Summary:
GNU Troff (groff) is affected by an unspecified insecure temporary file
creation vulnerability. This issue is likely due to a design error
that causes the application to fail to verify the existance of a file
before writing to it.
An attacker may leverage this issue to overwrite arbitrary files with
the privileges of an unsuspecting user that activates the vulnerable
application. Reportedly this issue is unlikely to facilitate privilege
escalation.
16. GNU GZip Unspecified Insecure Temporary File Creation Vulner...
BugTraq ID: 11288
Remote: No
Date Published: Sep 30 2004
Relevant URL: http://www.securityfocus.com/bid/11288
Summary:
GNU gzip is affected by an unspecified insecure temporary file creation
vulnerability. This issue is likely due to a design error that causes
the application to fail to verify the existence of a file before
writing to it.
An attacker may leverage this issue to overwrite arbitrary files with
the privileges of an unsuspecting user that activates the vulnerable
application. Reportedly this issue is unlikely to facilitate privilege
escalation.
17. MIT Kerberos 5 Unspecified Insecure Temporary File Creation ...
BugTraq ID: 11289
Remote: No
Date Published: Sep 30 2004
Relevant URL: http://www.securityfocus.com/bid/11289
Summary:
MIT Kerberos 5 is affected by an unspecified insecure temporary file
creation vulnerability. This issue is likely due to a design error that
causes the application to fail to verify the existence of a file before
writing to it.
An attacker may leverage this issue to overwrite arbitrary files with
the privileges of an unsuspecting user that activates the vulnerable
application. Reportedly this issue is unlikely to facilitate privilege
escalation.
18. Trustix LVM Utilities Unspecified Insecure Temporary File Cr...
BugTraq ID: 11290
Remote: No
Date Published: Sep 30 2004
Relevant URL: http://www.securityfocus.com/bid/11290
Summary:
Trustix LVM Utilities are affected by an unspecified insecure temporary
file creation vulnerability. This issue is likely due to a design
error that causes the application to fail to verify a files existence
before writing to it.
An attacker may leverage this issue to overwrite arbitrary files with
the privileges of an unsuspecting user that activates the vulnerable
application. Reportedly this issue is unlikely to facilitate privilege
escalation.
19. MySQL Unspecified Insecure Temporary File Creation Vulnerabi...
BugTraq ID: 11291
Remote: No
Date Published: Sep 30 2004
Relevant URL: http://www.securityfocus.com/bid/11291
Summary:
MySQL is affected by an unspecified insecure temporary file creation
vulnerability. This issue is likely due to a design error that causes
the application to fail to verify the existance of a file before writing
to it.
An attacker may leverage this issue to overwrite arbitrary files with
the privileges of an unsuspecting user that activates the vulnerable
application. Reportedly this issue is unlikely to facilitate privilege
escalation.
20. NetaTalk Unspecified Insecure Temporary File Creation Vulner...
BugTraq ID: 11292
Remote: No
Date Published: Sep 30 2004
Relevant URL: http://www.securityfocus.com/bid/11292
Summary:
Netatalk is affected by an unspecified insecure temporary file creation
vulnerability. This issue is likely due to a design error that causes
the application to fail to verify the existance of a file before
writing to it.
An attacker may leverage this issue to overwrite arbitrary files with
the privileges of an unsuspecting user that activates the vulnerable
application. Reportedly this issue is unlikely to facilitate privilege
escalation.
21. OpenSSL Unspecified Insecure Temporary File Creation Vulnera...
BugTraq ID: 11293
Remote: No
Date Published: Sep 30 2004
Relevant URL: http://www.securityfocus.com/bid/11293
Summary:
OpenSSL is affected by an unspecified insecure temporary file creation
vulnerability. This issue is likely due to a design error that causes
the application to fail to verify the existance of a file before
writing to it.
An attacker may leverage this issue to overwrite arbitrary files with
the privileges of an unsuspecting user that activates the vulnerable
application. Reportedly this issue is unlikely to facilitate privilege
escalation.
22. Perl Unspecified Insecure Temporary File Creation Vulnerabil...
BugTraq ID: 11294
Remote: No
Date Published: Sep 30 2004
Relevant URL: http://www.securityfocus.com/bid/11294
Summary:
Perl is affected by an unspecified insecure temporary file creation
vulnerability. This issue is likely due to a design error that causes the
application to fail to verify the existance of a file before writing to
it.
An attacker may leverage this issue to overwrite arbitrary files with
the privileges of an unsuspecting user that activates the vulnerable
application. Reportedly this issue is unlikely to facilitate privilege
escalation.
23. PostgreSQL Unspecified Insecure Temporary File Creation Vuln...
BugTraq ID: 11295
Remote: No
Date Published: Sep 30 2004
Relevant URL: http://www.securityfocus.com/bid/11295
Summary:
PostgreSQL is affected by an unspecified insecure temporary file
creation vulnerability. This issue is likely due to a design error that
causes the application to fail to verify the existance of a file before
writing to it.
An attacker may leverage this issue to overwrite arbitrary files with
the privileges of an unsuspecting user that activates the vulnerable
application. Reportedly this issue is unlikely to facilitate privilege
escalation.
24. GNU Sharutils Multiple Buffer Overflow Vulnerabilities
BugTraq ID: 11298
Remote: Yes
Date Published: Oct 01 2004
Relevant URL: http://www.securityfocus.com/bid/11298
Summary:
GNU Sharutils are affected by multiple buffer overflow vulnerabilities.
These issues are due to a failure of the affected application to verify
the length of user-supplied strings prior to copying them into finite
process buffers.
Successful exploitation would immediately produce a denial of service
condition in the affected process. This issue may also be leveraged to
execute code on the affected system with the privileges of the user that
invoked the vulnerable application.
25. Proxytunnel Local Proxy Credential Disclosure Vulnerability
BugTraq ID: 11299
Remote: No
Date Published: Oct 01 2004
Relevant URL: http://www.securityfocus.com/bid/11299
Summary:
A vulnerability exists in proxytunnel that has the potential to expose
proxy credentials to other local users. Reportedly proxyuser/proxypass
data is not passed to the program in a secure manner, potentially
exposing this data to other users on the computer.
26. Kerio MailServer Unspecified Vulnerability
BugTraq ID: 11300
Remote: Yes
Date Published: Oct 01 2004
Relevant URL: http://www.securityfocus.com/bid/11300
Summary:
Kerio MailServer version 6.0.3 has been released. This release
addresses a potential security vulnerability in the Kerio MailServer
application. The cause and impact of this issue is currently unknown, however
this BID will be updated as more information becomes available.
All versions of Kerio MailServer prior to 6.0.3 are considered
vulnerable.
27. RealNetworks RealOne Player And RealPlayer Unspecified Web P...
BugTraq ID: 11307
Remote: Yes
Date Published: Sep 29 2004
Relevant URL: http://www.securityfocus.com/bid/11307
Summary:
RealOne Player and RealPlayer are affected by an unspecified
vulnerability. This issue may reportedly be exploited by a malicious Web page to
execute arbitrary code in the context of the software.
This issue was originally described in BID 11273 (RealNetworks RealOne
Player And RealPlayer Remote Vulnerabilities) and is now being assigned
its own BID.
28. RealNetworks RealOne Player And RealPlayer Unspecified File ...
BugTraq ID: 11308
Remote: Yes
Date Published: Sep 29 2004
Relevant URL: http://www.securityfocus.com/bid/11308
Summary:
RealPlayer and RealOne Player are prone to a vulnerability that may
allow an attacker to delete files on the client computer. The attacker
must know the path to the file that is targeted.
This issue was originally described in BID 11273 (RealNetworks RealOne
Player And RealPlayer Remote Vulnerabilities) and is now being assigned
its own BID.
29. RealNetworks RealOne Player And RealPlayer PNen3260.DLL Remo...
BugTraq ID: 11309
Remote: Yes
Date Published: Sep 29 2004
Relevant URL: http://www.securityfocus.com/bid/11309
Summary:
RealPlayer and RealOne Player are prone to a remote integer overflow
vulnerability. It is reported that the vulnerability exists in the
'pnen3260.dll' linked library of both RealPlayer and RealOne Player for
Microsoft Windows, Linux, and Mac OS platforms. The 'pnen3260.dll' library
is responsible for processing real-media '.rm' files.
The overflow will cause the corruption of heap-based memory management
structures. Ultimately this may permit an attacker to write to an
arbitrary location in the memory of the active process and in doing so
control execution flow.
A remote attacker may therefore exploit this vulnerability to execute
arbitrary attacker-supplied instructions in the context of a user that
is running a vulnerable version of the software.
This issue was originally described in BID 11273 (RealNetworks RealOne
Player And RealPlayer Remote Vulnerabilities) and is now being assigned
its own BID.
III. LINUX FOCUS LIST SUMMARY
-----------------------------
1. iptables & tcp wrappers (Thread)
Relevant URL:
http://www.securityfocus.com/archive/91/377415
IV. NEW PRODUCTS FOR LINUX PLATFORMS
------------------------------------
1. Cyber-Ark Inter-Business Vault
By: Cyber-Ark
Platforms: Linux, Windows 2000, Windows NT, Windows XP
Relevant URL:
http://www.cyber-ark.com/datasecuritysoftware/inter-business_vault.htm
Summary:
Based on Cyber-Ark Software's Vaulting Technology, the Inter-Business
Vault, an information security solution that enables organizations to
safely overcome traditional network boundaries in order to securely share
business information among customers, business partners, and remote
branches. It provides a seamless, LAN-like experience over the Internet
that includes all the security, performance, accessibility, and ease of
administration required to allow organizations to share everyday
information worldwide. To learn more about these core attributes of the
Inter-Business Vault click on the relevant link below:
2. EnCase Forensic Edition
By: Guidance Software Inc.
Platforms: DOS, FreeBSD, Linux, MacOS, NetBSD, OpenBSD, PalmOS,
Solaris, UNIX, Windows 2000, Windows 95/98, Windows NT, Windows XP
Relevant URL:
http://www.guidancesoftware.com/products/EnCaseForensic/index.shtm
Summary:
EnCase Forensic Edition Version 4 delivers the most advanced features
for computer forensics and investigations. With an intuitive GUI and
superior performance, EnCase Version 4 provides investigators with the
tools to conduct large-scale and complex investigations with accuracy and
efficiency. Guidance Software?s award winning solution yields
completely non-invasive computer forensic investigations while allowing
examiners to easily manage large volumes of computer evidence and view all
relevant files, including "deleted" files, file slack and unallocated
space.
The integrated functionality of EnCase allows the examiner to perform
all functions of the computer forensic investigation process. EnCase's
EnScript, a powerful macro-programming language and API included within
EnCase, allows investigators to build customized and reusable forensic
scripts.
3. KeyGhost SX
By: KeyGhost Ltd
Platforms: BeOS, DOS, Linux, OS/2, Solaris, SunOS, Windows 2000,
Windows 95/98, Windows NT, Windows XP
Relevant URL: http://www.keyghost.com/SX/
Summary:
KeyGhost SX discreetly captures and records all keystrokes typed,
including chat conversations, email, word processor, or even activity within
an accounting or specialist system. It is completely undetectable by
software scanners and provides you with one of the most powerful stealth
surveillance applications offered anywhere.
Because KeyGhost uses STRONG 128-Bit encryption to store the recorded
data in it?s own internal memory (not on the hard drive), it is
impossible for a network intruder to gain access to any sensitive data stored
within the device.
4. SafeKit
By: Evidian Inc.
Platforms: AIX, HP-UX, Linux, Solaris, Windows 2000
Relevant URL: http://www.evidian.com/safekit/index.htm
Summary:
Evidian's SafeKit technology makes it possible to render any
application available 24 hours per day. With no extra hardware: just use your
existing servers and install this software-only solution.
This provides ultimate scalability. As your needs grow, all you need to
do is add more standard servers into the cluster. With the load
balancing features of SafeKit, you can distribute applications over multiple
servers. If one system fails completely, the others will continue to
serve your users.
5. Astaro Linux Firewall
By: Astaro
Platforms: Linux
Relevant URL: http://www.astaro.com/php/statics.php?action=asl&lang=gb
Summary:
Astaro Linux Firewall: All-in-one firewall, virus protection, content
filtering and spam protection internet security software package for
Linux.
Free download for home users.
6. CAT Cellular Authentication Token and eAuthentication Servic...
By: Mega AS Consulting Ltd
Platforms: Java, Linux, OpenBSD, Os Independent, SecureBSD, Solaris,
UNIX, Windows 2000, Windows NT
Relevant URL: http://www.megaas.co.nz
Summary:
Low cost, easy to use Two Factor Authentication One Time Password token
using the Cellular. Does not use SMS or communication, manages multiple
OTP accounts - new technology. For any business that want a safer
access to its Internet Services. More information at our site.
We also provide eAuthentication service for businesses that will not
buy an Authentication product but would prefer to pay a monthly charge
for authentication services from our our CAT Server.
V. NEW TOOLS FOR LINUX PLATFORMS
--------------------------------
1. PIKT - Problem Informant/Killer Tool v1.17.0
By: Robert Osterlund, robert.osterlund@gsb.uchicago.edu
Relevant URL: http://pikt.org
Platforms: AIX, FreeBSD, HP-UX, IRIX, Linux, Solaris, SunOS
Summary:
PIKT is a cross-categorical, multi-purpose toolkit to monitor and
configure computer systems, organize system security, format documents,
assist command-line work, and perform other common systems administration
tasks.
PIKT's primary purpose is to report and fix problems, but its
flexibility and extendibility evoke many other uses limited only by your
imagination.
2. ID-Synch 3.1
By: M-Tech Information Technology, Inc.
Relevant URL: http://idsynch.com/
Platforms: AIX, AS/400, DG-UX, Digital UNIX/Alpha, HP-UX, IRIX, Linux,
MacOS, MPE/iX, Netware, OpenBSD, OpenVMS, OS/2, OS/390, RACF, Solaris,
SunOS, True64 UNIX, Ultrix, VM, VMS, VSE, Windows 2000, Windows NT
Summary:
ID-Synch is enterprise user provisioning software. It reduces the cost
of user administration, helps new and reassigned users get to work more
quickly, and ensures prompt and reliable access termination. This is
accomplished through automatic propagation of changes to user profiles
from systems of record to managed systems, with self service workflow for
security change requests, through consolidated and delegated user
administration, and with federation.
3. Nmap v3.70
By: Fyodor
Relevant URL: http://www.insecure.org/nmap/
Platforms: AIX, BSDI, FreeBSD, HP-UX, IRIX, Linux, NetBSD, OpenBSD,
Solaris, SunOS, UNIX
Summary:
Nmap is a utility for port scanning large networks, although it works
fine for single hosts. Sometimes you need speed, other times you may
need stealth. In some cases, bypassing firewalls may be required. Not to
mention the fact that you may want to scan different protocols (UDP,
TCP, ICMP, etc.). Nmap supports Vanilla TCP connect() scanning, TCP SYN
(half open) scanning, TCP FIN, Xmas, or NULL (stealth) scanning, TCP ftp
proxy (bounce attack) scanning, SYN/FIN scanning using IP frag
4. THC-Hydra v4.3
By: THC
Relevant URL: http://www.thc.org/releases/hydra-4.3-src.tar.gz
Platforms: AIX, FreeBSD, HP-UX, IRIX, Linux, NetBSD, OpenBSD, Solaris,
UNIX
Summary:
THC-Hydra - parallized login hacker is available: for Samba, FTP, POP3,
IMAP, Telnet, HTTP Auth, LDAP, NNTP, MySQL, VNC, ICQ, Socks5, PCNFS,
Cisco and more. Includes SSL support and is part of Nessus. Visit the
project web site to download Win32, Palm and ARM binaries. Changes:
important bugfix!
5. Pads 1.1
By: Matt Shelton
Relevant URL:
http://freshmeat.net/projects/pads/?branch_id=52504&release_id=169973
Platforms: Linux
Summary:
Pads (Passive Asset Detection System) is a signature-based detection
engine used to passively detect network assets. It is designed to
complement IDS technology by providing context to IDS alerts.
6. cenfw 0.3b
By: Peter Robinson
Relevant URL: http://www.securegateway.org
Platforms: Linux, Windows 2000, Windows NT, Windows XP
Summary:
The Centron IPTables Firewall Gui is an object oriented, database
driven, windows interface to linux IPtables firewall rules.
VII. SPONSOR INFORMATION
-----------------------
This Issue is Sponsored By: SecurityFocus
Stay up to date. All the latest news, columns, jobs and more in a
convenient html newsletter - Even a glimpse of upcoming columns and
feature
articles! Sign up today!
http://www.securityfocus.com/htmlnewsletter/subscribe