Technology
   Source:   Reuters
   Date Written:  April 4, 2002
   Date Collected: April 5, 2002
   Title: IBM, AT&T Release Free Internet Privacy Tools In an attempt to help protect web surfers' private information on the Internet, IBM and AT&T Corp. have both released free privacy tools to help automate privacy policies. IBM's Tivoli Privacy Wizard transforms written privacy policies into electronic guidelines that can be applied to prevent abuse, while AT&T's Privacy Bird software shows the user if his/her privacy rules are met when surfing the web. However, critics argue that these tools will do nothing to protect against intentional abuse of privacy policies.
http://www.reuters.com/news_article.jhtml?type=internetnews&StoryID=776526
Also - http://www.newsfactor.com/perl/story/17121.html

Vulnerabilities
   Source:   Network World Fusion
   Date Written:  April 5, 2002
   Date Collected: April 5, 2002
   Title: Microsoft patches two security holes in Windows NT/2000 On April 4, Microsoft Corp. warned customers about two new security vulnerabilities in different versions of Windows NT and Windows 2000.
Specifically, the flaws, for which patches have also been released, affect the Multiple Uniform Naming Convention Provider (MUP) service and the application of Group Policy on Windows 2000 server products respectively.
http://www.nwfusion.com/news/2002/0405mspatch.html

"IBM ed il Kernel Linux"
IBM ancora una volta da segno della sua volonta di entrare sempre di piu'
all'interno del sistema operativo linux fornendo nel giro di 2 giorni ben tre patch per il kernel.
http://www.ziobudda.net/news/see_comments.php?id_notizia=6420

"Nuovi kernel"
Due kernel diversi da due personaggi diversi: da Linus Torvalds il kernel
Linux-2.5.8-pre1 mentre da Alan Cox il kernel Linux 2.4.19pre4-ac4
http://www.ziobudda.net/news/see_comments.php?id_notizia=6419

"Linux Advisory Watch - April 5th 2002"
http://www.ziobudda.net/news/see_comments.php?id_notizia=6440

"Server con SSL: il 18% ancora vulnerabile"
Secondo un recente studio della società di ricerche Netcraft, il 18% dei server basati sul Secure Sockets Layer (SSL) è ancora troppo vulnerabile http://www.ziobudda.net/news/see_comments.php?id_notizia=6460

"LinuxUser 18 (Feb.2002)"
Disponibile il numero di 18 (Feb. 2002) di LinuxUser, un magazine inglese dedicato, manco a dirlo, a Linux.
http://www.ziobudda.net/news/see_comments.php?id_notizia=6452

"AppShield Security Tool"
Nuova versione per questo Tool che permette di tenere sotto controllo l'accesso al proprio web (leggasi sicurezza).
http://www.ziobudda.net/news/see_comments.php?id_notizia=6447

TALES OF A WHITE HAT WAR DRIVER
In the old days of computing, hackers used a technique called "war dialing." The computer's modem was set up to dial lists of phone numbers, hoping to reach another computer system's modem. Once a computer answered, a hacker would try to gain access to the network. This new laptop technique is called "war driving," and is actually much easier to do and easier to remain undetected.
http://www.oreillynet.com/pub/a/wireless/2002/03/29/wardriver.html

HOW TO SETUP MULTIPLE SSL VIRTUAL HOSTS ON APACHE This quick HOWTO shows how to setup multiple SSL virtual hosts under OpenBSD 3.0.
http://www.incyte-studios.com/ssl.htm

BYPASSING JAVASCRIPT FILTERS
Anonymizer offers free and commercial services that allow to browse web safely. Since JavaScript can be dangerous, all script blocks and events are cut from html.
http://www.net-security.org/text/bugs/1017749960,40053,.shtml

IE - REMOTE WEBPAGE CAN SCRIPT IN LOCAL ZONE In order for IE to parse a local file as a html document the filename extension must be associated with html documents (normally .htm and.html). Also the file cannot be binary. This is good security because several types of userdata is stored in local files (cookies, favorites/bookmarks, application userdata etc). The problem is that IE canbe tricked into thinking that any non binary local file is a html document.
http://www.net-security.org/text/bugs/1017823922,35542,.shtml

VARIOUS VULNERABILITIES IN ZONEALARM MAILSAFE There are several vulnerabilities in ZoneAlarm 3.0 MailSafe. The vulnerabilities allow the bypassing of ZoneAlarm's e-mail protection.
http://www.net-security.org/text/bugs/1017824515,97554,.shtml

FIREWALL-1 IDENTIFICATION : PORT 257
It's been known for a while that if you find a host with open TCP
port256,257 and 258, you can be pretty sure it's a Firewall-1 box (please refer to: http://online.securityfocus.com/archive/1/18701).
I did some additional poking at the system and found out that if you connectto port 257 and you hit a few keys, the server will return fwa1 string. Here is the sequences that works for me:
1. hit enter
2. hit a few keys (2-3 is enough)
3. hit enter
the server will return the fwa1 string.
http://www.net-security.org/text/bugs/1017824577,68861,.shtml

WINDOWS 2000 DCOM CLIENTS MAY LEAK INFORMATION Due to a flaw in Windows 2000's DCOM layer, arbitrary parts of a DCOMclient's memory may be sent onto the network in plaintext.
The datamay be anything from relatively harmless information like the process's environment block, to very sensitive information including passwords.
Link: http://www.net-security.org/text/bugs/1017824643,63912,.shtml

 FLASH PLAYER 6, SE PARTE NON LO FERMI PIU'
Un bug nell'ultima versione del celebre player di Macromedia per Internet Explorer puo' consentire attacchi DoS basati sul download di grossi file
URL: http://punto-informatico.it/pi.asp?i=39723

Cybercrime-Hacking
   Source:   NewsFactor
   Date Written:  April 8, 2002
   Date Collected: April 8, 2002
   Title: New Defense Against Hack Attacks Micah Adler, an associate professor at the University of Massachusetts, claims to have developed a new technique to defend against denial of service
(DoS) attacks. The technique, which is derived from probabilistic packet marking (PPM), is able to identify the source of an attack by a single bit in each packet's header. However, at present, protection is only offered for DoS attacks, but not the more common and dangerous distributed denial of service
(DDoS) attacks.
http://www.newsfactor.com/perl/story/17141.html

"Linux Security Week - April 8th 2002"
http://www.ziobudda.net/news/see_comments.php?id_notizia=6472

 NUOVO MEGASCANNER PROTETTORE DI WINDOWS Microsoft ha rilasciato sul Web un nuovo scanner di sicurezza per Windows NT/2000/XP in grado di scovare le vulnerabilita' piu' comuni che affliggono utenti consumer e aziendali
URL: http://punto-informatico.it/pi.asp?i=39743

Cybercrime-Hacking
   Source:   vnunet.com
   Date Written:  April 9, 2002
   Date Collected: April 9, 2002
   Title: Cert warns of automated attacks The Computer Emergency Response Team (CERT), on April 8, 2002 released a report highlighting current attack trends on the Internet. The report illustrates the increased automation of attack tools and the growing number of security vulnerabilities discovered in recent years. Subsequently, cyber attacks have become more sophisticated and increasingly target the Internet's infrastructure and new communications platforms, such as instant messaging tools.
http://www.vnunet.com/News/1130755
Also - http://www.cert.org/archive/pdf/attack_trends.pdf

Vulnerabilities
  Source:   The Register
   Date Written:  April 9, 2002
   Date Collected: April 9, 2002
   Title: A trio of MS-Office security vulns Three new vulnerabilities have been discovered in Microsoft Office Web Components (OWC), which can "override security settings in Internet Explorer"
(IE), thereby potentially allowing an attacker to run malicious code and access certain files on an affected machine. The flaws were discovered by GreyMagic Software and Microsoft has been notified, although no patch has been issued to date.
http://www.theregister.co.uk/content/55/24777.html

"Crack nei Firewall"
Molto spesso i vecchi metodi di FireWall non sono piu' adeguati ai nuovi metodi di attacco. Meglio allora mettersi "in pari".
http://www.ziobudda.net/news/see_comments.php?id_notizia=6489

Technology
   Source:   ZDNet News
   Date Written:  April 10, 2002
   Date Collected: April 10, 2002
   Title: Kazaa may contain a 'New' surprise The debate about the common practice of bundling software with free downloads has been further fuelled by the revelation that popular file-sharing tools, including Kazaa and Grokster, come with New.net software. The news comes hot on the heels of similar revelations concerning Kazaa software. The main question is whether users of free downloads must be informed what other software is contained in the package.
http://zdnet.com.com/2100-1105-879686.html
Also - http://www.apogeonline.com/webzine/2002/04/11/02/200204110203

Vulnerabilities
   Source:   ZDNet News
   Date Written:  April 10, 2002
   Date Collected: April 10, 2002
   Title: Buffer overloads: the big security hole Buffer overflow vulnerabilities are among the most common software flaws in products from a variety of vendors, including Microsoft and Oracle. To protect against this form of attack - whereby a buffer's available memory is flooded with data that then allows the hacker to execute his own malicious code - software should be designed to automatically check the size of data going into each buffer or respond if excess data is imported into the buffer.
Such measures could have a negative impact on performance, but would greatly improve the security of new products.
http://zdnet.com.com/2100-1107-879619.html

Vulnerabilities
   Source:   Newsbytes
   Date Written:  April 10, 2002
   Date Collected: April 10, 2002
   Title: Microsoft Patches Ten New Security Bugs In IIS On April 10, 2002, Microsoft Corp. released a bundle of software patches to protect versions 4.0, 5.0. and 5.1 of its Internet Information Server (IIS) software against ten new security vulnerabilities, some of which have been described as critical.
http://www.newsbytes.com/news/02/175780.html
Also - http://news.com.com/2100-1001-879789.html
Also - http://punto-informatico.it/pi.asp?i=39762

"Impostare un firewall in Linux"
Un'altro articolo su come impostare un firewall con Linux
http://www.ziobudda.net/news/see_comments.php?id_notizia=6523

 APHEX, IL WORM CON DENTRO UN SERVER WEB Si sta diffondendo per e-mail e chat un nuovo worm per Windows in grado di installare, sui sistemi infettati, un piccolo server Web con cui adescare altri utenti
URL: http://punto-informatico.it/pi.asp?i=39781

Technology
   Source:   Linux Today
   Date Written:  April 11, 2002
   Date Collected: April 11, 2002
   Title: Red Hat Unveils CVE Security Compatibility Open source software firm Red Hat Inc., on April 11, 2002, announced that it will begin using the Common Vulnerabilities and Exposures (CVE) standards list for future security alerts and advisories. The CVE, which is maintained by MITRE Corporation and provides standardized definitions for security vulnerabilities and exploits, is increasingly being adopted as an industry standard following an endorsement by the National Institute of Standards and Technology (NIST) in January 2002.
http://linuxtoday.com/news_story.php3?ltsn=2002-04-11-002-26-SC-RH

Vulnerabilities
   Source:   vnunet.com
   Date Written:  April 11, 2002
   Date Collected: April 11, 2002
   Title: Users slam Microsoft Security Analyser Microsoft Corp.'s Baseline Security Analyzer (MBSA), released earlier this week to help identify security vulnerabilities in Microsoft systems, has been criticized for merely being a "GUI version of the software giant's HfNetChk."
It has been argued that these free tools still lack some of the functionality of the expensive HFNetChkPro. Many users are 'insulted' by the idea that they should have to pay to find security flaws in the software they have purchased.
http://www.vnunet.com/News/1130844

Vulnerabilities
   Source:   The Register
   Date Written:  April 11, 2002
   Date Collected: April 11, 2002
   Title: Eight new IIS security holes exposed Following the release, on April 10, 2002, of a security patch by Microsoft Corp. for a variety of new vulnerabilities in several versions of its Internet Information Server (IIS) software, this article argues that details of security flaws should be released as soon as they are known so that temporary workarounds can be implemented to protect vulnerable systems.
Microsoft's current practice is to withhold disclosure until a patch is available. The article also mentions "anecdotal reports" of the patches causing problems on some machines.
http://www.theregister.co.uk/content/55/24795.html

Vulnerabilities
   Source:   The Register
   Date Written:  April 11, 2002
   Date Collected: April 12, 2002
   Title: Win-XP Search Assistant silently downloads files Based on this article, it appears that whenever a user employs the Search Assistant (SA) on Microsoft's Windows XP operating system, whether for searching on the Internet or for internal files, the SA attempts to connect to a Microsoft website in order to fetch certain files. Apparently, for internal searches, no data is sent to the Microsoft site, however, certain details of web searches, including "your IP address, the text of your Internet search query, grammatical information about the query, the list of tasks which the Search Companion Web service recommends, and any tasks you select from the recommendation list", are collected.
http://www.theregister.co.uk/content/55/24815.html

Vulnerabilities
   Source:   Network World Fusion
   Date Written:  April 12, 2002
   Date Collected: April 12, 2002
   Title: Deleting data from hard disks won't erase it In response to a number of cases where sensitive data was retrieved from computers that were thrown or given away, the Japan Electronics and Information Technology Industries Association (JEITA) has issued a warning that information that has been deleted or where the disc it is stored on has been reformatted can still be read. JEITA urges PC makers to provide businesses with special software that completely erases all data from hard drives.
http://www.nwfusion.com/news/2002/0412erase.html

Vulnerabilities
   Source:   Newsbytes
   Date Written:  April 12, 2002
   Date Collected: April 12, 2002
   Title: Technology Publisher IDG Plugs Site Security Hole International Data Group (IDG), a technology and publishing firm, on April 12, 2002, announced that it has closed a security flaw in its IBM Lotus Domino web servers that had allowed Internet surfers to view internal documents. IDG had been made aware of the problem a day earlier by French security group Kitetoa, which has recently discovered similar vulnerabilities in a variety of government websites.
http://www.newsbytes.com/news/02/175857.html

g00d reading!  'n' bye
Security  News  Staff:
The Jackal < -jackal-@libero.it >