"Strace lo Sherlock Holmes di Linux"
Mai avuto problemi di crash o blocchi misteriosi con applicazioni Linux? In
questi casi, quando non si sa mai bene che pesci prendere, c'è sempre in
aiuto una importante utility, che può essere a buon ragione definita lo
Sherlock Holmes di Linux: strace.
http://www.ziobudda.net/Admin/redir_news.php?id=20505

** GATES MOSTRA IN ANTEPRIMA LA TECNOLOGIA CHE NON FUNZIONA **
Gesto altamente consolatorio del boss di Microsoft: se computer, Xbox e
Media Center non ubbidiscono neppure ai suoi comandi, possiamo tutti
sentirci un po' meno imbranati.
>> di Paolo Attivissimo
http://www.zeusnews.it/news.php?cod=3695

** CACCIA APERTA AL FILMATO DI BILL GATES **
La versione integrale con gli scivoloni di Gates è scomparsa dal sito
Microsoft. I link agli spezzoni e il testo dei momenti salienti.
>> di Paolo Attivissimo
http://www.zeusnews.it/news.php?cod=3696

WINDOWS S'ATTREZZA CONTRO GLI SPYWARE
La beta del nuovo antitutto Microsoft non convince ancora i piu' smanettoni
ma l'azienda assicura che ci sta lavorando e che presto il tool gratuito
fara' appieno il suo dovere
URL: http://punto-informatico.it/pi.asp?i=51045

Traduzione di LFS-6.0
È stata appena pubblicata la traduzione italiana di Linux From Scratch 6.0.
Il documento tradotto è consultabile presso:
http://ildp.pluto.it/lfs/6.0/

PLUTO Journal numero 43
Annuncio l'uscita del nuovo PLUTO Journal (http://journal.pluto.it), il
numero 43 - Gennaio 2005, consultabile online all'indirizzo
http://www.pluto.it/journal/pj0501/
e reperibile nella versione scaricabile su
ftp://ftp.pluto.it/pub/pluto/journal/n43gen05.tar.gz

Using Google Desktop Search for remote system monitoring
Once installed on a host, Google Desktop Search provides some great
capabilities: "Find your email, files, web history and chats instantly, view
web pages you've seen, even when you're not online...". As a learning
exercise, I decided to see if I could make desktop search results available
remotely across a TCP/IP network. In fact you can, but such use is not part
of Google's original intent or end user license agreement. If you are
interested in using "desktop" search remotely, check out my write up at:
http://www.sharp-ideas.net/

Google Hacking and SiteDigger 2.0
Foundstone releases Sitedigger 2.0. Popular free tool to harvest security
exposures using google. New features include: Increased signatures - ~1000
(Foundstone + johnny.ihackstuff.com signatures). Latest signature exposes
webcams :) Automatic updates, Improved search, Enhanced reports and submit
signatrues - get credits. Download from http://www.foundstone.com
http://www.infoworld.com/article/05/01/10/02NNmcafee_1.html
http://biz.yahoo.com/prnews/050110/sfm075_1.html

Norton Anti-Virus
Vendor: Symantec
Rafel Ivgi reported a vulnerability in Symantec's Norton Anti-Virus. A
remote user can create HTML that, when loaded, will cause Norton to crash.
Impact: Denial of service via network
Alert: http://securitytracker.com/alerts/2005/Jan/1012799.html

Vim
Vendor: Vim.org
Several vulnerabilities were reported in several Vim options when modeline
is enabled. A user may be able to cause arbitrary commands to be executed
by a target user.
Impact: Execution of arbitrary code via local system
Alert: http://securitytracker.com/alerts/2005/Jan/1012774.html

Exim
Vendor: Exim.org
Two vulnerabilities were reported in Exim. A local user may be able to
obtain elevated privileges.
Impact: Execution of arbitrary code via local system
Alert: http://securitytracker.com/alerts/2005/Jan/1012771.html

Mozilla Firefox
Vendor: Mozilla.org
A vulnerability was reported in Mozilla Firefox in the Download Dialog box
display. A remote user can spoof the source displayed.
Impact: Modification of system information
Alert: http://securitytracker.com/alerts/2005/Jan/1012766.html

GMail
Vendor: Google
Joxean Koret reported a vulnerability in the Gmail service. A remote user
can cause a large amount of e-mail to be sent to the target user's secondary
address.
Impact: Host/resource access via network
Alert: http://securitytracker.com/alerts/2005/Jan/1012749.html

Logcheck 1.2.33
http://freshmeat.net/releases/184019/
Logcheck parses system logs and generates email reports based on anomalies.
Anomolies can be defined by users with 'violations' files. It differentiates
between 'Active System Attacks', 'Security Violations', and 'Unusual
Activity', and is smart enough to remember where in the log it stopped
processing to improve efficiency. It can also warn when log files shrink,
and does not report errors when they are rotated.

QoS and Netfilter patchset 2.6.10-qnet1
http://freshmeat.net/releases/184121/
QoS and Netfilter patchset is targeted mainly at Linux routers. It includes
patch-o-matic-ng, iptables-p2p, Layer-7 Packet Classifier, IMQ, esfq, and
wrr.

Vernice blocca Wi-Fi WiMAX/Bluetooth
Tempi duri per i warchalkers, gli "esploratori" di reti wireless che
camminano per le strade cercando di individuare reti insicure per navigare
gratuitamente o rubare dati aziendali. Force Field Wireless, start-up
californiana, ha ideato una serie di prodotti utili a schermare le pareti
degli edifici: più protezione dagli attacchi esterni e meno interferenze tra
le diverse reti senza fili.
http://www.zerohack.it/public/portale/modules/news/article.php?storyid=1143

IL CELLULARE PERDE LO SPEAKER
NTT DoCoMo toglie i veli ad un telefonino che fa a meno dello speaker,
mentre Samsung e' pronta a lanciare un nuovo smartphone a cui si possono
dettare gli SMS
URL: http://punto-informatico.it/pi.asp?i=51061

SECURITY DIGEST: JANUARY 7, 2005
Today's security advisories: krb5 (Debian GNU/Linux) and libtiff (Fedora
Core).
http://nl.internet.com/ct.html?rtr=on&s=1,1brj,1,fpqd,a6q0,85jl,7pty

INSTALLING A VIRTUAL HONEYWALL USING VMWARE
"This paper therefore, explains how to go about configuring VMware to deploy
a Honeywall..."
http://nl.internet.com/ct.html?rtr=on&s=1,1brj,1,mfld,d9qp,85jl,7pty

HOW TO SIGN YOUR CUSTOM RPM PACKAGE WITH GPG KEY
"After building your custom RPM package, it's a good idea to sign the
package with your own GPG Key to make sure the package is authentic..."
http://nl.internet.com/ct.html?rtr=on&s=1,1brj,1,khrv,hyb1,85jl,7pty

KERNELTRAP: TUNING THE KERNEL WITH A GENETIC ALGORITHM
"Jake Moilanen provided a series of four patches against the 2.6.9 Linux
kernel that introduce a simple genetic algorithm used for automatic
tuning..."
http://nl.internet.com/ct.html?rtr=on&s=1,1brl,1,atkt,7gpp,85jl,7pty

QUICK TIP FOR LINUX USERS HAVING TROUBLE WITH EMACS (OR XEMACS) COPY/PASTE
"Why these settings aren't the default on Linux completely bewilders me..."
http://nl.internet.com/ct.html?rtr=on&s=1,1brl,1,1axy,ju7z,85jl,7pty

Vulnerabilities & Exploits
Title: IE flaw threat hits the roof
Source: CNet
Date Written: January 7, 2005
Date Collected: January 10, 2005
Security firm Secunia announced January 7, 2005 that it raised its rating of
the vulnerabilities in Microsoft's browser to extremely critical, its
highest rating. The flaws could allow attackers to install and execute
malicious code and affects Internet Explorer (IE) version 6, according to
Thomas Kristensen, Secunia's chief technology officer. Exploit code for one
of the flaws, a security hole in an HTML Help control, was published
December 21, 2004 by GreyHats Security Group. Mr. Kristensen said the
extremely critical designation is reserved for vulnerabilities with working
exploits that do not require user interaction. Secunia added that the the
exploit code is effective on computers running Windows XP Service Pack 2
(SP2).
http://news.com.com/IE+flaw+threat+hits+the+roof/2100-1002_3-5517457.html

Vulnerabilities & Exploits
Title: Spammers' New Tactic Upends DNS
Source: EWeek.com
Date Written: January 10, 2005
Date Collected: January 10, 2005
Spammers have begun using new tactics to circumvent CAN-SPAM (Controlling
the Assault of Non-Solicited Pornography and Marketing) restrictions,
destabilizing the Internet DNS (Domain Name Service). One tactic hopes to
avoid fines by sending e-mail from an unregistered domain during the night
then registering the domain in the morning. However, this causes DNS delays
and timeouts and clogs message queues as SMTP (Simple Mail Transfer
Protocol) servers check non-existent domain names. Anti-spam solutions often
rely on DNS to check spam whitelists, blacklists, and message headers,
generating as many as thirty DNS calls per message, straining DNS
infrastructures. Spammers are also causing problems by shutting down DNS
access to domains they control to prevent investigators from finding them.
Many companies have set their servers to perform as many as nine DNS checks
and are buying redundant DNS servers to handle the load. Internet service
providers have few options to handle the DNS load except to purchase greater
capacity.
http://www.eweek.com/article2/0,1759,1749328,00.asp

LINUX STATEFUL FIREWALL DESIGN
This tutorial shows you how to use netfilter to set up a powerful Linux
stateful firewall.
http://www.net-security.org/news.php?id=6823

IT'S EASY TO SECURE WINDOWS 2000 SERVERS
Although Windows 2000 servers have a reputation for being notoriously
insecure, if you take the time it is actually possible to lock them down so
tightly that leading scanners will not even recognize that they are Windows
servers.
http://www.net-security.org/news.php?id=6829

HOW TO PLAN FOR A POSSIBLE NETWORK ATTACK
In this article we will focus on a much needed topic which is proactive
planning.
http://www.net-security.org/news.php?id=6838

SSH PORT FORWARDING
In this article we look at SSH Port Forwarding in detail, as it is a very
useful but often misunderstood technology. SSH Port Forwarding can be used
for secure communications in a myriad of different ways.
http://www.net-security.org/news.php?id=6848

ZEN AND THE ART OF INTRUSION DETECTION
If a tree falls in a forest with no-one to hear it, does it make a sound? So
goes a typical zen-like philosophical question. While it's
thought-provoking, what does it have to do with Intrusion Detection Systems
(IDS)? Simple - if you're not there to watch the tree fall, do you need to
know whether it fell or not?
http://www.net-security.org/news.php?id=6861

Securing Thunderbird email with OpenPGP
http://software.newsforge.com/article.pl?sid=05/01/06/1557216&from=rss
Email is commonly used in business today, yet only a small percentage of
users take the time to guarantee their email is sent in a secure and
confidential manner. If you're not part of that elite group, read on to
learn how to setup OpenPGP with the Mozilla Thunderbird mail component.

Must-have applications for the Linux desktop
http://software.newsforge.com/article.pl?sid=05/01/05/1540222&from=rss
You just installed your favorite Linux distribution and all your hardware is
working. Your data is ready to go and all the default applications are
working perfectly. You've even changed the wallpaper, theme, and window
decorations. What's next?

PIU' CATTIVELLO L'EREDE DI CABIR
Dal codice di una delle piu' recenti varianti di Cabir e' nato un nuovo
virus capace di infettare alcuni modelli di smart phone basati su SymbianOS
via Internet o via Bluetooth. Torna alla carica anche Skulls
URL: http://punto-informatico.it/pi.asp?i=51080

Multipli AntiVirus: controlli sorpassati tramite un'immagine
Una vulnerabilità consente a chi attacca da remoto di oltrepassare
l'ispezione degli antivirus ( ed anche di altre tecnologie di sicurezza come
IDS and IPS) con immagini contenute
http://www.alground.com/news/news.php?page=714

Bollettino Microsoft sulla sicurezza MS05-001
Una vulnerabilità in HTML Help può consentire l'esecuzione di codice non
autorizzato (890175)
http://www.alground.com/news/news.php?page=715

SECURITY DIGEST: JANUARY 10, 2005
Today's security advisories: kdelibs, linpopup, and lintian (Debian
GNU/Linux); libtiff/tiff (SUSE Linux); kdegraphics, tetex, libtiff, samba,
xpdf, and cups (LBA-Linux); TikiWiki (Gentoo Linux); and kernel (Fedora
Core).
http://nl.internet.com/ct.html?rtr=on&s=1,1but,1,b2w4,37fb,85jl,7pty

KONSERVE: BACKUP MADE EASY
"Konserve is a small backup utility that lives in the KDE 3.x system tray,
and it makes backups so easy, so automatic, that you'll probably forget all
about it... until you desperately need that file you accidentally
deleted..."
http://nl.internet.com/ct.html?rtr=on&s=1,1bur,1,9elw,dsik,85jl,7pty

static Initialization Order
In the static declarations series, I briefly mentioned an onerous problem
pertaining to initialization order of objects with static storage duration.
In standard C++, the initialization order of such objects is unspecified if
they are declared in different translation units. Today, I discuss the
consequences of this problem and show techniques for averting it.
http://www.informit.com/guides/content.asp?g=cplusplus&seqNum=212

Why Corporate Security Requires Constant Vigilance
Gone are the days when you could just set up a firewall, forget about it,
and rest easy that your network is secure. Today, network security requires
constant work to maintain a secure network.
http://www.informit.com/articles/article.asp?p=359422

CiscoWorks Management Center for Firewalls
To help you prepare for the CCSP Cisco Secure PIX Firewall Advanced Exam,
this chapter provides information on using CiscoWorks with Firewall MC.
http://www.informit.com/articles/article.asp?p=361404

Removing the Haxdoor.H Trojan: A Warez-misdirecting, Browser-hijacking, Porn
Dialer-dropping STD
As your intrepid site hosts, it is often our responsibility to dredge the
seedy computer "underground" in order to keep you apprised of upcoming
vulnerabilities. Just like the biological clap, however, our computers can
also become infected with digital bugs; and so it was with us one late night
in the red light cyber district.
http://www.informit.com/guides/content.asp?g=security&seqNum=27

Windows Forensics: Using the Forensic Server Project
Collecting data from a potentially compromised system is relatively simple,
especially if you know your way around the Forensics Server Project. Find
out how to use this tool to learn where security holes exist to tighten up
your network in this chapter.
http://www.informit.com/articles/article.asp?p=349043

Introduction to RPC on Windows: Part 1
Learn how to write distributed applications on the client/server
architecture.
http://www.aspfree.com/c/a/.NET/Introduction-to-RPC-on-Windows-Part-I/

Metasploit Framework v2.3
The Metasploit Framework is an advanced open-source exploit development
platform. The 2.3 release includes three user interfaces, 46 exploits and 68
payloads. The Framework will run on any modern operating system that has a
working Perl interpreter. The Windows installer includes a slimmed-down
version of the Cygwin environment. This release is available from the
Metasploit.com web site:
Unix: http://metasploit.com/tools/framework-2.3.tar.gz
Win32: http://metasploit.com/tools/framework-2.3.exe
For more information about the Framework and this release in general, please
refer to the online documentation, particularly the User Guide:
http://metasploit.com/projects/Framework/documentation.html

Malware
Title: Hackers Tune In to Windows Media Player
Source: EWeek.com
Date Written: January 10, 2005
Date Collected: January 11, 2005
Security researchers at Panda Software say hackers are using the newest
digital rights management (DRM) technology in Microsoft's Windows Media
Player to install spyware, adware, and other malware on unsuspecting users'
PCs. Two new Trojans, Trj/WmvDownloader.A and Trj/WmvDownloader.B, are
circulating peer-to-peer (P2P) networks hidden in video files. Both Trojans
use the anti-piracy DRM technology to fool users into downloading the
malicious applications by redirecting user attempts to purchase licenses for
protected Windows media files to pages containing adware, spyware, and
viruses.
http://www.eweek.com/article2/0,1759,1749948,00.asp?kc=EWRSS03129TX1K0000614

Malware
Title: New mobile phone virus spreads two ways
Source: InfoWorld
Date Written: January 11, 2005
Date Collected: January 11, 2005
According to anti-virus firm F-Secure, a new mobile phone virus called
Lasco.A is capable of spreading through short-range wireless Bluetooth
technology and by attaching itself to files. Mikko Hyppönen, director of
anti-virus research at F-Secure, said January 11, 2005 that Lasco.A is the
first malware discovered with two ways to spread itself, acting as both a
virus and a worm. He added that Lasco.A is only proof-of-concept code, but
said it is only a matter of time before it goes into circulation. The virus
affects mobile phones running the Symbian operating system with Nokia's
Series 60 interface, and F-Secure recommends that users set vulnerable
phones to hidden Bluetooth mode.
http://www.infoworld.com/article/05/01/11/HNphonevirus_1.html

Technology
Title: McAfee, Panda Offer "Zero-Day" Anti-Virus Products
Source: Security Pipeline
Date Written: January 10, 2005
Date Collected: January 11, 2005
Security vendors McAfee and Panda have announced security products designed
to protect systems from zero-day attacks. Both systems use software
techniques that monitor the behavior of applications on protected systems to
stop malicious activity by unknown threats. McAfee has released Entercept
5.1, an Intrusion Protection System (IPS) that blocks zero-day attacks using
anomaly detection, which is designed to scale across enterprise systems.
Panda software released a family of anti-virus products incorporating a
technology called TruPrevent to handle rapidly spreading malware. In
addition to detecting malicious behavior, TruPrevent detects malicious
network packets and provides buffer overflow protection.
http://www.securitypipeline.com/57700240

Technology
Title: MS virus clean-up tool sparks controversy
Source: The Register
Date Written: January 11, 2005
Date Collected: January 11, 2005
Microsoft debuted its malicious software removal tool January 11, 2005,
causing some controversy in the anti-virus community. Despite the tools
limited scope, John Cheney, CEO of BlackSpider Technologies, said consumers
may think the tool protects them from virus infection. He said the
signature-based anti-virus solutions used by Microsoft perform poorly
against rapid virus outbreaks, and that monthly patching is a poor choice
for anti-virus software, where speed is essential to curtail outbreaks. Mr.
Cheney added that Microsoft should spend more time addressing their
products' security weaknesses in order to fight malware before it is
written.
http://www.theregister.co.uk/2005/01/11/ms_viral_clean-up_tool

10 ways to pay back the open source community
http://software.newsforge.com/article.pl?sid=05/01/06/1557225&from=rss
You run GNU/Linux. You play games on it, surf the Net, write documents, and
edit pictures, and all for free, thanks to the multitudes around the world
who contribute to the open source movement. Now it's payback time -- time to
give back to the global fraternity giving you so much. Here are 10 ways you
can help right now.

Linux Live 5.0.0-beta1
http://freshmeat.net/releases/184304/
Linux Live is a set of bash scripts which allows users to create their own
live CD from any Linux distribution.

NASCE IL KILLER DEL MULO
eDonkey e BitTorrent nel mirino di un nuovo software di BayTSP che parrebbe
in grado di tracciare il primo utente che pone in condivisione un certo file
e, a seguire, tutti gli altri. Ma funzionera' davvero?
URL: http://punto-informatico.it/pi.asp?i=51101

PLAYER BERSAGLIATI DA FALLE E TROJAN
iTunes e Winamp e mpg123: sono tre i media player piuttosto noti che in
questi giorni hanno dovuto affrontare alcune serie falle di sicurezza.
Windows Media Player e' invece bersaglio di due trojan che strisciano sulle
reti P2P
URL: http://punto-informatico.it/pi.asp?i=51093
Also - http://nl.internet.com/ct.html?rtr=on&s=1,1by8,1,8r8y,15bf,85jl,7pty

MICROSOFT SISTEMA LE PRIME FALLE DEL 2005
I primi bollettini di sicurezza dell'anno correggono tre vulnerabilita' di
Windows, due delle quali considerate di grande rilievo. Pronta anche la
versione 1.0 del nuovo tool antispyware di Microsoft
URL: http://punto-informatico.it/pi.asp?i=51092
Also - http://searchsecurity.techtarget.com/originalContent/0,289142,sid14_gci1043888,00.html
Also - http://www.securityfocus.com/news/10268

** I TRUFFATORI DI SOS RICARICA VODAFONE **
Individuati e denunciati i truffatori che chiedevano la ricarica Sos
Vodafone.
>> di Pier Luigi Tolardo
http://www.zeusnews.it/news.php?cod=3706

The Perils of Deep Packet Inspection
This paper looks at the evolution of firewall technology towards Deep Packet
Inspection, and then discusses some of the security issues with this
evolving technology.
http://www.securityfocus.com/infocus/1817

SECURITY DIGEST: JANUARY 11, 2005
Today's security advisories: hylafax and bmv (Debian GNU/Linux); and KDE FTP
KIOslave, Konqueror, KPdf, and KOffice (Gentoo Linux).
http://nl.internet.com/ct.html?rtr=on&s=1,1by8,1,cbp8,c96g,85jl,7pty

KERNELTRAP: FILESYSTEM IN USERSPACE
"Miklos Szeredi provided patches against the 2.6.10 Linux kernel for FUSE,
'Filesystem In Userspace...'"
http://nl.internet.com/ct.html?rtr=on&s=1,1byd,1,uu2,5bpa,85jl,7pty

FLOOD DETECTION AND NOTIFICATION USING PERL
"Rather than fret, put your hacking skills to work and whip up a tool that
will notify you when water is detected, so you can rest comfortably or worry
about more trivial matters
http://nl.internet.com/ct.html?rtr=on&s=1,1byd,1,ft02,jpo8,85jl,7pty

Malware
Title: Cellery worm plays Tetris as it spreads
Source: ZDNet UK
Date Written: January 12, 2005
Date Collected: January 12, 2005
A new worm, Cellery-A, has begun spreading disguised as a copy of the game
Tetris. When users play the game, the worm briefly displays the message
"Chancellery" then changes Windows settings so it will automatically run on
the system. While the user plays the game, the worm searches for other
computers to infect. If a company has a game-playing culture, workers may
think the virus is a newly installed game rather than a malicious program,
says Sophos' Graham Cluley. Malware authors commonly disguise their viruses
as games to trick users into installing them; Bibrog came disguised as a
shooting game while Coconut came as a game where users could throw coconuts
at security experts. Sophos has received only a small number of Cellery
reports.
http://news.zdnet.co.uk/internet/security/0,39020375,39183783,00.htm

Securing Linux Production Systems
http://newsvac.newsforge.com/article.pl?sid=05/01/13/033214&from=rss
Anonymous Reader writes "A Practical Guide to Basic Security in Linux
Production Environments - This article is a practical step-by-step guide for
securing Linux production systems. It shows how to meet basic security
requirements for Linux systems that need to pass security audits. This guide
also discusses some Linux security steps that cannot be found in any book at
the time of this writing. If you have been charged to come up with a
corporate Linux Security Standard, then you should definitely read on."

The GNOME Journal, January Edition
http://newsvac.newsforge.com/article.pl?sid=05/01/12/1731246&from=rss
Ken VanDine writes "The latest issue of The GNOME Journal has just been
published. This regularly published online magazine features original
content and commentary for and by the GNOME Community. This second issue
covers some technical articles, including CD/DVD creation, connecting to
remote resources, and how to get help from the GNOME community. Also, will
GNOME pass the Liberal Arts major test? Developer topics are also covered,
as Seth Nickell takes at look at the "Experimental Culture" surrounding
GNOME development and Christian Hammond sheds light on the concept of
desktop presence."

pam_usb 0.3.2
http://freshmeat.net/releases/184429/
pam_usb is a PAM module that enables authentication using a USB storage
device through DSA private/public keys. It can also work with floppy disks,
CD-ROMs, or any kind of mountable device. It supports multiple users for the
same device, multiple hostnames for the same user, a serial number access
list, and private key encryption. It includes the usbhotplug tool which by
default will run xlock when you remove the USB device and kill it as soon as
the same device is plugged back in.

"Uscito FreeSoftwareMagazine nr.1"
Una nuova rivista digitale dedicata al mondo OpenSource/Free si affaccia sul
mercato internazionale. Ed il primo numero è gratuito.
http://www.ziobudda.net/Admin/redir_news.php?id=20557

PER IL JPEG E' L'INIZIO DELLA FINE
Lo promette Allume che parla di un algoritmo di compressione delle immagini
JPEG capace di ridurne la dimensione di un terzo senza perdita di qualita'.
Tutto bello, ma le prove?
URL: http://punto-informatico.it/pi.asp?i=51113

T-MOBILE MINIMIZZA IL MEGA-CRACKING
Per sette mesi un americano ha avuto accesso ai dati personali di centinaia
di abbonati ai servizi internet del provider. Che cerca di gettare poca
acqua sul grande fuoco
URL: http://punto-informatico.it/pi.asp?i=51119

GOOGLE TAPPA UNO SPIFFERO DI GMAIL
Una vulnerabilita' del noto servizio di webmail poteva consentire ad un
malintenzionato di sbirciare il contenuto di e-mail scritte da altri utenti.
La falla e' gia' stata sistemata
URL: http://punto-informatico.it/pi.asp?i=51109
Also - http://www.vnunet.com/news/1160489

HAPPY NUDE YEAR!, DICE IL WORM
Questo lo spiritoso augurio che accompagna Wurmark-D, nuovo vermicello della
posta elettronica che ha per allegato una curiosa immagine JPEG
URL: http://punto-informatico.it/pi.asp?i=51115
Also - http://www.newsfactor.com/story.xhtml?story_id=29654

Microsoft IE Windows XP SP2: Vulnerabilità nel Download dei File
Rafel Ivgi ha riportato una vulnerabilità in Microsoft Internet Explorer in
Windows XP SP2 che consente ad utenti remoti di oltrepassare il meccanismo
di protazione del download dei file.
http://www.alground.com/news/news.php?page=725

Buffer Overflow in Winamp
Disponibile una nuova versione di Winamp che risolve alcuni problemi di cui
non ne è stato meglio specificato l'impatto.
http://www.alground.com/news/news.php?page=726

A New Tool In The Spam War (Guest Feature)
Arbitration is part of the next wave of security measures, and can be
effective against spammers who illegally harvest email addresses from a
honeypot on your website.
http://www.securityfocus.com/columnists/291

SECURITY DIGEST: JANUARY 12, 2005
Today's security advisories: exim and glibc (Debian GNU/Linux); pdftohtml,
poppassd_pam, o3read, HylaFAX (Gentoo Linux); and nfs-utils (Mandrakelinux).
http://nl.internet.com/ct.html?rtr=on&s=1,1c1i,1,epy0,kz98,85jl,7pty

Vulnerabilities & Exploits
Title: iTunes Bug Leaves Users Vulnerable To Hack
Source: Security Pipeline
Date Written: January 12, 2005
Date Collected: January 13, 2005
Danish security firm Secunia warned January 11, 2005 that Apple's iTunes
software has a highly critical vulnerability. Due to a boundary error in
handling .m3u and .pls playlists, iTunes 4.x can be exploited by malicious
playlists to cause a buffer overflow and compromise computers. Secunia said
users should update the most recent version, 4.7.1, which was posted on
Apple's website later that day.
http://www.securitypipeline.com/57700817

Vulnerabilities & Exploits
Title: Red Hat, SUSE release Linux patches
Source: CNet
Date Written: January 13, 2005
Date Collected: January 13, 2005
Linux vendors Red Hat, Novell, and Mandrakesoft released patches January 12,
2005, addressing vulnerabilities that could allow denial-of-service attacks
or buffer overflows. Five of the updates released were rated highly critical
by security information company Secunia. SuSE's updates resolved flaws that
included a vulnerability that could allow malicious code to cause a local
denial-of-service attack using a specially created Acrobat document, and
another that could allow a malicious attacker to insert erroneous
information into the netfilter data stream. Red Hat updated the libtiff
package to address vulnerabilities involving integer overflows, and Xpdf
packages to address buffer overflows.
http://news.com.com/Red+Hat,+SUSE+release+Linux+patches/2100-7349_3-5535228.html

ALSA driver 1.0.8 (Stable)
http://freshmeat.net/releases/184591/
The Advanced Linux Sound Architecture is composed of several parts. The
first is a fully modularized sound driver which supports module autoloading,
devfs, isapnp autoconfiguration, and gives complete access to analog audio,
digital audio, control, mixer, synthesizer, DSP, MIDI, and timer components
of audio hardware. It also includes a fully-featured kernel-level sequencer,
a full compatibility layer for OSS/Free applications, an object-oriented C
library which covers and enhances the ALSA kernel driver functionality for
applications (client/server, plugins, PCM sharing/multiplexing, PCM
metering, etc.), an interactive configuration program for the driver, and
some simple utilities for basic management.

"Appunti di informatica libera 2005.01.01"
E' disponibile (in vari formati) la nuova versione della monumentale opera
di Daniele Giacomini sul software libero ed in particolare su Linux.
http://www.ziobudda.net/Admin/redir_news.php?id=20577

SECURITY DIGEST: JANUARY 13, 2005
Today's security advisories: krb5, ethereal, and php4 (Conectiva Linux);
exim-tls and gopher (Debian GNU/Linux); Exim (Gentoo Linux); squid
(LBA-Linux); imlib and hylafax (Mandrakelinux); and fcron and kernel
(Trustix Secure Linux).
http://nl.internet.com/ct.html?rtr=on&s=1,1c4i,1,2uta,8w1r,85jl,7pty

TORVALDS CRITICIZES SECURITY APPROACHES
"Linux creator Linus Torvalds had a few things to say this week about the
way potential security issues are disclosed to fellow open sourcers. And it
wasn't all good..."
http://nl.internet.com/ct.html?rtr=on&s=1,1c4i,1,d4t9,7ywl,85jl,7pty

PROGRAMMING TOOLS: CODE COMPLEXITY METRICS
"In this month's column, the author explains how to determine code
complexity with complexity metrics and introduces his own metric,
PyMetric..."
http://nl.internet.com/ct.html?rtr=on&s=1,1c4g,1,g4qs,dba7,85jl,7pty

Technology
Title: Microsoft Turns to External Patch Testers
Source: EWeek.com
Date Written: January 12, 2005
Date Collected: January 14, 2005
Microsoft has announced a Security Update Validation Program to provide
external testers with security patches before their public release. The
program will allow external testers "limited and controlled access" to
patches to test for application compatibility, stability, and reliability.
Stephen Toulouse, program manager for the Microsoft Security Response
Center, says the program will add a new layer to quality assurance for patch
releases and adds that the patch testers will not be given information on
the flaws the patches are meant to address. Microsoft has been looking for
ways to improve the quality of patches after customers complained that
patches often created more problems than they fixed. eEye Digital Security
has criticized Microsoft for failing to patch a number of critical software
flaws quickly, but Microsoft has also faced embarrassment for recalling
faulty patches it released to quickly.
http://www.eweek.com/article2/0,1759,1750841,00.asp

My workstation OS: NetBSD
http://os.newsforge.com/article.pl?sid=05/01/05/1549244&from=rss
I began using free software when I bought some Mandrake 8 CDs from Wal-Mart
in 2000. At that point a severe addiction to Counter-Strike, a Windows-only
game, kept me dual-booting with Windows XP Professional, but that Linux
partition was there to stay. I repartitioned periodically, and the sliver of
Redmond on my 40GB hard drive kept getting smaller and smaller. But though
Linux served me well, I recently moved to a more elegant, if less
user-friendly, operating system -- NetBSD 1.6.2.

OpenOffice.org 1.1.4 (Stable)
http://freshmeat.net/releases/184682/
OpenOffice.org is the Open Source project through which Sun Microsystems is
releasing the technology for the popular StarOffice productivity suite.

g00d reading! 'n' bye
Security News MainTainer:

The Jackal a.k.a. jAcKallO < jackal [at] capitanlug.it >

(AreaSessantuno Member) / (SpiPPolatori Collaborator)
(HackerAlliance Member) / (Security News MainTainer)
(Socio fondatore e Presidente del CapitanLUG.iT)