BLOG, NON SOLO PAROLE IN LIBERTA' MA ANCHE SPYWARE
Scoperto da poco, colpisce inesorabilmente i lettori di alcuni blog diffusi
in rete
http://www.studiocelentano.it/newsflash_dett.asp?id=13178

CONTRAPPUNTI/ BLOG LIBERI!
di Massimo Mantellini - Libero copia i contenuti pubblicati dai blog
italiani e li incolla sulle proprie pagine. Fulgido esempio di civile
convivenza in rete? Se e' cosi' certo non e' il solo
URL: http://punto-informatico.it/pi.asp?i=51714

FIREFOX 1.0 AL SUO PRIMO PIT STOP
Mozilla Foundation ha rilasciato la prima versione aggiornata del browser,
che corregge numerose falle di sicurezza: tra queste un noto problema nella
gestione dei gestione dei domini che utilizzano lo standard IDN
URL: http://punto-informatico.it/pi.asp?i=51710

WINDOWS, PIU' COMPLESSA L'ATTIVAZIONE
La product activation per i sistemi operativi pre-installati su PC dagli OEM
non sara' piu' automatica via Internet. Lo scopo e' colpire pirati e
mercanti scorretti
URL: http://punto-informatico.it/pi.asp?i=51719

Mozilla Firefox
Vendor: Mozilla.org
A vulnerability was reported in Mozilla Firefox in the XPCOM implementation.
A remote user can execute arbitrary code on the target user's system.
Impact: Execution of arbitrary code via network
Alert: http://securitytracker.com/alerts/2005/Feb/1013301.html

Gaim
Vendor: Gaim.sourceforge.net
A vulnerability was reported in Gaim in the file transfer feature. A remote
user can cause the recipient's Gaim client to crash.
Impact: Denial of service via network
Alert: http://securitytracker.com/alerts/2005/Feb/1013300.html

PC-cillin
Vendor: Trend Micro
A vulnerability was reported in TrendMicro PC-cillin in the processing of
ARJ archives. A remote user may be able to execute arbitrary code on the
target system.
Impact: Execution of arbitrary code via network
Alert: http://securitytracker.com/alerts/2005/Feb/1013290.html

Cisco Application and Content Networking System
Vendor: Cisco
Several vulnerabilities were reported in Cisco's Application and Content
Networking System (ACNS) softwarwe. A remote user can cause denial of
service conditions. A remote user can also gain administrative access using
a common default password.
Impact: Denial of service via network
Alert: http://securitytracker.com/alerts/2005/Feb/1013286.html

Windows DLL (Any)
Vendor: Microsoft
A vulnerability was reported in Microsoft Windows 2000 and Windows XP. A
local user can bypass group security policies to access restricted drives.
Impact: Disclosure of system information
Alert: http://securitytracker.com/alerts/2005/Feb/1013284.html

Linux Kernel
Vendor: kernel.org
Some buffer overflow vulnerabilities were reported in the Linux kernel in
the moxa char driver. A local user can execute arbitrary code with root
privileges.
Impact: Execution of arbitrary code via local system
Alert: http://securitytracker.com/alerts/2005/Feb/1013273.html

Mambo Site Server
Vendor: Mamboserver.com
A vulnerability was reported in Mambo in 'Tar.php'. A remote user can
execute arbitrary commands on the target system.
Impact: Execution of arbitrary code via network
Alert: http://securitytracker.com/alerts/2005/Feb/1013250.html

PuTTY
Vendor: Tatham, Simon
iDEFENSE reported some integer overflow vulnerabilities in the PuTTY SFTP
and SCP client. A remote server may be able to execute arbitrary code on
the PuTTY client.
Impact: Execution of arbitrary code via network
Alert: http://securitytracker.com/alerts/2005/Feb/1013246.html

"Annuncio del Secondo Perl Workshop Italiano"
I Perl Mongers italiani e il gruppo Pisa.pm sono lieti di annunciare il
Secondo Perl Workshop Italiano.
http://www.ziobudda.net/Admin/redir_news.php?id=21185

NOMI A DOMINIO: IL CASO GENTE.IT
di V. Frediani (consulentelegaleinformatico.it) - Il dominio registrato per
dar vita ad una comunita' online passa nelle mani della Rusconi: la parola
Gente da oggi vuol dire settimanale illustrato
URL: http://punto-informatico.it/pi.asp?i=51742

SE IL CELLULARE RICONOSCE L'UTENTE
Ne studiera' il volto e capira' se chi lo sta utilizzando e' il suo vero...
padrone. Tecnologia di riconoscimento facciale applicata al telefonino
URL: http://punto-informatico.it/pi.asp?i=51739

CONTRO LA URBANI PETIZIONE ED EMAIL
NewGlobal.it con l'avvio al Senato dell'esame delle modifiche alla legge sul
file sharing lancia una campagna per sensibilizzare e opporsi alla
criminalizzazione degli utenti
URL: http://punto-informatico.it/pi.asp?i=51732

How Multitasking Works at the Hardware Level
For applications to run as efficiently as possible, every programmer who
writes multitasking code - and that means just about everyone - needs to
understand how the underlying hardware manages the process. Discover how the
Pentium 4 does the trick.
http://www.informit.com/articles/article.asp?p=364068

Wireless Spam: Preparing for the Coming Blizzard
Wireless spam? It might not be a problem for you yet, but within a year or
two, it will be! Anne Zieger has some tips on how to meet this threat
head-on before it causes big hassles for your users.
http://www.informit.com/articles/article.asp?p=369830

Microsoft Fires Salvo Against Spyware
Sure, Microsoft has finally acknowledged this problem by coming out with an
anti-spyware product...but is it too little, too late?
http://www.developershed.com/plugin/PIM_200503.pdf#page=6

The Insecure Indexing Vulnerability - Attacks Against Local Search Engines
In this article Amit discusses the risks associated with using a local
search engine that indexes its content locally. This document can be found
at
http://www.webappsec.org/articles/

RUNNING WINDOWS INSIDE OF LINUX
"Despite interest in moving to a full Linux commitment, sometimes you need
to settle for a transitional position and that is where a program like
Win4Lin can help..."
http://nl.internet.com/ct.html?rtr=on&s=1,1f8e,1,kmvw,95wl,85jl,7pty

THE HISTORY AND FUTURE OF SMTP
"SMTP's adaptations to a hostile internet..."
http://nl.internet.com/ct.html?rtr=on&s=1,1f8e,1,1yot,8hx0,85jl,7pty

C++ EXCEPTION-HANDLING TRICKS FOR LINUX
"Handling exceptions in C++ has a few implicit restrictions at the language
level, but you can get around them in some instances. Learn ways to make
exceptions work for you so you can produce more reliable applications..."
http://nl.internet.com/ct.html?rtr=on&s=1,1f8e,1,3mfl,6628,85jl,7pty

STALLMAN CALLS FOR ACTION ON FREE BIOS
"In 1984 the GNU Project set out to make it possible to operate a computer
in freedom--to operate it without any non-free software that would deny the
user's freedom..."
http://nl.internet.com/ct.html?rtr=on&s=1,1f8e,1,7zci,5egg,85jl,7pty

HOW TO BUILD A SIMPLE WIRELESS AUTHENTICATED GATEWAY USING OPENBSD
Without spending a lot of money you to can build an authenticated gateway
solution to verify your WIFI users.
http://www.net-security.org/news.php?id=7193

PGP MOVING TO STRONGER SHA ALGORITHM
PGP Corporation is planning to migrate to a more secure version of the
Secure Hash Algorithm (SHA) in the upcoming releases of its PGP Desktop and
PGP Universal encryption solutions.
http://www.net-security.org/news.php?id=7197

KEEP ONLINE DOCUMENTS SECURE
As companies look for better ways to secure online documents and E-mail,
whether to protect sensitive information or to comply with government
regulations, they're increasingly turning to a growing class of security
software known as enterprise digital-rights management.
http://www.net-security.org/news.php?id=7213

WINDOWS FIREWALL HAS A BACKDOOR?
I was just poking around with the Windows Firewall on my system. When I went
to look at the exceptions, I was confronted with an entry that I couldn't
recognize, rk.exe.
http://www.net-security.org/news.php?id=7229

CYBERCRIME-HACKING
Title: eBay provides a backdoor for phishers
Source: The Register
Date Written: 2005-02-28
Date Collected: 2005-02-28
According to reader reports, phishers are exploiting a redirection script on
eBay's website. Security firm MessageLabs confirmed the vulnerability, and
says it has detected and blocked it for weeks. The flaw can be exploited to
host an eBay look- alike, and make a link pointing to eBay redirect to the
bogus website. The Register notified eBay of the issue on February 23, 2005,
and the company has not responded.
http://www.theregister.co.uk/2005/02/28/ebay_phishing_backdoor/

TECHNOLOGY
Title: 'No Execute' Flag Waves Off Buffer Attacks
Source: Washington Post
Date Written: 2005-02-27
Date Collected: 2005-02-28
Buffer overflows are a common attack method used by hackers and Windows
Service Pack 2 added a new defense. Special code called a no execute (NX)
flag was built in that blocks code from running in the memory areas targeted
by overflow attacks on compatible processors. However, while AMD offers NX
support on all of its Athlon 64 chips, Intel offers the functionality on a
seemingly random selection of chips, including the 520J, 530J, 540J, 550J,
560J, 570J, 630, 640, 650, 660, and Extreme Edition Pentium 4 desktop
processors, and the 730, 740, 750, 753, 758, 760, and 770 Pentium M laptop
processors. Red Hat Enterprise Linux 3 Update 3 and SuSE Linux 9.2 also
include NX. While the combination of an NX inclusive operating system and an
NX enabled processor will block a single buffer overflow, it will cause the
computer to crash while blocking the attack.
http://www.washingtonpost.com/wp-dyn/articles/A55209-2005Feb26.html

VULNERABILITIES & EXPLOITS
Title: Opera brings down curtain on phishing vulnerability
Source: ZDNet Australia
Date Written: 2005-02-28
Date Collected: 2005-02-28
Software developer Opera released February 26, 2005 a second beta version of
its browser, addressing vulnerability that could be exploited to execute
phishing attacks. The flaw stems from the browser's support of the
International Domain Name (IDN) standard, and affects non-Microsoft browsers
including Opera, Safari, and Firefox. The bug can allow attackers to fool
users by spoofing the browser's address bar. Christen Krogh, vice president
of engineering at Opera, said the browser will now display a yellow security
bar with the name of the organization that owns a website's security
certificate when visiting secure websites, and will only display trusted top
level domains (TLDs), meaning those on a regularly updated list of TLDs
registered with the company.
http://www.zdnet.com.au/news/security/0,2000061744,39182702,00.htm

"Progetto Configurazione Italiana del Kernel Linux"
Questo progetto nasce con l'obiettivo di fornire un utile strumento
all'utente che usa già Linux, che vuole/deve compilare un kernel
personalizzato, ma che purtroppo è bloccato dalla lingua inglese usata per
le interfacce di configurazione.
http://www.ziobudda.net/Admin/redir_news.php?id=21216

"Altra falla (stavolta critica) in Firefox"
La nuova release 1.0.1 di Firefox risolve i bug (moderatamente critici)
scoperti un paio di settimane fà. Tuttavia ci sono ancora dei dubbi
sull'efficacia dell'aggiornamento circa una nuova recentissima falla
giudicata, stavolta, come "critica".
http://www.ziobudda.net/Admin/redir_news.php?id=21207

"Le principali novità del nuovo Kernel"
Il nuovo Kernel 2.6.11 pubblicato stamattina, contiene numerosi
aggiornamenti ed il supporto "InfiniBand" su cui Linus Torvalds punta molto.
http://www.ziobudda.net/Admin/redir_news.php?id=21232

"Knoppix 3.8 presentato al CeBIT"
Alcune features della nuova versione:
Knoppix 3.8 has kernel 2.6 as default, KDE 3.3.2, OpenOffice 1.1.4, as well
as... Firefox 1.0 and Thunderbird 1.0
http://www.ziobudda.net/Admin/redir_news.php?id=21223

Yahoo compie dieci anni
Marzo 1995 nasce Yahoo, la lettera dei fondatori
http://www.alground.com/news/news.php?page=963

"DISASTRO" SU AWSTATS
Alcune versioni dello strumento open source di statistica Web hanno problemi
di sicurezza che riguardano tre parametri.
http://www.nwi.it/showPage.php?template=rubriche&id=6649

Hakin9 in edicola
hakin9 è un bimestrale sulla sicurezza informatica, destinato agli esperti
ed appassionati. Tratta le protezioni dei sistemi informatici, sia dal punto
di vista degli intrusi che degli amministratori di rete. La rivista presente
in seidici paesi, da marzo anche in Italia!
http://www.hakin9.org/it

My Ten Favorite C++ Books, Part I
Choosing a handful of favorites, out of the hundreds of books that I've read
and reviewed in the last 10 years, was no easy task, to say the least. To
make this "Top 10" list more personal and interesting, I decided that each
book should tell a story: what impact it had on me, which milestones it
marks, and why I value it more than other similar books.
http://www.informit.com/guides/content.asp?g=cplusplus&seqNum=224

Windows Processes and Threads: Weaving It All Together
A process contains its own independent virtual address space with both code
and data, protected from other processes. Each process, in turn, contains
one or more independently executing threads. A thread running within a
process can create new threads, create new independent processes, and manage
communication and synchronization between the objects. Whew! This chapter
explains the basics of process management and also introduces basic
synchronization operations. If you're at all interested in Windows system
programming, this is the place to start.
http://www.informit.com/articles/article.asp?p=362660

Terminal Server Security
Regardless of the size of your Terminal Server environment, it is imperative
that you take the time to properly assess the security requirements of your
infrastructure. This chapter will help you do just that.
http://www.informit.com/articles/article.asp?p=366893

A .NET Developer's Guide to Windows Security: Understanding Ownership
One of the most important components of ACL-based security in Windows is
unfortunately also one of the most subtle and overlooked: ownership. Learn
about ownership and its importance to security in this sample chapter.
http://www.informit.com/articles/article.asp?p=350386

Apache 2 with SSL/TLS: Step-by-Step, Part 3
This article concludes our three part series dedicated to configuring Apache
2.0 with SSL/TLS support, for maximum security and optimal performance of
SSL based e-commerce transactions.
http://www.securityfocus.com/infocus/1823

Client Side Hacking: Automated Client File Fuzzing
This month, a senior eEye researcher is sharing a local file fuzzing tool he
created several years ago which helped him expose several high profile
buffer overflows. In a casual convention, he discusses the history of the
tool, the vulnerabilities it exposed, and details on the tool itself.
Included with the tool is an operations guide that provides detailed steps
to guide you through the steps that may lead you to another unpublished
vulnerability.
http://www.eeye.com/html/resources/newsletters/vice/VI20050301.asp?sb=kwkckpakpbnmwapcbprc&rd=toolkit

Remote Windows Kernel Exploitation - Step Into the Ring 0
Over eight years have passed and almost every possible method and technique
regarding Windows exploitation has been discussed in depth. Surprisingly, a
topic that has yet to be touched on publicly is the remote exploitation of
Win32 kernel vulnerabilities; a number of kernel vulnerabilities have been
published, yet no exploit code has surfaced in the public arena.
http://www.eeye.com/html/resources/newsletters/vice/VI20050301.asp?sb=kwkckpakpbnmwapcbprc&rd=etc1

ADVISORIES: FEBURARY 28, 2005
Today's security advisories: bsmtpd (Debian GNU/Linux); gaim (Fedora Core);
kernel (Fedora Legacy); cmd5checkpw (Gentoo Linux); emacs, xemacs,
postgresql, mailman, mysql, enscript, unarj, zip, iptables, and imap
(LBA-Linux); and gaim (Ubuntu Linux).
http://nl.internet.com/ct.html?rtr=on&s=1,1fca,1,6x9a,c2t9,85jl,7pty

ADVISORIES: MARCH 1, 2005
Today's security advisories: MediaWiki, Qt, phpBB, Gaim, and phpWebSite
(Gentoo Linux); and curl, cyrus21-imapd, reportbug, and libxml (Ubuntu
Linux).
http://nl.internet.com/ct.html?rtr=on&s=1,1fg0,1,fuen,9bs0,85jl,7pty

OPENVPN LOCKS DOWN THE WLAN
"Wireless security is in a state of flux. WEP is nearly universal, but weak,
and a pain to administer. WPA is stronger, but new enough that most wireless
devices do not have it..."
http://nl.internet.com/ct.html?rtr=on&s=1,1fg0,1,m93o,74km,85jl,7pty

CLI MAGIC: NETCAT
"This week I'm going to tell you about a top-secret tool. It can be real
handy at times, under the right conditions. But I don't want you to use it.
It's too dangerous..."
http://nl.internet.com/ct.html?rtr=on&s=1,1fcc,1,5fsa,a1qe,85jl,7pty

KERNELTRAP: IMPROVING MULTIPROCESSOR CPU SCHEDULING
"Nick Piggin uploaded a series of patches for the 2.6 Linux kernel CPU
scheduler aimed at improving multiprocessor support..."
http://nl.internet.com/ct.html?rtr=on&s=1,1fcc,1,gawg,7h17,85jl,7pty

HOMELAND SECURITY & INFRASTRUCTURE PROTECTION
Title: NIST releases final security guidelines
Source: CNet
Date Written: 2005-02-28
Date Collected: 2005-03-01
The National Institute of Standards and Technology (NIST) released a final
version of security guidelines for federal agencies February 28, 2005. The
guidelines will direct agencies conforming to the Federal Information
Security Management Act (FISA). NIST IT director Shashi Phoha said the
document will help federal agencies select and implement security controls.
The guidelines cover areas including user identification, authentication,
and risk assessment.
http://news.com.com/NIST+releases+final+security+guidelines/2100-7348_3-5593256.html

MALWARE
Title: Bagle variants served up with spam
Source: The Register
Date Written: 2005-03-01
Date Collected: 2005-03-01
Security firm BlackSpider Technologies blocked more than 75,000 e-mails with
a new variant of the Bagle worm March 1, 2005. The variant, which differs
from other Bagle variants by not containing e-mail spreading functionality,
is being spread through spam containing a ZIP attachment which contains a
program that attempts to download malicious code. Sophos announced that the
new malware in circulation is actually four different variants, and advised
firms to block executable files in e-mail.
http://www.theregister.co.uk/2005/03/01/bagle_trojan/

VULNERABILITIES & EXPLOITS
Title: Security Firm Warns Of Mozilla, Firefox Security Hole
Source: Security Pipeline
Date Written: 2005-02-28
Date Collected: 2005-03-01
Security intelligence firm iDefense announced February 28, 2005 that it has
discovered a vulnerability in the Mozilla browser suite as well as Firefox.
The vulnerability can allow attackers to remotely execute arbitrary code by
creating a memory heap overflow. Mozilla said the flaw is severe but
difficult to exploit, as the conditions necessary for its exploitation are
unlikely. Mozilla urges users to update to Mozilla 1.7.6 and Firefox 1.0.1.
http://www.securitypipeline.com/60404115

VULNERABILITIES & EXPLOITS
Title: Windows Media Player Update Fails Spyware Infection Test
Source: EWeek.com
Date Written: 2005-03-01
Date Collected: 2005-03-01
Microsoft confirmed March 1, 2005 that the recent update to its Windows
Media Player (WMP) did not effectively address spyware concerns. Nearly two
months after agreeing to update WMP's digital rights management (DRM)
handling to prevent attackers from configuring .wmp files to spread malware,
users remain at risk. Though the February 15 updates were said to add
integrity checks to the DRM system, Harvard researcher Ben Edelman
discovered that the update did not solve the vulnerability.
http://www.eweek.com/article2/0,1759,1771220,00.asp?kc=EWRSS03129TX1K0000614

VULNERABILITIES & EXPLOITS
Title: An Oscar Surprise: Vulnerable Phones
Source: NY Times
Date Written: 2005-03-02
Date Collected: 2005-03-02
Security firm Flexilis says that it detected between fifty and one hundred
vulnerable cell phones amongst celebrities attending the Academy Awards at
the Kodak Theatre in Los Angeles. The phones Flexilis detected are
vulnerable to the same sort of attack that allowed hackers to steal data
from the account of Paris Hilton from the service provider's central
servers. Flexilis was unable to determine the exact number of vulnerable
phones since it could not determine how many times it detected the same
phone. Despite tightened security during the Academy Awards, Flexilis
researchers went unnoticed while surveilling celebrities and the cell
phones. Flexilis organized the Oscar surveillance in order to draw attention
to the sensitive information celebrities, politicians, and other
high-profile figures carry on vulnerable devices.
http://www.nytimes.com/2005/03/02/movies/oscars/02leak.html

First look: OpenOffice.org version 2.0 beta
http://software.newsforge.com/article.pl?sid=05/02/25/209222&from=rss
OpenOffice.org has always been conservative with version numbers. Enough
minor releases have boasted enough new features that the current release
could easily be 3.0 or 4.0 instead of 1.1.4. Given this record, it's hardly
surprising that version 2.0, for which beta code is set to be unveiled very
shortly, amounts to a major rewrite of the software. Although key
functionality remains largely intact, version 2.0 promises dozens, possibly
hundreds, of changes. Many times during our testing of the pre-beta release,
we felt we could almost have been looking at an entirely new piece of
software.

"Kernel Release Numbering"
Linus propone un nuovo modo di numerare le release del kernel: invece di
usare il secondo numero per identificare le "stabili", propone di usare il
terzo. Ad es. 2.6.13 "development", 2.6.14 "stable".
http://www.ziobudda.net/Admin/redir_news.php?id=21255

"Ultra-slick SAM Mini Live CD 2005-1SE"
SAM Mini Live CD is an ultra-slick Mandrakelinux-based live CD featuring the
XFce desktop, all in just over 200MB. SAM is now based on Kernel 2.6.10.
Package changes include Mozilla Firefox 1.0, Mozilla Thunderbird 1.0,
Mozilla Calendar, Gaim, Beep Media Player, and more. Updates include Xorg,
The Gimp, libXine, and more.
http://www.ziobudda.net/Admin/redir_news.php?id=21253

"HowTo per installazione Ubuntu"
Rivolto ai newbie, a chi ha avuto sempre paura di installare linux sulla
propria macchina e lo vuole fare nella maniera più indolore possibile.
http://www.ziobudda.net/Admin/redir_news.php?id=21246

REALPLAYER SI BUCA CON UN WAV
RealNetworks ha corretto due serie vulnerabilita' di sicurezza contenute in
alcune diffusissime versioni dei propri player per Windows, Mac e Linux
URL: http://punto-informatico.it/pi.asp?i=51780

TROPPE LICENZE OPEN SOURCE?
Il nuovo presidente dellOpen Source Initiative sembra deciso a frenare la
proliferazione delle licenze open source, un problema considerato da piu'
parti sempre piu' serio e urgente
URL: http://punto-informatico.it/pi.asp?i=51783

Where is Google Headed?
As the bad guys start using Google more and more, the company wrestles with
some new security and privacy issues with AutoLink.
http://www.securityfocus.com/columnists/304

ADVISORIES, MARCH 2, 2005
Today's advisory: mod_python (Conectiva Linux).
http://nl.internet.com/ct.html?rtr=on&s=1,1fj6,1,mdhu,jvza,85jl,7pty

OPEN SOURCE: THE BEST THINGS IN LIFE ARE FREE
"Even if you're not a techno-geek, even if you run Windows, there are free
tools out there to help you 'bond' with your computer. You've just gotta
believe..."
http://nl.internet.com/ct.html?rtr=on&s=1,1fj8,1,e1do,5lc3,85jl,7pty

CURRENT PROBLEMS WITH LINUX
"Why do this article? Well, in the interest of being fair. Yes, it is easy
to dismiss Windows users as whiners, and people who can't be bothered to
learn about their machines, but life is not that simple, is it...?"
http://nl.internet.com/ct.html?rtr=on&s=1,1fj8,1,6huo,hwjj,85jl,7pty

FILTERING SPAM WITH POSTFIX
"This article will show you how to configure a Postfix mail-server in order
to reject the wide majority of unwanted incoming 'junk email,' whether they
contain unsolicited commercial email (UCE), viruses, or worms..."
http://nl.internet.com/ct.html?rtr=on&s=1,1fj8,1,il9j,4fof,85jl,7pty

OPTIMIZING GENTOO
"Lately, I have been busy hacking away at the Gentoo forums, looking for
ways to best optimize my system, other than the normal CFlags optimizations
and ones covered in the manual..."
http://nl.internet.com/ct.html?rtr=on&s=1,1fj8,1,7sg0,a6kt,85jl,7pty

TECHNOLOGY
Title: Netscape launches browser beta
Source: CNet
Date Written: 2005-03-03
Date Collected: 2005-03-03
Netscape released March 3, 2005 a beta version of web browser Netscape 8 on
the company's website. The new browser contains a number of anti-fraud
mechanisms to protect users from phishing attacks, which the company hopes
will attract users of Internet Explorer who are concerned about the
browser's security vulnerability. The browser uses a frequently updated
blacklist of websites suspected to be hosting phishing attacks or
distributing spyware, and redirects users with a warning when they access a
banned website. It also disables various technologies such as Active,
scripting, and cookies, if a user decides to continue to such a website.
http://news.com.com/Netscape+launches+browser+beta/2100-1032_3-5598291.html

VULNERABILITIES & EXPLOITS
Title: BitDefender bug bites GFI
Source: The Register
Date Written: 2005-03-02
Date Collected: 2005-03-03
Security firm BitDefender confirmed that a bug in its Engine Module caused
GFI's Mail Security product to delete all incoming and outgoing messages.
Due to a glitch in an update to BitDefender's signature definition files,
GFI's Mail Security product identified all messages as corrupt .ZIP files.
The problem was resolved in approximately 90 minutes, and a BitDefender
spokesman said it only affected its integration with GFI. GFI issued an
apology, as some uses lost hundreds of messages.
http://www.theregister.co.uk/2005/03/02/gfi_beserker/

"I virus di Febbraio"
Stilata da Sophos la lista dei virus pi pericolosi del mese appena
trascorso.
http://www.ziobudda.net/Admin/redir_news.php?id=21269

ADVISORIES: MARCH 3, 2005
Today's security advisories: clamav (Conectiva); HelixPlayer (Fedora Core);
xli, xloadimage, BidWatcher, and phpMyAdmin (Gentoo Linux); and imagemagick
(Ubuntu Linux).
http://nl.internet.com/ct.html?rtr=on&s=1,1fnw,1,7oz9,5bwc,85jl,7pty

KERNELTRAP: NEW FEATURES FOR 2.6.12
"Andrew then referred to several other patches currently in his -mm
patchset, discussing their likelihood of being merged into the mainline
kernel..."
http://nl.internet.com/ct.html?rtr=on&s=1,1fny,1,ls3h,4rk4,85jl,7pty

KERNELTRAP: KERNEL RELEASE NUMBER, PART II
"In the continued discussion on release numbering for the Linux kernel,
Linux creator Linus Torvalds decided against trying to add meaning to the
odd/even least significant number..."
http://nl.internet.com/ct.html?rtr=on&s=1,1fny,1,2ewp,k48l,85jl,7pty

TECHNOLOGY
Title: Tracking PCs anywhere on the Net
Source: C-Net News
Date Written: 2005-03-04
Date Collected: 2005-03-04
Tadayoshi Kohno, a doctoral student at the University of California, says he
has found a way to fingerprint physical devices over network connections.
Such technology would enable tracking a device even when it connects from
different places, counting devices behind a network address translator
(NAT), and determining whether a block of addresses corresponds to a set of
virtual hosts on the same machine. The fingerprinting technique involves
using the information in TCP (transmission control protocol) headers to
estimate a device's "clock skew" resulting from microscopic deviations in
hardware. The technique works even when a device is thousands of miles away,
has multiple hops between itself and the measuring device, and independent
of access technologies. The technique does not require any cooperation from
the target device. Mr. Kohno will present his research at the Institute of
Electrical and Electronics Engineers Symposium on Security and Privacy in
California in May 2005.
http://news.com.com/Tracking+PCs+anywhere+on+the+Net/2100-1029_3-5600055.html

VULNERABILITIES & EXPLOITS
Title: No Patches Next Week, Promises Microsoft
Source: Information Week
Date Written: 2005-03-03
Date Collected: 2005-03-04
Microsoft has announced that it has no patches for its next monthly release,
scheduled for March 8, 2005. The Microsoft Security Bulletin Advance
Notification website announces upcoming patches on the Thursday before the
second Tuesday of each month, but had nothing to report for March. The last
time Microsoft skipped a patch release was December 2003.
http://www.informationweek.com/story/showArticle.jhtml?articleID=60405150

g00d reading! 'n' bye
Security News MainTainer:

The Jackal a.k.a. jAcKallO < jackal [at] capitanlug.it >

(AreaSessantuno Member) / (SpiPPolatori Collaborator)
(HackerAlliance Member) / (Security News MainTainer)
(Socio fondatore e Presidente del CapitanLUG.iT)