GnomixLand :: Manuali, immagini, fotografie e tanto altro a portata di un click

*** <Spot> ***
Aperto il DefCon Italian User Group, www.dc3946.org , il gruppo ufficiale italiano della associazione underground più famosa al mondo, www.defcon.org. Potete aiutare a ampliare gli orizzonti del gruppo italiano iscrivendovi al sito e inserendo le vostre news e i vostri download. Esiste il canale #defcon su AzzurraNET accessibile anche mediante il sito.
Vi aspettiamo numerosi [Gnomix] e dio.
*** </Spot> ***

"Convertire un kernel Redhat enterprise ad un Kernel Debian."
Guida su come convertire (debianizzare) un Kernel RHEL/Fedora ad un Kernel Debian 100% compatibile e compilabile alla Debian way.
http://www.ziobudda.net/Admin/redir_news.php?id=24674

"Progetto WikiDweb"
Segnalo un progetto di buon spessore che riguarda la catalogazione del World Wide Web eseguita da esseri umani. In pratica si tratta di una directory che cataloga siti internet mediante lo strumento wiki. Viene usata l'intelligenza collettiva come in Wikipedia per riempire, catalogare e classificare i siti di maggiore spessore del Web.
http://www.ziobudda.net/Admin/redir_news.php?id=24672

"Un browser in 10 minuti con glade"
Un breve video in flash (ma grossetto, 11 mb) che mostra come sia semplice realizzare un web browser con glade, ruby e Gtk::MozEmbed. Peccato che vnc2swf faccia sembrare l'interfaccia scattosa e piena di flicker.
http://www.ziobudda.net/Admin/redir_news.php?id=24677

DOMINI .EU DISPONIBILI PER TUTTI DA APRILE 2006 Da dicembre, invece, potranno iniziare a richiederli i titolari di marchi registrati e altri detentori di diritti, con due diverse scaglionature di registrazione. Si prevede la ressa. Ecco come funziona
URL: http://punto-informatico.it/pi.asp?i=55759

ALLARME SU UN NEGOZIO ITALIANO ONLINE
In rete e nelle lettere che giungono in redazione traspaiono le preoccupazioni di chi ha ordinato dispositivi hi-tech venduti con forti sconti e, dopo aver pagato, ha visto praticamente sparire il negozio
URL: http://punto-informatico.it/pi.asp?i=55752

GRATIS UN PLAYER DI MACCHINE VIRTUALI
Semplificare al massimo l'uso e la condivisione delle macchine virtuali. È quanto spera di ottenere VMware con il suo nuovo player gratuito, capace di aprire le immagini create con i suoi software e MS Virtual PC
URL: http://punto-informatico.it/pi.asp?i=55771

UN BREVETTO FERMERA' XML?
Le implementazioni di una delle tecnologie di rete piu' diffuse ed apprezzate violerebbero un brevetto registrato negli Stati Uniti. Microsoft minimizza: non ci saranno ripercussioni
URL: http://punto-informatico.it/pi.asp?i=55776

MICROSOFT MODIFICA SUBITO UNA LICENZA MAL SCRITTA Il big di Redmond convocato dal Dipartimento di Giustizia statunitense corregge un contratto di licenza per Windows Media Player: obbligava i produttori di player MP3 a subire il monopolio software
URL: http://punto-informatico.it/pi.asp?i=55769

** ZIO BILL ABBRACCIA L'OPEN SOURCE **
Due nuove licenze Microsoft piacciono non solo ai custodi dei sorgenti aperti, ma anche a quelli del Free Software.
>> di Michele Bottari
http://www.zeusnews.it/news.php?cod=4391

Remastering a Custom Knoppix Distribution, Part 1 Ever wanted your own bootable CD? Something personalized for your users and complete with all of your own Linux-based software and configuration? You may have heard of Knoppix, a free Linux bootable CD, but in this article, Matt Lesko will show you how to modify Knoppix to include exactly the software you want and need. From rescue discs to demo software, a custom copy of Knoppix could be exactly what you are looking for.
http://www.informit.com/articles/article.asp?p=417095&rl=1

Living the "Least Privilege" Lifestyle, Part 4: Is Developing Secure Software as an Administrator an Impossible Dream?
Now that Don Kiely has convinced us of the need to run as mere users whenever possible, he focuses on how software developers can (and should) live the least privilege lifestyle to ensure that applications they write are secure.
http://www.informit.com/articles/article.asp?p=418859

IPSec Authentication and Authorization Models This chapter covers IPSec features and mechanisms that are primarily targeted at the authentication of remote access users. You'll learn about XAUTH, which provides extended authentication for IPSec telecommuters by using authentication schemes such as RADIUS. MODECFG uses a push model to push attributes to the IPSec client.
http://www.informit.com/articles/article.asp?p=421514

Squid
Vendor: Squid-cache.org
A vulnerability was reported in Squid. A remote user can cause Squid to crash.
Impact: Denial of service via network
Alert: http://securitytracker.com/alerts/2005/Oct/1015085.html

Norton Anti-Virus
Vendor: Symantec
A vulnerability was reported in Norton Anti-Virus for Macintosh. A local user can gain elevated privileges.
Impact: Execution of arbitrary code via local system
Alert: http://securitytracker.com/alerts/2005/Oct/1015084.html

LiveUpdate
Vendor: Symantec
A vulnerability was reported in Symantec LiveUpdate. A local user can gain elevated privileges on the target system.
Impact: Execution of arbitrary code via local system
Alert: http://securitytracker.com/alerts/2005/Oct/1015083.html

Ethereal
Vendor: Ethereal.com
Several vulnerabilities were reported in Ethereal. A remote user can execute arbitrary code on the target system or cause denial of service conditions on the target system.
Impact: Denial of service via network
Alert: http://securitytracker.com/alerts/2005/Oct/1015082.html

PHP-Nuke
Vendor: Phpnuke.org
sp3x reported a vulnerability in PHP-Nuke. A remote user can view files on the target system.
Impact: Disclosure of system information
Alert: http://securitytracker.com/alerts/2005/Oct/1015080.html

Snort
Vendor: snort.org
A vulnerability was reported in Snort. A remote user can execute arbitrary code on the target system.
Impact: Execution of arbitrary code via network
Alert: http://securitytracker.com/alerts/2005/Oct/1015070.html

Opera
Vendor: Opera Software
A vulnerability was reported in Opera. A remote user can cause a target user's browser to crash.
Impact: Denial of service via network
Alert: http://securitytracker.com/alerts/2005/Oct/1015067.html

Lynx
Vendor: [Multiple Authors/Vendors]
A vulnerability was reported in Lynx. A remote user can cause arbitrary code to be executed on the target user's system.
Impact: Execution of arbitrary code via network
Alert: http://securitytracker.com/alerts/2005/Oct/1015065.html

"[OT] Recnsione di Monad Shell"
Su Arstechnica hanno recensito la Monad shell di Microsoft. Secondo l'autore è uno strumento molto buono, anche se le pecche non mancano. Il confronto con la bash shell è d'obbligo.
http://www.ziobudda.net/Admin/redir_news.php?id=24699

"Diritto d'autore e movimento anti-copyright"
Autore: Avv. Francesca Zambonin - Pubblicata: QN-Economia (il Giorno, La Nazione, Il Resto del Carlino)
http://www.ziobudda.net/Admin/redir_news.php?id=24695

"Minix 3.0 non è più solo un “teaching tool”"
. o almeno questo afferma il suo creatore Andy Tanenbaum alla release della nuova versione.
http://www.ziobudda.net/Admin/redir_news.php?id=24691

"UN FRENO SULLE RETI PER SKYPE?"
Per contrastare la minaccia delle telefonate gratuite o a bassissimo costo in rete con il VoIP, operatori come Verizon e Vodafone starebbero puntando ad utilizzare dei software per limitare l’uso sulla rete di programmi come Skype.
http://www.ziobudda.net/Admin/redir_news.php?id=24690

L'ITALTASSA SUI CD ANCORA SOTTO ACCUSA
La direttiva europea prevede che alla diffusione del DRM segua la progressiva riduzione della tassa sui supporti che, invece, aumenta di continuo. Nella stessa situazione decine di paesi europei
URL: http://punto-informatico.it/pi.asp?i=55780

MYSQL 5, ROTTA VERSO L'ENTERPRISE
Debutta la nuova major release del famoso database open source e porta con se' novita' molto attese dalla comunita' dei suoi utenti. Novita' che l'avvicinano ulteriormente alle funzionalita' dei prodotti proprietari
URL: http://punto-informatico.it/pi.asp?i=55806

PWRFICIENT, UNA CPU CHE PROMETTE BATTAGLIA Sul mercato dei processori a basso consumo debuttera' a breve un chip multi-core a 64 bit che potrebbe dare del filo da torcere ai piu' blasonati rivali. Ecco perche'
URL: http://punto-informatico.it/pi.asp?i=55788

WINDOWS, UN EXPLOIT E UN FALSO ALLARME
Nel weekend e' stato pubblicato il codice dei primi exploit in grado di sfruttare un'insidiosa falla di Windows. Gli esperti temono ora l'arrivo di un worm basato su quel codice, e la tensione gioca brutti scherzi
URL: http://punto-informatico.it/pi.asp?i=55794

LA SVOLTA ITALIANA DEL SOFTWARE PUBBLICO di G. Mondi - Il DIT vara il Riuso del software da e per le amministrazioni pubbliche: scendera' la spesa in servizi software ma scendera' anche il peso della PA sull'Erario. Sempre che tutti facciano il proprio dovere
URL: http://punto-informatico.it/pi.asp?i=55784

** FLOCK, UN BROWSER LIBERO **
Un piccolo gruppo di sviluppatori californiani ha creato un browser free che si rivolge soprattutto al mondo dei blogger.
>> di Pier Luigi Tolardo
http://www.zeusnews.it/news.php?cod=4396

** SYSTEM VOLUME INFORMATION **
Tutto quello che avreste sempre voluto sapere su questa cartella di sistema, cosa contiene e chi può accedervi.
http://forum.zeusnews.com/viewtopic.php?t=12150

NTFS Reader 1.0.2
Un interessante programma, che permette l'accesso a partizioni NTFS da DOS; supporta i nomi lunghi dei file, file compressi e file framentati; oltre a permettere la lettura dei file, ne permette la copia in partizioni FAT o in network drives.
http://www.wintricks.it/news2/article.php?ID=10234

Wepcrack-perl 0.1.0
WEPCrack is an open source tool for breaking 802.11 WEP secret keys. This tool is is an implementation of the attack described by Fluhrer, Mantin, and Shamir in the paper "Weaknesses in the Key Scheduling Algorithm of RC4" While Airsnort has captured the media attention, WEPCrack was the first publically available code that demonstrated the above attack.
http://www.astalavista.com/index.php?section=directory&linkid=5345

Yersinia 0.5.6
Yersinia is a network tool designed to take advantage of some weakeness in different layer 2 protocols. It pretends to be a solid framework for analyzing and testing the deployed networks and systems. Currently, the following network protocols are implemented: Spanning Tree Protocol (STP), Cisco Discovery Protocol (CDP), Dynamic Trunking Protocol (DTP), Dynamic Host Configuration Protocol (DHCP), Hot Standby Router Protocol (HSRP), IEEE 802.1q, Inter-Switch Link Protocol (ISL), VLAN Trunking Protocol (VTP).
http://www.astalavista.com/index.php?section=directory&linkid=5346

pmacct - passive network monitoring tools pmacct is a small set of passive network monitoring tools to measure, account and aggregate IPv4 and IPv6 traffic; aggregation revolves around the key concept of primitives (VLAN id, source and destination MAC addresses, hosts, networks, AS numbers, ports, IP protocol and ToS/DSCP field are supported) which may be arbitrarily combined to build custom aggregation methods; support for historical data breakdown, triggers and packet tagging, filtering and sampling. Aggregates can be stored into memory tables, SQL databases (MySQL or PostgreSQL) or simply printed to stdout. Data is collected from the network either using libpcap (and optionally promiscuous mode) or reading NetFlow v1/v5/v7/v8/v9 and sFlow v2/v4/v5 datagrams, both unicast and multicast.
http://www.astalavista.com/index.php?section=directory&linkid=5348

Skype Security Evaluation
I have been a Skype user since August 2004. My 35-year long career as cryptographer and computer security expert has taught me to be professionally skeptical about the security of almost everything, especially of a system which is as adept as Skype at getting through typical network defenses. So I re-formatted the hard disk on a spare computer and dedicated the box to the Skype application. Over the next few months I monitored the list of processes running on the machine, looking for anything suspicious. I also ran a number of experiments during which I captured and analyzed the packets flowing into and out of the box. I was looking for malicious activity and trying to figure out how Skype works. Perhaps you have run similar experiments yourself.
http://www.astalavista.com/index.php?section=directory&linkid=5359

Qcrack
Qcrack is a program written to test the security of md5 passwords by attempting to brute force them. The user can also specify the characters to use when brute-forcing.
http://www.astalavista.com/index.php?section=directory&linkid=5364

How-To: Hack NetStumbler 0.4.0 to Enable Wireless Zero Configuration The tutorial below explains to the user how to modify a copy of their installed NetStumbler executable and not the NetStumbler executable itself. Someone may easily create an excutable that modifies this minute piece of data on the fly, but that is not the intention of this tutorial. This tutorial is for parties that are working on projects that may require more functionality than the product allows.
http://www.chroniclesofawardriver.org/How-To_Hack_NSv4.4.0_Enable_WZC.html

Upcoming HTTPS Improvements in Internet Explorer 7 Beta 2 In the past, we’ve called upon website operators to ensure they are using HTTPS securely. This time, I’d like to tell you about the changes IE7 has made to improve the security and user experience for HTTPS connections.
http://blogs.msdn.com/ie/archive/2005/10/22/483795.aspx

Anonymity made easy
Criminals pursuing identity theft, phishing scams, and spam rings are running rampant on the Internet. Just a few years ago our major concerns were more to do with securing servers and avoiding virus outbreaks. Now anonymity and protecting one's information has become paramount.
http://www.securityfocus.com/columnists/356

List of Printers Which Do or Don't Print Tracking Dots This is a list in progress of color laser printer models that do or do not print yellow tracking dots on their output. Remember that a "no" simply means that we couldn't see yellow dots; it does not prove that there is no forensic watermarking present. (For example, the HP Color LaserJET 8500 series does not include any yellow tracking dots that we can see, but it may still include some kind of forensic marking, since the majority of earlier CLJ models did.) http://www.eff.org/Privacy/printers/list.php

Exploit for Snort’s Back Orifice pre-processor Hi folks, I decided to release exploit for Snort’s Back Orifice pre-processor remotely vulnerability found by ISS recently. Have fun and send me feedback. More at http://www.thc.org/exploits.php

KWord Trouble
Welcome to Security Alerts, an overview of recent Unix and open source security advisories. In this column, we look at problems in KWord, SPE under Gentoo, wget, Brightstore, eTrust, Unicenter, OpenSSL, XMail, uw-imap, weex, tcpdump, graphviz, up-imapproxy, xloadimage and xli, and Ruby.
http://www.linuxdevcenter.com/pub/a/linux/2005/10/20/security-alerts.html

Assessing Web App Security with Mozilla
Web application assessment is a challenging task for security analysts. Several products and tools are available, each claiming to perform automated analysis on entire applications. Their capabilities include obtaining data, corroborating it, and printing aesthetically appealing reports--all without user intervention.
http://www.onlamp.com/pub/a/security/2005/10/20/web_vulnerabilities.html

Installing Debian
Debian GNU/Linux is a powerful and popular community-developed Linux distribution--and the basis for several other useful and usable distributions. With the recent release of Debian Sarge, it's better than ever. Edd Dumbill, Debian developer and GNU/Linux advocate, walks through a typical installation.
http://www.linuxdevcenter.com/pub/a/linux/2005/09/29/installing_debian.html

OpenBSD 3.8: Hackers of the Lost RAID
It's release time again for OpenBSD! The upcoming 3.8 will include some wonderful features for network gurus (trunking, tracking wireless roaming users, interface groups, a new ipsec configuration tool, and failover of ipsec links), a great rework of malloc() that will provide further security protections by default, and the first version of bioctl--a universal RAID management interface.
http://www.onlamp.com/pub/a/bsd/2005/10/20/openbsd_3_8.html

The click-wrap conundrum
With the rise of spyware, the fact that you didn't understand what you were doing by downloading and installing the software doesn't mean you weren't bound by the End User License Agreement (EULA). However, the FTC argues otherwise.
http://www.securityfocus.com/columnists/365

Understanding the DNS Protocol (Part 1)
Author: Don Parker
Summary: Can you imagine a world where you would have to memorize each and every IP address for the sites that you liked? The Internet certainly would not be as popular as it is today were this the case. Not to mention our beloved email, and the crucial role that DNS plays with its delivery. Read on, to learn more about one of the most unheralded protocols in existence today.
Link: http://www.WindowsNetworking.com/articles_tutorials/Understanding-DNS-Protocol-Part1.html

Shells for Sale! (Part 1)
Author: Don Parker
Summary: What would happen if a semi-skilled hacker decided to harvest some computers, and then in turn sell access to them? It is an intriguing concept that we will explore over the next few articles. As always, there will be a premium placed on technical detail, which will allow you to recreate what I have done.
Link: http://www.WindowSecurity.com/articles/Shells-Sale-Part1.html

CISCO'S CSO TALKS IOS EXPLOITS, OPEN SOURCE "A recent spate of vulnerabilities discovered in Cisco's pervasive Internetwork Operating System (IOS) and the availability of its source code have not detracted from the company's mission..."
http://nl.internet.com/ct.html?rtr=on&s=1,1zb3,1,h6if,4m57,85jl,7pty

WHY OPENOFFICE.ORG 2.0 IS YOUR BEST CHOICE "It's free and it works. Next question...?"
http://nl.internet.com/ct.html?rtr=on&s=1,1zb5,1,dr67,9dsc,85jl,7pty

GET LINUX DRIVERS FOR WIRELESS NETWORK CARDS "The www.linux-wlan.org site provides driver software and Linux compatibility information for a number of USB and PC Card wireless network devices..."
http://nl.internet.com/ct.html?rtr=on&s=1,1zb5,1,hg6q,3rxu,85jl,7pty

THE APACHE PORTABLE RUNTIME
"...[N]o matter how much you try to stick to a well-defined application programming interface (API), the program just doesn’t work the same on every platform..."
http://nl.internet.com/ct.html?rtr=on&s=1,1zb5,1,9egk,hxhy,85jl,7pty

MALWARE
Title: Exploit unleashed for Windows plug-and-play flaw
Source: Silicon.com
Date Written: 2005-10-24
Date Collected: 2005-10-24
An exploit has appeared for a plug-and-play flaw addressed in Microsoft's monthly patch release for October 2005. Symantec says the flaw could be used to crash a computer but would not be useful for writing a worm. The plug-and-play flaw is found in the same component affected by a similar flaw patched in August and exploited by the Zotob worm. Microsoft says it is "actively monitoring the situation" and has received no reports of an attack.
http://software.silicon.com/malware/0,3800003100,39153583,00.htm

MALWARE
Title: Virus writers craft PnP botnet client
Source: The Register
Date Written: 2005-10-24
Date Collected: 2005-10-24
Virus writers have released Mocbot, botware targeting the same flaw exploited by the Zotob worm. F-Secure reports that the botware attempts to connect to two IRC servers in Russia, but both servers seem to be down. Experts originally thought Mocbot used a flaw patched by Microsoft only within the last month, but a closer look at the code found that this was not the case.
http://www.theregister.co.uk/2005/10/24/pnp_botnet_encore/

TECHNOLOGY
Title: Caller ID for Your E-Mail
Source: NewsFactor
Date Written: 2005-10-24
Date Collected: 2005-10-24
E-mail authentication is coming, with the promise to do for e-mail what caller ID has done for the telephone: let consumers know who is contacting them and give them the option to decline to open untrustworthy messages. Expected within 18 months, e-mail authentication is a two-part system of verification with ISPs or e-mail gateway services, both at the sending and receiving ends. Information about the sender’s location and reputation is included in the header of a message. Businesses and individuals will have to become aware of their reputation scores if they wish to avoid being flagged as disreputable. There are two competing protocols, which has slowed down adoption: Domain Keys, created by Yahoo, and Sender ID Framework, developed by Microsoft. Experts agree that Domain Keys are more rigorous because the process involves encryption.
http://www.newsfactor.com/story.xhtml?story_id=38096

VULNERABILITIES & EXPLOITS
Title: More Microsoft patch problems
Source: Techworld
Date Written: 2005-10-24
Date Collected: 2005-10-24
Microsoft’s most recent security patches, issued October 11, 2005 as a part of the scheduled security update, have flaws themselves. A patch for Windows 2000 users rated “critical”, for Microsoft's DirectShow streaming media software, may not actually fix the software, leaving users vulnerable. The potential problem arises when Microsoft DirectX 8.0 or 9.0 users accidentally install the patch written for DirectX 7.0. Automatically installed updates, or those correctly conducted manually, will not have problems.
http://www.techworld.com/security/news/index.cfm?RSS&NewsID=4633

VULNERABILITIES & EXPLOITS
Title: Oracle patches fail to cover security risk
Source: Techworld
Date Written: 2005-10-24
Date Collected: 2005-10-24
Mark Litchfield of Next Generation Security Software (NGSS), the reporter of several of the flaws addressed in Oracle’s most recent security patch, said that the patch does not completely fix all the problems. The vulnerabilities have not been described in detail and this policy “seems to work as a useful fail safe mechanism," Litchfield said, as hackers are becoming adept at identifying security flaws by analyzing patches.
http://www.techworld.com/security/news/index.cfm?RSS&NewsID=4644

VULNERABILITIES & EXPLOITS
Title: Yahoo! plugs webmail flaw
Source: Silicon.com
Date Written: 2005-10-25
Date Collected: 2005-10-24
Yahoo has repaired a cross-site scripting flaw in its free web e-mail service that would have allowed an attacker to access user accounts, launch phishing scams, and upload malware to victims’ computers. The flaw resulted from a formatting error that prevented Yahoo from detecting script tags when combined with certain characters.
http://software.silicon.com/security/0,39024655,39153584,00.htm

VULNERABILITIES & EXPLOITS
Title: Most DNS servers 'wide open' to attack
Source: The Register
Date Written: 2005-10-24
Date Collected: 2005-10-24
A survey of 1.3 million DNS (domain name system) servers by the Measurement Factory, commissioned by Infoblox, finds that 84% of DNS servers are vulnerable to pharming attacks. A pharming attack changes internet addresses in DNS servers to direct users to fake websites, even if the user types in the correct address for a site. 40% of DNS servers allow zone transfers, or the copying of DNS data from one server to another, even for requests from unauthenticated parties. Infoblox offers some suggestion for protecting an organization against DNS attacks.
http://www.theregister.co.uk/2005/10/24/dns_security_survey/

The Story of Snort: Past, Present and Future http://newsvac.newsforge.com/article.pl?sid=05/10/24/180235&from=rss
LogError writes "Martin Roesch, the creator of Snort, the de facto standard for intrusion detection/prevention, presents the story of Snort that covers seven years of development that made this tool one of the most important security software titles ever developed. In this audio session you'll get all the details on how Snort was initially conceived as well as how it is expected to develop further now after Check Point acquired Sourcefire. Among other things Martin talks about all the major Snort releases, the founding of Sourcefire, the enhancements added to the last versions of Snort, new technology that presents a self-tuning engine, and much more."

"Grillo: Appello a Grillo per supportare Linux e LinuxDay"
Grazie a Beppe Grillo che nel suo Blog invita a usare Linux e parla dell'open source. Appello per supportare anche il LinuxDay (firma anche tu la petizione).
http://www.ziobudda.net/Admin/redir_news.php?id=24717

"La prima beta di Wine e' pronta!"
Dopo 12 anni di sviluppo, finalmente Wine, l'implementazione delle API di windows in unix, arriva alla versione 0.9. Si potra' infine far girare tutti quei bei giochini win-only anche su linux?
http://www.ziobudda.net/Admin/redir_news.php?id=24716

"Grillo, Zio Bill e Open Source"
Beppe Grillo parla nel suo blog del'intervista fatta a Zio Bill sulla situazione Italiana. Poi consiglia di usare Linux.
http://www.ziobudda.net/Admin/redir_news.php?id=24713

"vmplayer hackato"
E' stato trovato un metodo per creare immagini di nuovi sistemi operativi usando solo vmplayer e senza passare dal fratello maggiore vmware!
http://www.ziobudda.net/Admin/redir_news.php?id=24703

IBM SVELA IL CHIP DI XBOX 360
Big Blue ha svelato ulteriori dettagli tecnici sul processore che equipaggera' l'ormai imminente Xbox 360, un chip basato sull'architettura PowerPC ma realizzato in base alle richieste di Microsoft
URL: http://punto-informatico.it/pi.asp?i=55841

INTERCETTAZIONI, CRITICHE AL SOGNO DELL'FBI Si infiamma la protesta delle associazioni per i diritti civili dopo l'approvazione di norme che abilitano l'FBI al monitoraggio di ISP, reti universitarie e telefonia internet
URL: http://punto-informatico.it/pi.asp?i=55829

BCWipe v.3
When you delete sensitive files from a disk on your computer, Windows does not erase the contents of these files from the disk - it only deletes 'references' to these files from filesystem tables. The contents of all deleted files remain on the disk and can easily be restored using any recovery utility. Wiping is a term used to describe the process of shredding the contents of a file or disk space. It is impossible to restore any data that has been properly wiped. BCWipe software enables you to confidently erase files that can never be recovered by an intruder. BCWipe embeds itself within Windows and can be activated from the Explorer FILE Menu OR from the context sensitive (right click) menu OR from a command-line prompt. BCWipe v.3 is a powerful set of utilities which complies with options to invoke either the US DoD 5200.28-STD standard or the Peter Gutmann wiping scheme. You can also create and use your own customized wiping scheme to wipe sensitive information from stora ge devices installed on your computer.
http://www.astalavista.com/index.php?section=directory&linkid=5375

Collaborative endpoint security, part one Part one of this article introduces endpoint security solution technologies and proposes a collaborative approach to solving technical challenges that are commonly faced by the community.
http://www.securityfocus.com/infocus/1849

ADVISORIES: OCTOBER 24, 2005
Today's security advisories: permissions (SUSE Linux); and apache, lynx, mod_php4, openssl, php4, php, squid, texinfo, and wget (Trustix Secure Linux).
http://nl.internet.com/ct.html?rtr=on&s=1,1zgd,1,bz3u,aeen,85jl,7pty

CLI MAGIC: LSOF
"I noted then that the utility was based on the lsof command--actually, based on just one of the hundreds of combinations of arguments used to tell lsof exactly what it is you want from it..."
http://nl.internet.com/ct.html?rtr=on&s=1,1zgd,1,jduf,bx64,85jl,7pty

KLIK: TRUE CLICK-AND-RUN SOFTWARE
"But now there’s something available that’s even easier and more painless: klik..."
http://nl.internet.com/ct.html?rtr=on&s=1,1zgb,1,6k8g,4bse,85jl,7pty

FREEDOS ALLEGES DR-DOS GNU GPL VIOLATION "This means that the so-called 'DR-DOS 8.1' is just a bunch of old tools plus a compilation of others' works, obviously sold without permission and in violation of their license terms..."
http://nl.internet.com/ct.html?rtr=on&s=1,1zgb,1,hewk,b6el,85jl,7pty

TECHNOLOGY
Title: MS adopts stronger encryption for IE7
Source: The Register
Date Written: 2005-10-25
Date Collected: 2005-10-25
Microsoft plans to include a stronger cryptography protocol in the next version Internet Explorer 7. Implementing Microsoft's "secure by default" philosophy, IE7 will use the SSLv2 (Secure Socket Layer) protocol instead of the TLSv1 (Transport Layer Security) protocol in default HTTPS protocol settings. Users of IE6 and web site providers that require earlier standards can generally update to the higher security levels with simple configuration changes. When they visit potentially insecure sites, users will receive a warning, which they can choose to ignore as long as certificates are revoked. The new Windows Vista platform will offer several additional security improvements beyond IE7, including support from AES (Advanced Encryption Standard), an algorithm supporting 256 bit encryption which was recently adopted as a U.S. government standard.
http://www.theregister.co.uk/2005/10/25/ie7_crypto_boost/

Nessus fork emerges
http://software.newsforge.com/article.pl?sid=05/10/24/1821209&from=rss
With news settling in that the makers of the network vulnerability scanner Nessus will not open source the next version of the software, the team behind the soon-to-be-renamed GNessUs project is growing fast and attracting attention.

"VMware lancia un Player gratuito"
Il nuovo prodotto consente a chiunque di usare, condividere e valutare facilmente software su una macchina virtuale su PC in ambiente Windows o Linux.
http://www.ziobudda.net/Admin/redir_news.php?id=24732

"Brain Fingerprinting: verso il controllo totale"
I deliri di onnipotenza dei fautori del controllo sembrano ormai non avere più limite e, grazie al solerte supporto, eticamente acritico, di una certa parte della cominità scientifica, si stanno concretizzando panorami a dir poco inquietanti.
http://www.ziobudda.net/Admin/redir_news.php?id=24730

"Falle gravi in Skype da aggiornare subito"
Secunia segnala falle multiple in Skype per Windows, Linux, Mac e Pocket PC e consiglia vivamente di scaricare le versioni aggiornate che le correggono, se disponibili. Le falle consentono a un aggressore di bloccare il servizio o di penetrare nel computer della vittima.
http://www.ziobudda.net/Admin/redir_news.php?id=24729
Also - http://punto-informatico.it/pi.asp?i=55853

INTERCETTAZIONI, SMASCHERATI ABUSI DELL'FBI Il rilascio obbligatorio della documentazione rivela come la polizia federale americana abbia piu' volte abusato delle tecnologie di intercettazione, arrivando a sorvegliare individui per anni senza avallo superiore
URL: http://punto-informatico.it/pi.asp?i=55846

L'OPEN SOURCE UNISCE I BIG DELLO STORAGE Nove giganti del settore hi-tech, tra cui IBM e Cisco, si sono alleati con l'obiettivo di creare una piattaforma open source e libera da royalty per la gestione dei sistemi di archiviazione aziendale
URL: http://punto-informatico.it/pi.asp?i=55857

MS OFFICE ABBRACCI I FORMATI APERTI
A chiederlo e' una petizione che trova sempre piu' consensi in rete: l'intento e' spingere il gigante di Redmond ad inserire tra i formati supportati dai suoi software anche Open Document
URL: http://punto-informatico.it/pi.asp?i=55860

DR-DOS CANCELLA UN SOFTWARE, PROBLEMI DI GPL?
Di recente il progetto open source FreeDOS aveva denunciato il fatto che la versione 8.1 dello storico sistema operativo DR-DOS contenesse componenti protetti dalla GPL e da altre licenze open o commerciali. DR-DOS 8.1 e' ora sparito
URL: http://punto-informatico.it/pi.asp?i=55873

RAGAZZINI SOTTO CONTROLLO COL GPS
Un operatore telefonico olandese, KPN, ha introdotto un nuovo terminale mobile con ricevitore GPS integrato. E' nato per monitorare silenziosamente gli spostamenti dei piu' piccoli
URL: http://punto-informatico.it/pi.asp?i=55866

** LA DRM SECONDO MACROVISION **
In un rapporto, uno degli artefici della Digital Rights Management ammette il vero obiettivo: spillare soldi all'utente normale.
>> di Michele Bottari
http://www.zeusnews.it/news.php?cod=4400

** WINMX IN PERICOLO **
E' sempre più difficile usare il software P2P WinMX, visto il recente intervento della RIAA. Vediamo le alternative e quanto sono "sicure".
http://forum.zeusnews.com/viewtopic.php?t=12334

KMd5 1.03b
An Md5 hashes cracker for lists (lists of hash or lists of word, but an incremental mode is available aswell), faster that groar, this version use a list of hash (no combos list (user:hash) like in groar), if you need a tool to separate combo into 2 singles lists, you can use raptor III, that you can find easily on the web.
http://www.hot.ee/abargadon/kmd5_1.03b.zip

Hacking Your Car: Install Windows on a CompactFlash card The car PC community is constantly searching for hardware and software solutions to improve the system's boot speed and reliability, and reduce the physical size of the computer. One of these solutions is to build a system that boots off of a CompactFlash (CF) drive. This week, in an excerpt from "Car PC Hacks," learn how to install Windows on a CompactFlash card.
http://www.windowsdevcenter.com/pub/a/windows/excerpt/CarPCHacks_Chap1/index.html

Easy Ways to Hack IIS Without the Pain
Mucking about in version 6 of the IIS metabase is a lot easier than in earlier versions. But try it, and you may end up with metabase corruption and other woes. Mitch Tulloch, author of "Windows Server Hacks," shows you how to hack the IIS6 metabase with Metabase Explorer.
http://www.windowsdevcenter.com/pub/a/windows/2005/10/25/hacking-iis6-with-metabase-explorer.html

ADVISORIES: OCTOBER 25, 2005
Today's security advisories: sudo and libgda2 (Debian GNU/Linux); Zope and phpMyAdmin (Gentoo Linux); ethereal (Mandriva Linux); and ethereal (Red Hat Linux).
http://nl.internet.com/ct.html?rtr=on&s=1,1zlc,1,ilru,6dvm,85jl,7pty

DEVIL'S ADVOCATE: TWISTS AND TURNS OF OPEN SOURCE "At times, open source demonstrates both startling contrasts and underlying similarities with commercial software..."
http://nl.internet.com/ct.html?rtr=on&s=1,1zle,1,b5ge,hz8x,85jl,7pty

QUICK AND DIRTY DATA EXTRACTION IN AWK
"Need to pull some data from text--maybe e-mail messages--and sort it, graph it or otherwise manipulate it? Here's an AWK script to use as a starting point..."
http://nl.internet.com/ct.html?rtr=on&s=1,1zle,1,g3tc,6sd0,85jl,7pty

Are Microsoft's new licenses open source?
http://software.newsforge.com/article.pl?sid=05/10/25/1917205&from=rss
Last week, Microsoft announced a set of new Shared Source licenses. Normally, new Microsoft licenses wouldn't be cause for the open source community to pay attention, but the new Shared Source Licenses have gotten praise from open source proponents such as Tim O'Reilly, and even the Free Software Foundation Europe (FSFE) has weighed in with positive comments.

Library of Congress opens DMCA exemption comment period http://business.newsforge.com/article.pl?sid=05/10/19/1518238&from=rss
The Copyright Office of the US Library of Congress has formally announced an open comment period to solicit evidence from "interested parties" regarding whether the prohibition on circumvention clause of the Digital Millennium Copyright Act (DMCA) has an adverse effect on legal, non-infringing use of copyrighted works. Anyone may submit comments via forms on the Copyright Office Web site between November 2 and December 1. All comments will be made public.

"Truffe online: il caso adbcenterworks"
AdbCenterWorks, che vendeva prodotti informatici e di telefonia a prezzi piuttosto bassi, da settembre non inviava più i prodotti ai clienti.
http://www.ziobudda.net/Admin/redir_news.php?id=24753

"L'obiettivo della DRM? Spillare soldi all'utente normale"
In un rapporto, uno degli artefici della Digital Rights Management ammette il vero obiettivo: spillare soldi all'utente normale.
http://www.ziobudda.net/Admin/redir_news.php?id=24770

"Linux Kernel 2.6.14 disponibile"
E' disponibile la nuova release di linux. Il link rimanda al Changelog.
http://www.ziobudda.net/Admin/redir_news.php?id=24757

PIU' VICINA LA TV P2P ITALIANA
Dopo la celebratissima telefonia VoIP, i sistemi di comunicazione tradizionali dovranno fare i conti con un nuovo fenomeno emergente: la televisione che sfrutta le tecnologie P2P. Non mancano le iniziative italiane
URL: http://punto-informatico.it/pi.asp?i=55869

CROSSOVER PORTA OFFICE 2003 SU LINUX
L'ultima e importante release del celebre software pensato per far girare sotto Linux applicazioni Windows introduce un primo supporto alla suite Microsoft. Include le tecnologie di Wine 0.9
URL: http://punto-informatico.it/pi.asp?i=55885

EXCHANGE 5.5 VICINO ALLA PENSIONE
Alla fine dell'anno cessera' la fase estesa del supporto a Exchange 5.5. Microsoft incoraggia le aziende che ancora utilizzano l'ormai attempato software a migrare alla versione 2003
URL: http://punto-informatico.it/pi.asp?i=55880

JAVA DESKTOP AMICO DI TUTTI I PINGUINI
O quasi... Sun ha infatti promesso di rendere la propria piattaforma desktop compatibile con tutte le principali distribuzioni per Linux, tra cui SUSE e Linspire. E il prossimo anno sfoggera' una GUI 3D
URL: http://punto-informatico.it/pi.asp?i=55909

Creating an FTP Drop Site
Author: Mitch Tulloch
Summary: This article walks you through creating an FTP site that users can anonymously upload files to, but can't list or retrieve any files that have been uploaded. The article also discusses uses for such sites in a corporate environment.
Link: http://www.WindowsNetworking.com/articles_tutorials/Creating-FTP-Drop-Site.html

Delegating Group Policy Privilege using the GPMC
Author: Derek Melber
Summary: If you have an Active Directory domain or enterprise, you are all too familiar with Group Policy. Group Policy is the preferred way to ensure standardized and secure domain controllers, servers, and clients. With standards becoming so highly regarded to reduce the TCO of clients, Group Policy control is essential. This article describes "who" can perform "which" tasks with Group Policy and the proper way to configure them within the GPMC.
Link: http://www.WindowSecurity.com/articles/Delegating-Group-Policy-Privilege-using-GPMC.html

ADVISORIES: OCTOBER 26, 2005
Today's advisories: imlib, koffice, and net-snmp (Debian GNU/Linux); pam (Fedora Core); lynx, ethereal, php-imap, squid, perl-Compress-Zlib, uim, and netpbm (Mandriva Linux); and pam and fetchmail (Red Hat Linux).
http://nl.internet.com/ct.html?rtr=on&s=1,1zpn,1,frxv,jp3a,85jl,7pty

ADVISORIES: OCTOBER 27, 2005
Today's security advisories: lynx, openssl094, and lynx-ssl (Debian GNU/Linux); pam and gdb (Fedora Core); apache-mod_auth_shadow and sudo (Mandriva Linux); and kernel (Red Hat Linux).
http://nl.internet.com/ct.html?rtr=on&s=1,1zte,1,lqpw,b5jp,85jl,7pty

ADVANCED LINUX LDAP AUTHENTICATION
"In an earlier look at LDAP, we set up a simple LDAP-based authentication system. We configured client machines to retrieve authentication information from a server running OpenLDAP..."
http://nl.internet.com/ct.html?rtr=on&s=1,1ztg,1,ijnx,27pb,85jl,7pty

AZUREUS: A BETTER WAY TO BITTORRENT
"BitTorrent has become one of the most widely used apps on the Internet--so popular, in fact, that it’s estimated that over 33% of all Internet traffic is now generated by BitTorrent..."
http://nl.internet.com/ct.html?rtr=on&s=1,1ztg,1,irt1,2s6k,85jl,7pty

MALWARE
Title: Malware authors unleash bird flu-themed Trojan
Source: The Register
Date Written: 2005-10-27
Date Collected: 2005-10-27
A new Trojan is playing on avian flu fears. The Naiva-A Trojan looks like a Word document containing information about the bird flu. The malware employs two Word macros to run and install "a second item of malicious code, Ranky-FY, onto infected PCs. Ranky-FY gives hackers the ability to control compromised PCs." Spam email messages with subject lines such as "Outbreak in North America" or "What is avian influenza (bird flu)?" carry the infection, which has not been wide reaching and therefore is only a modest threat.
http://www.theregister.co.uk/2005/10/27/avian_flu_trojan/

VULNERABILITIES & EXPLOITS
Title: Old software weakening Net's backbone, survey says
Source: CNet
Date Written: 2005-10-25
Date Collected: 2005-10-27
Internet performance company The Measurement Factory has reported the results of a survey that found a fifth of DNS servers run out-of-date BIND software, which is used for domain-name resolution. BIND versions earlier than 9 are vulnerable to DNS cache poisoning, where DNS servers' cache stores of legitimate IP addresses are hacked and bogus addresses substituted. Legitimate sites are then resolved to malicious sites which can then be used for phishing. The problem occurs in servers running versions 4.X and 8.X that are used for forwarding. A process called "recursive forwarding" sends queries to other DNS servers when a DNS server cannot resolve a query on its own. This connectivity could theoretically allow a compromised cache to spread its faulty association further. In addition, the survey found that more than 40 percent of DNS servers allow zone transfers from "arbitrary queries," or unknown machines, which "the report said…exposes a name server to denial-of-service att acks and gives attackers information about internal networks." Restricting recursion to trusted sites, using hardened and secure applications, filtering tracking to and from DNS servers, and using the most up-to-date software are some of the preventives recommended.
http://news.com.com/Old+software+weakening+Nets+backbone%2C+survey+says/2100-7347_3-5913771.html?part=rss&tag=5913771&subj=news

VULNERABILITIES & EXPLOITS
Title: Web 2.0 Cracks Start to Show
Source: Wired News
Date Written: 2005-10-27
Date Collected: 2005-10-27
The problems that beleaguer the old internet are appearing again in newer technologies known collectively as Web 2.0, a term coined by O'Reilly Media Vice President Dale Dougherty to describe post-dot-com sites and services that use the web as a platform – such as Flickr, BitTorrent, tagging and RSS syndication. Proponents say Web 2.0 has been better engineered to withstand the troubles that wrecked Usenet, BBSes and free e-mail, but misuses abound, such as splogging and manipulation of Google rankings. Some decry the open media movement, saying it is driving out traditional, quality-controlled media. Wikipedia has been singled out for criticism because its content is uneven, but founder Jimmy Wales says they are working on a reviewing scheme that should address quality and reliability. Flickr co-founder Stewart Butterfield says the key is to make a system easier to fix than it is to deface.
http://www.wired.com/news/technology/0,1282,69366,00.html?tw=wn_story_page_prev2

VULNERABILITIES & EXPLOITS
Title: Flaw hunters pick holes in Oracle patches
Source: CNet
Date Written: 2005-10-27
Date Collected: 2005-10-27
Now that Microsoft is actively pursuing security and earning praise for its efforts, Oracle has become a target for security researchers and analysts. Oracle's patch practices are particularly egregious, with holes left unpatched for 600 days (eEye Digital Security considers patches overdue after 60 days), twice as long as Microsoft ever left a problem. In addition, Oracle's software updates regularly need their own fixes. "The recent history of Oracle's security updates suggest that the company does not pay attention to security throughout its development process," said Michael Gavin, a Forrester Research analyst. Customer complaints helped convince Microsoft to adopt new practices, but a similar outcry has yet to be heard with Oracle. One reason is databases often sit behind firewalls and are not as vulnerable to attack as operating systems. In addition, the bulk of Oracle's customer base consists of big corporations that do not discuss such things public ally. Oracle has n ot welcomed the researchers' scrutiny, and some think the researchers are in it for their own glory as opposed to the common good.
http://news.com.com/Flaw+hunters+pick+holes+in+Oracle+patches+-+page+3/2100-1002_3-5916171-3.html?tag=st.next

VULNERABILITIES & EXPLOITS
Title: Oracle password system comes under fire
Source: CNet
Date Written: 2005-10-27
Date Collected: 2005-10-28
Experts are calling on Oracle to improve its method of storing passwords in its database products after several vulnerabilities were discovered, including “a weak hashing mechanism and a lack of case preservation--all passwords are converted to uppercase characters before calculating the hash.” Researchers went on to say that Oracle users can “protect their systems by requiring strong passwords and assigning limited user rights,” but that all users need to exert pressure on Oracle to improve its security measures and address vulnerabilities in a timely manner.
http://news.com.com/Oracle+password+system+comes+under+fire/2100-1002_3-5918305.html?part=rss&tag=5918305&subj=news

WifiScanner 1.0
Just an another passive 802.11b scanner. It can dump traffic in realtime (like tcpdump) and you can change interactively the sniffed channel. Work with Cisco, Prism, Prism54g, Lucent, Orinoco, Centrino and Atheros card. An IDS system is integrated to detect anomaly like MAC usurpation
http://www.astalavista.com/index.php?section=directory&linkid=5381

MSN Capture: MSN Messenger Packet Parser MSN CAPTURE captures MSN messenger packets and display it to the user in a human readable format
http://www.astalavista.com/index.php?section=directory&linkid=5387

INSECURE Magazine: Issue 4
The topics covered : Structured traffic analysis, Access Control Lists in Tiger and Tiger Server - true permission management, Automating I.T. security audits, Biometric security, PDA attacks, part 2: airborne viruses - evolution of the latest threats, Build a custom firewall computer, Lock down your kernel with grsecurity, Interview with Sergey Ryzhikov, director of Bitrix, Best practices for database encryption solutions.
http://www.insecuremagazine.com/INSECURE-Mag-4.pdf

Network monitoring with Cacti
http://software.newsforge.com/article.pl?sid=05/10/21/200214&from=rss
GNU/Linux is without doubt a brilliant server OS, but monitoring your Linux server can be a challenge. There are a few powerful tools available, such as MRTG, the Multi Router Traffic Grapher, but setting them up can be an exercise in frustration for first-time users. By contrast, Cacti, a graphing program for network statistics, is designed to be easy for relatively inexperienced systems administrators to use, while at the same time being powerful enough to be used in complex networks.

Discover Security Risks in Bluetooth Devices http://newsvac.newsforge.com/article.pl?sid=05/10/28/1756224&from=rss
Anonymous Reader writes "AirMagnet introduced its BlueSweep software, designed to identify nearby devices with Bluetooth wireless technology and alert users to potential Bluetooth security risks. The AirMagnet software identifies and tracks devices up to 300 feet away and lets users know what their own Bluetooth devices are doing."

g00d reading! 'n' bye
Security News MainTainer:

The Jackal a.k.a. jAcKallO < jackal [at] capitanlug.it >

(AreaSessantuno Inside) / (SpiPPolatori Collaborator) (HackerAlliance Member) / (Socio fondatore del CapitanLUG.iT) (Daily DisInfo CreaTor & MainTainer) / (Security News MainTainer)