Technology
Source: Newsbytes
Date Written: March 7, 2002
Date Collected: March 7, 2002
Title: Netscape Navigator Browser Snoops On Web Searches Network traffic analysis conducted by Newsbytes indicated that Netscape is capturing the search terms and Internet protocol (IP) addresses of Navigator
6 users. A uniform resource locator (URL) forwarding system sends user data to a server at info.netscape.com whenever a Navigator user types search terms into the browser's URL bar and presses the Search button or Search tab. A spokesperson for Netscape stated that the URL forwarding system is not used to monitor user searches, but to bill participating search sites for forwarding the traffic. Privacy groups feel this practice is invasive, and a breach of privacy rights.
http://www.newsbytes.com/news/02/175035.html
Also - http://www.ziobudda.net/news/see_comments.php?id_notizia=6016
Also - http://punto-informatico.it/pi.asp?i=39361
"Bug nella Java VM"
MS e Sun stanno correndo ai ripari per chiudere una falla all'interno della Java VM che permette agli hacker di "vedere" i dati privati dell'utente.
http://www.ziobudda.net/news/see_comments.php?id_notizia=5990
"Un firewall su CD"
BSDToday presenta un interessante articolo sul come sia semplice e veloce creare un firewall che risieda su CD.
http://www.ziobudda.net/news/see_comments.php?id_notizia=5989
"Fingerprinting Port80 Attacks:"
Direttamente dal "sotto-titolo": "A look into web server, and web application attack signatures: Part Two"
http://www.ziobudda.net/news/see_comments.php?id_notizia=5984
Vulnerabilities
Source: SANS
Date Written: March 7, 2002
Date Collected: March 8, 2002
Title: OpenSSH Vulnerability Versions 2.0 through 3.0.2 A vulnerability was discovered in the Open SSH server product, versions 2.0 through 3.0.2. OpenSSH is a set of secure encrypted tools often used for remote administration. The flaw may enable a local, authenticated user to gain root privileges to exploit the server. Some reports indicate that remote exploitation is possible. An upgrade to version 3.1 will fix the problem.
http://www.incidents.org/diary/diary.php?id=148
Also - http://www.vnunet.com/News/1129899
Also - http://www.ziobudda.net/news/see_comments.php?id_notizia=5999
"Quando la PATCH non corregge"
I programmatori della RedHat hanno scoperto (dopo varie prove) che la patch per il linguaggio PHP v4.0.6 rilasciata appositamente per corregge un grave bug di sicurezza non lo corregge affatto.
http://www.ziobudda.net/news/see_comments.php?id_notizia=6011
"Linux Advisory Watch - March 8th 2002"
http://www.ziobudda.net/news/see_comments.php?id_notizia=6018
»Securing Small Networks with OpenBSD
Non sempre Linux è la migliore soluzione quando si parla di sicurezza/firewall. In molti vendo l'ambiende *BSD molto al di sopra di Linux.
http://www.ziobudda.net/Admin/redir_news.php?id=6030
From !pc-facile mailing list:
***Internet Explorer - ancora problemi!*** Ancora problemi per Internet Explorer, e anche questa volta piuttosto seri. E' possibile per qualunque pagina web eseguire dei programmi sul vostro computer SENZA bisogno del vostro consenso e SENZA l'utilizzo dell'Active Scripting o degli ActiveX.
Qui la dimostrazione:
http://security.greymagic.com/adv/gm001-ie/simplebind.html
Se la pagina web riesce ad aprire la calcolatrice sul vostro PC sapete di essere nei guai. E qui una spiegazione un po' tecnica del problema:
http://security.greymagic.com/adv/gm001-ie/
Il punto è che neanche con la patch di Microsoft sembra aver risolto il problema, almeno per me.
-->> Patch per Windows XP new
Microsoft ha rilasciato una nuova patch per l'aggiornamento del sistema operativo Windows XP. Risolve un errore in fase di boot.
URL: http://www.hwfiles.it/news/172.html
NETWORK SECURITY WITH /PROC/SYS/NET/IPV4 In additional to firewall rulesets, the /proc filesystem offers some significant enhancements to your network security settings. Unfortunately, most of us are unaware of anything beyond the vague rumors and advice we've heard about this beast. In this article, we'll review some of the basic essentials of the /proc/sys/net/ipv4 filesystem necessary to add to the overall network security of your Linux server.
Link: http://www.linuxsecurity.com/articles/network_security_article-4528.html
SECURING SMALL NETWORKS WITH OPENBSD
This article describes the design and implementation of a small network with a split private/DMZ design that allows a high level of protection for its users while making some services available to the outside world. The design is easy to implement and administer, even for beginners, and can serve as a foundation for custom security installations.
Link: http://www.onlamp.com/pub/a/bsd/2002/02/28/openbsd.html
MULTI-LAYERED SECURITY
Mike Hoskins writes: "In this article I discuss generalized ways to increase system and network trust. While my examples are somewhat FreeBSD centric, they can be abstracted to almost any platform."
Link: http://ezine.daemonnews.org/200203/multilayersec.html
LINUX 802.11B AND WIRELESS (IN)SECURITY
In this article, Michael talks about Linux and background on wireless security, utilities to interrogate wireless networks, and the top tips you should know to improve wireless security of your network.
Link: http://www.linuxsecurity.com/feature_stories/wireless-kismet.html
SWITCHSNIFF
Sumit Dhar writes: "I once discussed the topic of sniffers with an experienced network administrator. He casually mentioned that he was not bothered by sniffers, as all his machines were connected to switches. This was someone who was paranoid about security and read almost all security newsgroups religiously, but he was living in complete ignorance about the threat to his network. Unfortunately, he is not alone as many experienced systems and network administrators feel switches are immune to being sniffed. Switches may be difficult to sniff, but they are certainly not immune."
Link: http://www.linuxjournal.com//article.php?sid=5869
SECURING YOUR WEB SITE FOR BUSINESS
Verisign's free guide, "Securing Your Web Site for Business", will tell you lot of interesting and informative facts you need to know about encrypting your server transactions for serious online security.
Link: http://www.net-security.org/cgi-bin/ads/ads.pl?banner=verisignq1
MIRC DCC SERVER SECURITY FLAW
There is an error in the impmelentation of the mIRC DCC server protocol.
Link: http://www.net-security.org/text/bugs/1015590859,3544,.shtml
"SecurityFocus Newsletter #135"
http://www.ziobudda.net/news/see_comments.php?id_notizia=6058
"SecurityFocus Linux Newsletter #71"
http://www.ziobudda.net/news/see_comments.php?id_notizia=6057
"Nuovo kernel 2.5.6"
Non molte le novita' tra la nuova versione 2.5.6 e la precedente 2.5.5. Ma le patch ci sono e sono tante.
http://www.ziobudda.net/news/see_comments.php?id_notizia=6049
"Bug in FileUtils"
Ancora bug. Questa volta nei programmi contenuti all'interno del pacchetto fileutils che soffrono di un problema di race condition
http://www.ziobudda.net/news/see_comments.php?id_notizia=6045
"Grave bug nella zlib"
E' stato scoperto da poco, e non è ancora disponibile un exploit (per la maggior parte dei sysadm), un grave bug di sicurezza che affligge tutti i programmi che usano la libreria zlib. Kernel compreso.
http://www.ziobudda.net/news/see_comments.php?id_notizia=6042
Also - http://punto-informatico.it/pi.asp?i=39394
Also - http://www.computerworld.com/storyba/0,4125,NAV47_STO69013,00.html
Also - http://zdnet.com.com/2100-1104-857031.html
Also - http://www.newsbytes.com/news/02/175117.html
Also - http://www.nwfusion.com/news/2002/0311linuxflaw.html
Also - http://www.vnunet.com/News/1129970
Also - http://www.theregus.com/content/5/24287.html
MICROSOFT METTE UNO SCUDO AI WEB SERVICE L'azienda presenta un filtro XML per il suo firewall ISA per proteggere le reti delle aziende che fanno uso dei Web service. Download gratuito
URL: http://punto-informatico.it/pi.asp?i=39395
Cyberterrorism-Infrastructure Protection
Source: The Register
Date Written: March 11, 2002
Date Collected: March 12, 2002
Title: ICQ hack theories flood into Vulture Central The massive cyberattack against ICQ accounts that recently took place changed hundreds of e-mail account addresses to uni@deathrow.com and passwords to these accounts. The article outlines possible methods of achieving the attack, including spoofing an e-mail to gain account names and passwords, database administrator error, war scripting and others.
http://www.theregister.co.uk/content/55/24377.html
"Ancora sul bug delle zlib"
Sta facendo molto "rumore" il bug scoperto all'interno delle librerie zlib, librerie che molto hanno a che vedere con Linux e che potrebbero mettere in serio pericolo (di sicurezza) molti server internet.
http://www.ziobudda.net/news/see_comments.php?id_notizia=6075
"Progettazione di un FireWall"
La "messa in sicurezza" di una rete passa quasi sempre dalla "messa in opera"
di un firewall. Ma anche il firewall deve essere ben progettato o altrimenti tutti gli sforzi saranno stati utili.
http://www.ziobudda.net/news/see_comments.php?id_notizia=6074
"Attenti al minimo indizio!"
Come un piccolo, insignificante indizio può rivelare tracce di un attacco e della grave compromissione della sicurezza di un server Linux
http://www.ziobudda.net/news/see_comments.php?id_notizia=6067
Vulnerabilities
Source: Computer Incident Advisory Center
Date Written: March 12, 2002
Date Collected: March 13, 2002
Title: Microsoft Unchecked Buffer in Windows Shell A buffer overflow vulnerability has been discovered in Microsoft systems that may cause the Windows Shell to crash or allow remote exploitation of the system. The vulnerability affects Microsoft Windows 98, 98SE, Windows NT 4.0, and Windows 2000. The unchecked buffer is located in a function that locates incompletely removed applications on a system. Microsoft has released a patch to address the vulnerability.
http://www.ciac.org/ciac/bulletins/m-055.shtml
Also - http://www.vnunet.com/News/1130007
OOPS! CHI M'HA SPENTO IL PC?
Una vecchia falla di IE6, ancora in attesa di patch, puo' oggi essere sfruttata per spegnere il PC di un utente via Web
URL: http://punto-informatico.it/pi.asp?i=39435
Also - http://www.newsbytes.com/news/02/175185.html
"Appunti di Informatica libera: novita'"
Salve a tutti. Informo che Daniele Giacomini ha concluso l'edizione 2002.03.20 dei sui "Appunti di Informatica libera".
http://www.ziobudda.net/news/see_comments.php?id_notizia=6106
"bug zlib: coinvolta anche Microsoft!"
Secondo una lista ufficiale riportata dalla homepage di gzip risultano coinvolte molte applicazioni e tra queste anche vario software tutt'altro che OpenSource. [da portazero.info]
http://www.ziobudda.net/news/see_comments.php?id_notizia=6093
g00d reading! 'n' bye
Security News Staff:
The Jackal < -jackal-@libero.it >
