"Dall'errore umano, al firewall umano"
Nel definire le politiche di sicurezza si tende a privilegiare la componente tecnologica rispetto a quella umana. Per una politica di sicurezza reale, questo criterio deve essere ribaltato...
http://www.ziobudda.net/Admin/redir_news.php?id=22343

"Nuove pubblicità progresso pro Creative Commons"
Il governo ha deciso di affiancare alla pubblicità anti-pirateria, quella con Giorgio Faletti, altre pubblicità, per sensibilizzare i cittadini riguardo le Creative Commons, l'informazione e l'accessibilità.
http://www.ziobudda.net/Admin/redir_news.php?id=22342

"Il TCP non convalida adeguatamente i segmenti prima dell'aggiornamento del valore del timestamp"
Determinate esecuzioni del TCP possono permettere che un attaccante a distanza modifichi arbitrariamente i valori del timestamp dell'host...
http://www.ziobudda.net/Admin/redir_news.php?id=22341

"Configurazione Debian Post Installazione"
Una mini guida, semplice per Newbies.
http://www.ziobudda.net/Admin/redir_news.php?id=22348

"OpenCON 2005 - Conferenza su OpenBSD"
L'openGeeks, Gruppo Utenti OpenBSD Italia, organizza per il secondo anno OpenCON la conferenza che parla esclusivamente di OpenBSD. Quest'anno vede la partecipazione di molti degli sviluppatori di questo sistema operativo tra cui Theo De Raadt, Henning, McBride, Espie, Marc, Uwe, etc. La manifestazione si svolgera' nel posto piu' suggestivo di Venezia, l'isola di San Servolo. Cerchiamo persone / aziende che possano aiutarci nell'organizzazione o nella sponsorizzazione dell'evento.
http://www.ziobudda.net/Admin/redir_news.php?id=22346

SCHIAFFO ALLE MAJOR DAL NUOVO BITTORRENT?
La nuova beta elimina la necessita' di tracker pubblici e di siti che possono essere facilmente presi di mira. BSA: ci costringe a riorganizzarci.
MPAA: troveremo i pirati di Star Wars
URL: http://punto-informatico.it/pi.asp?i=52963

GLI USA VARANO LA GOGNA NAZIONALE
L'amministrazione Bush ha deciso: entro due o tre mesi sara' reso
disponibile un sito che linkera' i dati di tutti coloro che negli Stati
Uniti hanno scontato condanne per reati di natura sessuale. Per prevenire,
dicono
URL: http://punto-informatico.it/pi.asp?i=52968

NETSCAPE 8, PIT STOP ANTICIPATO
Un giorno dopo il lancio del nuovo Netscape 8, AOL ha rilasciato una
versione aggiornata del proprio browser che corregge alcune gravi
vulnerabilita' di sicurezza ereditate dalla versione 1.0.3 di Firefox.
Volano fischi
URL: http://punto-informatico.it/pi.asp?i=52949

Mac OS X
Vendor: Apple Computer
A vulnerability was reported in Apple Mac OS X in two filesystem search
system calls. A local user may be able to determine the name of files in
inaccessible directories.
Impact: Disclosure of system informatio
Alert: http://securitytracker.com/alerts/2005/May/1014013.html

Cisco MGX WAN Switches
Vendor: Cisco
A vulnerability was reported in the MGX8200, MGX8800, and MGX8900 series
switches. A remote user can cause denial of service conditions.
Impact: Denial of service via network
Alert: http://securitytracker.com/alerts/2005/May/1014004.html

Cisco Access Points
Vendor: Cisco
A vulnerability was reported in the Cisco AP350 and AP1200 series Access
Points. A remote user can cause denial of service conditions.
Impact: Denial of service via network
Alert: http://securitytracker.com/alerts/2005/May/1014003.html

Content Services Switch (Cisco Arrowpoint)
Vendor: Cisco
A vulnerability was reported in the Cisco CSS11000 content services switch
series. A remote user can cause denial of service conditions.
Impact: Denial of service via network
Alert: http://securitytracker.com/alerts/2005/May/1014002.html

Cisco SN 5420 Storage Router
Vendor: Cisco
A vulnerability was reported in the Cisco SN5400 series storage routers. A
remote user can cause denial of service conditions.
Impact: Denial of service via network
Alert: http://securitytracker.com/alerts/2005/May/1014001.html

ASP.NET
Vendor: Microsoft
Shreeraj Shah of Net Square Solutions reported a vulnerability in Microsoft
ASP.NET web services. A remote user may be able to determine the system
path or internal SQL data in certain cases where exceptions are not properly
handled.
Impact: Disclosure of system information
Alert: http://securitytracker.com/alerts/2005/May/1013996.html

MySQL
Vendor: MySQL.com
Eric Romang (ZATAZ) reported a vulnerability in MySQL. A local user can
modify the database during database installation.
Impact: User access via local system
Alert: http://securitytracker.com/alerts/2005/May/1013995.html

MySQL
Vendor: MySQL.com
A vulnerability was reported in MySQL. The database server may run with
incorrect privileges.
Impact: Modification of system information
Alert: http://securitytracker.com/alerts/2005/May/1013994.html

avast!
Vendor: ALWIL Software
Juha-Matti Laurio reported a vulnerability in avast! antivirus. Certain
types of viruses may not be detected.
Impact: Host/resource access via network
Alert: http://securitytracker.com/alerts/2005/May/1013991.html

Linux Kernel
Vendor: kernel.org
A vulnerability was reported in the Linux kernel in the pktcdvd and
rawdevice ioctl handlers. A local user can execute arbitrary code with
kernel level privileges.
Impact: Execution of arbitrary code via local system
Alert: http://securitytracker.com/alerts/2005/May/1013980.html

"Piccolo script per installare schede garfiche Nvidia"
Presento questo piccolo tool scritto con le mie manine che può aiutare sia
l'utente esperto che il principiante ad installare l'ultima versione dei
driver Nvidia per linux rapidamente. Si avvia anche in modalità grafica.
Spero possa essere d'aiuto a più persone possibili.
http://www.ziobudda.net/Admin/redir_news.php?id=22368

"Online le prime dispense del corso GNU/Linux di Linuxhelp"
Sono finalmente online, liberamente scaricabili e redistribuibili, le prime
dispense del corso GNU/Linux tenuto da LinuxHelp presso il Consorzio
Euroqualità di Torino.
http://www.ziobudda.net/Admin/redir_news.php?id=22364

"Scrivere in ntfs: Paragan vs captive"
Ho avuto modo di testare il driver della Paragon per scrivere (..e leggere
naturalmente..) in ntfs. In questo linK le osservazioni:
http://knoppix.network.crealabs.it/viewtopic.376.html&sid=16cfd6f91814a7d1646620c8adbdee47
http://www.ziobudda.net/Admin/redir_news.php?id=22358

SERVER DNS DISTRIBUITI CONTRO I DDOS
La nuova politica di VeriSign: i root server di Internet saranno piu'
numerosi e distribuiti nel mondo. Per prevenire attacchi potenzialmente
assai pericolosi
URL: http://punto-informatico.it/pi.asp?i=52993

JAVA COMPIE 10 ANNI
Festa in casa Sun: dieci candeline per il fortunato linguaggio pensato
inizialmente per il web. Una storia di fortune alterne e innovazione
URL: http://punto-informatico.it/pi.asp?i=53002

Scheda in italiano di WORM_MUGLY.F
E' un worm compresso con l'utility UPX con capacità di backdoor (porta 8080
in TCP) che si invia a tutti i contatti Yahoo! Messenger e MSN Messenger
http://www.alground.com/virus/schedaVirus.php?cod_virus=177

MULTI-LEVEL 'SU' ACCESS
"For those of you lucky enough to use either Slack or have a
non-PAM-poisoned distro... I have some suggestions for your 'su'
configuration..."
http://nl.internet.com/ct.html?rtr=on&s=1,1mq0,1,5iez,ip3w,85jl,7pty

WINDOWS PATCHING: CHEAPER THAN OPEN SOURCE?
"And if you believe that, Microsoft has a nice bridge in Brooklyn it would
like to sell you..."
http://nl.internet.com/ct.html?rtr=on&s=1,1mpy,1,khsu,hvn,85jl,7pty

SECURITY RISKS WITH RFID
Companies need to protect their data by ensuring that the RFID technology
they adopt supports their corporate security policies.
http://www.net-security.org/news.php?id=7803

PRESERVING DIGITAL EVIDENCE TO BRING ATTACKERS TO JUSTICE
In this article, we'll explain how standard rules of evidence apply to
digital data and what precautions you should take to preserve it properly
for a court trial.
http://www.net-security.org/news.php?id=7818

DOMAIN FOOTPRINTING FOR WEB APPLICATIONS AND WEB SERVICES
This paper demonstrates how advanced search options offered by search
engines like Google, A9, Yahoo, Alexa and others can be leveraged to obtain
critical information about domains.
http://www.net-security.org/news.php?id=7820

NOKIA RELEASES "BLUESNARFING" FIX
More than six months after acknowledging a Bluetooth security flaw in a
number of its mobile phones, Nokia said it has released a software upgrade
that fixes the vulnerabilities in some of its products.
http://www.net-security.org/news.php?id=7831

USING DUAL ACCOUNTS FOR ADMINISTRATORS
With security on the minds of everyone, including all administrators and
executives, every precaution needs to be taken to protect the network
devices, servers, clients, Active Directory, and network resources.
http://www.net-security.org/news.php?id=7842

MICROSOFT WARNS OF TCP/IP FLAW
Attacker could bring down a network connection.
http://www.net-security.org/news.php?id=7845

Getting Started: The Basic Elements of C++
This chapter introduces you to the basics of C++, giving you enough
explanation for you to compile and execute a simple C++ program. Topics
covered include defining a main function, defining variables, and an
introduction to C++ classes.
http://www.informit.com/articles/article.asp?p=384462

How can I hide passwords in a shell script?
http://www.informit.com/discussion/index.asp?postid=310fde9c-5c8f-46f4-be31-3ea64af18ec5

The Characteristics of Spam Email
The first step to fighting spam is knowing how to recognize it and, by
extension, write code that recognizes it. Unfortunately, spammers realize
this and work hard to circumvent detection. This chapter details the many
ways that spam filters recognize spam, as well as the ways spammers have
gotten around these filters.
http://www.informit.com/articles/article.asp?p=376874

MALWARE
Title: Sober reloaded
Source: The Register
Date Written: 2005-05-20
Date Collected: 2005-05-23
The Sober-P worm is set to reactivate May 23, 2005 and may launch another
Trojan. The Sober-P worm spread earlier in May through mass-mailings, posing
as World Cup ticket offers, and generated spam containing hate content.
Security firm CipherTrust says the virus' authors could use the botnet of
infected PCs to send more spam, propagate viruses, or launch
denial-of-service (DoS) attacks.
http://www.theregister.co.uk/2005/05/20/sober_reloaded/

A UN ANNO DAL DECRETO URBANI COSA E' CAMBIATO?
Il 21 maggio 2004 veniva pubblicata la legge di conversione del celeberrimo
decreto Urbani. A un anno di distanza quale e' la situazione per chi fa
file-sharing?
http://www.studiocelentano.it/editorial/articolo.asp?id=1043
di G. Cavaliere

"Configurazione di un server ntp"
Rilasciato un mini HowTo "Configurazione di un server NTP" da phillip bailey
di elbalinux.org. il documento e' consultabile a questo link.
http://www.elbalinux.org/modules.php?name=Content&pa=showpage&pid=3
Questo documento è Copyright (C) 2005 Phillip Bailey ed è rilasciato sotto
una licenza Creative Commons".
http://www.ziobudda.net/Admin/redir_news.php?id=22388

"Kernel Emulation on Windows"
Un nuovo progetto ospitato da Sourceforge permette di eseguire su Windows
binari compilati per Linux.
http://www.ziobudda.net/Admin/redir_news.php?id=22385

"Pirati informatici usano il Web per estorcere denaro"
Si tratta di un attacco che mira ad estorcere denaro installando file di
codifica in grado di rendere illeggibili i documenti presenti sul PC di
ignari utenti e obbligandoli poi all'acquisto di un tool di decodifica
indispensabile per poter accedere nuovamente alle proprie informazioni.
http://www.ziobudda.net/Admin/redir_news.php?id=22380

"AppProg va avanti"
A piu' di un mese dall'apertura, AppProg continua a cercare collaboratori.
Il sito offre nuovi tutorial.
http://www.ziobudda.net/Admin/redir_news.php?id=22376

"Flash: rivedere i giudizi?"
Da anni è uno degli argomenti più dibattuti tra i temi dell'usability: i
notevoli pregi di Flash sono d'intralcio all'usabilità del sito?
http://www.ziobudda.net/Admin/redir_news.php?id=22404

"Linux sull'iPod"
Già da tempo Linux 'gira' sull'iPod, ultimamente (anche se non supportato)
anche sull'iPod 4G, Photo ecc.ecc.
L'installazione non richiede riformattazione o altro (anche se ovviamente
tutto è 'own risk')... è semplice e non invasiva.
http://www.ziobudda.net/Admin/redir_news.php?id=22398

"Linux Bonding Mini HOWTO"
Questo documento descrive come installare ed usare due o piu' schede di rete
in bonding su Slackware Linux 10.1
http://www.ziobudda.net/Admin/redir_news.php?id=22393

"Tool per intallare le schede grafiche Nvidia"
Presento la revisione 0.01c del mio script per installare schede grafiche
Nvidia. Ora il tool oltre a scaricare ed installare in automatico l'ultimo
driver di Nvidia diponibile crea anche l'icona per le impostazioni della
scheda. Sono stati inoltre correti alcuni bug. Il tool si avvia anche dalla
modalità grafica.
http://www.ziobudda.net/Admin/redir_news.php?id=22392

BITTORRENT AVRA' IL SUO MOTORE DI RICERCA
L'ultima mossa di Cohen viene osservata con preoccupazione dalle major:
nelle prossime ore sara' online una search engine per trovare i file torrent
disponibili in rete
URL: http://punto-informatico.it/pi.asp?i=53028

MS LANCIA LA PRIMA BETA DI INFOCARD
Microsoft ha messo a disposizione degli sviluppatori le prime versioni dei
tool di sviluppo che accompagneranno Longhorn, compreso quello per la nuova
tecnologia di identity management
URL: http://punto-informatico.it/pi.asp?i=53020

CRACCATA L'ANTIPIRATERIA DI WINDOWS
Un ricercatore ha scoperto che i check-in obbligatori, che verificano
l'autenticita' della copia di Windows usata dagli utenti, possono essere
aggirati. Ma e' un giochino dalla vita breve
URL: http://punto-informatico.it/pi.asp?i=53016
Also - http://news.com.com/Bypass+found+for+Windows+piracy+check/2100-1002_3-5717127.html

CA CHIUDE UN BUCO NEGLI ANTIVIRUS
Computer Associates ha sistemato una vulnerabilita' di sicurezza che
interessa tutti i suoi piu' recenti software antivirus
URL: http://punto-informatico.it/pi.asp?i=53018
Also - http://www.eweek.com/article2/0,1759,1819425,00.asp?kc=EWRSS03119TX1K0000594

WIRELESS USB E' REALTA'
La specifica che promette di fare piazza pulita di Bluetooth, e fornire
velocita' circa 500 volte superiori, e' stata approvata nella sua versione
definitiva. L'attende il mercato
URL: http://punto-informatico.it/pi.asp?i=53047

BUCO DNS, CISCO CURA ALCUNI CLIENT
Alcune implementazioni del protocollo DNS sono vulnerabili ad attacchi DoS.
Il diffusissimo server BIND sembra esente dal problema. Cisco, invece, ha
patchato alcuni client VoIP
URL: http://punto-informatico.it/pi.asp?i=53052
Also - http://www.eweek.com/article2/0,1759,1819636,00.asp?kc=EWRSS03119TX1K0000594

PRIVACY, CONDANNATO PER UN VIDEO WEB
di Giuseppe Briganti - Ha avuto la brillante idea di pubblicare su un sito
web un video della ex fidanzata associato persino al suo numero di telefono:
e' stato condannato per trattamento illecito di dati personali
URL: http://punto-informatico.it/pi.asp?i=53058

BREVETTI SOFTWARE, NUOVA MOBILITAZIONE
Oggi a Bologna coordinamento e il prossimo 2 giugno mobilitazione
internazionale a Bruxelles contro la direttiva sui brevetti per il software,
criticata da moltissimi
URL: http://punto-informatico.it/pi.asp?i=53057

** STRUMENTI ANTI-PHISHING ANCHE PER FIREFOX **
Netcraft offre un programma che allerta gli utenti se visitano un
sito-trappola e permette di segnalare siti sospetti. Ma non è l'unica
soluzione
>> di Paolo Attivissimo
http://www.zeusnews.it/news.php?cod=4151

** LA TRUFFA AI DANNI DI BANCA INTESA **
La nota banca italiana al centro di un episodio di phishing su vasta scala.
>> di Paolo Attivissimo
http://www.zeusnews.it/news.php?cod=4149

** IL SITO CHE TI CRIPTA L'HARD DISK **
.. e ti chiede soldi per la decodifica!
http://www.zeusnews.it/news.php?cod=4148

Beating The Summer Heat
Author: Brien M. Posey
Summary: Summer heat can wreck havoc on your servers. If you'd prefer to
spend your summer boating or barbequing than fixing servers, then check this
story of how I coped with the extreme heat in my own server room. Link:
http://www.WindowsNetworking.com/articles_tutorials/Beating-Summer-Heat.html

Best Practices for Designing Group Policy
Author: Mitch Tulloch
Summary: This article summarizes best practices for planning the
implementation of Group Policy in an Active Directory environment. Topics
covered include designing an OU structure to facilitate management by Group
Policy, minimizing use of blocking and enforcement, and more. Link:
http://www.WindowsNetworking.com/articles_tutorials/Best-Practices-Designing-Group-Policy.html

Obfuscated Shellcode, the Wolf in Sheep's Clothing (Part 1)
Author: Don Parker
Summary: This article will describe just what shellcode is, and how it
relates to exploit code. Also explained will be some advances in exploit
code development in an effort to further stealth the presence of certain
shellcode characteristics.
Link: http://www.WindowSecurity.com/articles/Obfuscated-Shellcode-Part1.html

Physical Security Primer (Part 2)
Author: Robert J. Shimonski
Summary: In this article we will continue with our detailed look at applying
physical security whenever and wherever possible. In this article we will
cover Backup Power. Let's take a look at what you can do to make sure that
power remains a reality at your facility, home or office.
Link: http://www.WindowSecurity.com/articles/Physical-Security-Primer-Part2.html

Windows XP Security
This article will help you protect your XP computer from internet threats.
http://www.aspfree.com/c/a/Windows-Security/Windows-XP-Security/

One-time Passwords - Tight Security for Sensitive Data and Responsible Users
Read about this alternative to standard passwords.
http://webhosting.devshed.com/c/a/Web-Hosting-HowTos/Onetime-Passwords-Tight-Security-for-Sensitive-Data-and-Responsible-Users/

ADVISORIES, MAY 23, 2005
Today's security advisories: kernel (Fedora Core); and firefox and mozilla
(Red Hat Linux).
http://nl.internet.com/ct.html?rtr=on&s=1,1mv3,1,p58,490k,85jl,7pty

OPEN SOURCE: WHERE WE ARE NOW. WHERE WE ARE GOING
An in depth look at the current state of Open Source software and an attempt
to create a form of time capsule by documenting some of the most important
things going on today in the community and the commercial world.
http://nl.internet.com/ct.html?rtr=on&s=1,1muz,1,ag7d,2nm3,85jl,7pty

SECURE AND PRIVATE BROWSING WITH SQUID
"Browsing a site that supports SSL is a definite way to make sure no one can
snoop in on what you're doing--which is a good thing when you're doing
something personal like checking email over the web..."
http://nl.internet.com/ct.html?rtr=on&s=1,1muz,1,8all,ef8r,85jl,7pty

TRANSPARENT PROXYING WITH SQUID
"If you've ever looked into setting up a web cache for your office or
campus, you're probably familiar with Squid..."
http://nl.internet.com/ct.html?rtr=on&s=1,1muz,1,g490,ftzn,85jl,7pty

MALWARE
Title: Worm, phishing scam hit IM services
Source: C-Net News
Date Written: 2005-05-24
Date Collected: 2005-05-25
IMLogic, an instant messaging security company, warns that a new worm is
targeting America Online (AOL) and Yahoo users with links related to the
recently released "Star Wars Episode III: Revenge of the Sith" movie.
IMLogic rates the worm as 'medium' risk, while McAfee has received only one
report of the AOL worm. When users click the link, they download a variant
of the Gaobot trojan, which then sends instant messages to all the victim's
contacts. The link also takes users to a spoof Yahoo site and asks them to
provide login information. The attack is part of a growing trend of instant
message attacks.
http://news.com.com/Worm%2C+phishing+scam+hit+IM+services/2100-7349_3-5719088.html

TECHNOLOGY
Title: XP SP2 makes Windows 15 times more resilient
Source: ZDNet Australia
Date Written: 2005-05-24
Date Collected: 2005-05-25
According to Jason Garms, head of Microsoft's anti-malware product team,
speaking at the AusCERT conference in Queensland, Australia, Windows XP
Service Pack 2 has made the Windows operating system 15 times less likely to
contract a virus. Turning on auto update by default has also ensured that
most Windows machines get patched in a timely fashion. Microsoft will soon
offer an enterprise version of its antispyware tool, currently in beta
testing; Garms did not announce a release data or whether it would be a free
utility. The Windows error reporting tool has given Microsoft data
suggesting that one third of Windows crashes may be caused by spyware.
http://www.zdnet.com.au/news/security/0,2000061744,39193256,00.htm

TECHNOLOGY
Title: Intuit launches Windows patch tool
Source: C-Net News
Date Written: 2005-05-24
Date Collected: 2005-05-25
Intuit has released the Track-It Patch Manager to help small and medium
businesses install Microsoft security updates on their networks. Track-It
was developed by Intuit's IT Solutions group, which the company will soon
sell so it can focus on Quickbooks and its other financial management
products. Track-It can schedule scans of computers, install missing patches,
and reboot computers. It also displays patch information, creates reports,
and allows administrators to choose which patches to install automatically.
Tack-It is available to Track-It, Deploy, and Network Monitor customers,
while a stand-alone version is available at varying prices.
http://news.com.com/Intuit+launches+Windows+patch+tool/2100-1002_3-5719152.html

VULNERABILITIES & EXPLOITS
Title: Cisco targets Net phone software flaw
Source: C-Net News
Date Written: 2005-05-24
Date Collected: 2005-05-25
The United Kingdom's National Infrastructure Security Co- ordination Centre
has reported a Domain Name System (DNS) vulnerability that could allow
denial of service attacks against Cisco's internet protocol (IP) phones.
Errors during the compression or decompression of DNS log files could allow
an attack to create malformed packets, leading to phone malfunction or
crash. Cisco says the flaw only affects DNS clients, found in its phones and
content-networking products, but not DNS servers. Cisco has released a patch
for the flaw.
http://news.com.com/Cisco+targets+Net+phone+software+flaw/2100-1002_3-5719098.html

Three tools to help you configure iptables
http://software.newsforge.com/article.pl?sid=05/05/09/1846213&from=rss
Every user whose client connects to the Internet should configure his
firewall immediately after installation. Some Linux distributions include
firewall configuration as a part of installation, often offering a set of
defaults configurations to choose from. However, to ensure that your machine
presents the minimum "attack surface" (a measure of the number of vulnerable
ports, user accounts, and sockets exposed to attack) to the predatory
inhabitants of the Internet, you may need to do some manual configuration of
your firewall. Here are three tools that can help.

The Fifth Commandment of system administration
http://software.newsforge.com/article.pl?sid=05/05/13/1851255&from=rss
If you're a good administrator, you pride yourself on developing a
fundamental understanding of the systems you build. After a while, as you
begin to comprehend the complete complexity that goes along with building
and maintaining your infrastructure, the commands and procedures to control
them become second nature. You have to look at the documentation less and
less, until eventually people refer to you as a guru. Having this kind of
understanding of your servers is important, but it does no good if you
aren't available when something crashes. By creating detailed written
policies detailing the ins and outs of your systems in advance, you can
provide critical background information to your backup admin who can use it
to restore functionality in your absence.

NFS over CIPE-VPN tunnels
http://software.newsforge.com/article.pl?sid=05/05/05/1916206&from=rss
The Network File System (NFS) is a standard protocol for sharing file
services with Linux and Unix computers. It is a distributed file system that
enables local access to remote disks and file systems and is based on the
clientserver architecture. Although easy to configure, it is typically used
only to transfer data over an intranet or LAN because of its transparency
and security potholes when exposed to the risks of the Internet. However, it
still can be employed -- without compromising security -- to share files
over the Internet by configuring it to run on a Virtual Private Network
(VPN) connection. This article will show you how to set up NFS to run over a
CIPE-VPN connection between two Linux systems.

"Il vecchio PC in cantina? Un ottimo firewall! Grazie a Linux"
Come realizzare un firewall utilizzando un vecchio pc ed IPCop.
http://www.ziobudda.net/Admin/redir_news.php?id=22421

"I brevetti Nokia possono essere usati nel Kernel Linux"
Nokia ha dichiarato pubblicamente che i suoi brevetti possono essere usati
liberamente nel kernel Linux, ed anche negli altri progetti Open Source.
http://www.ziobudda.net/Admin/redir_news.php?id=22417

"Volantino di informazione sui brevetti"
Stampatelo, copiatelo, fatelo girare..
http://www.ziobudda.net/Admin/redir_news.php?id=22440

"Sono online i lucidi della terza lezione del corso GNU/Linux"
Come per le precdenti due lezioni, sono disponibili e liberamente
scaricabili i lucidi relativi alla terza lezione, incentrata sui boot
loader, sui desktop e su alcuni comandi base della shell BASH.
http://www.ziobudda.net/Admin/redir_news.php?id=22436

STALLMAN: APRITE I VOSTRI DRIVER
Da Taiwan il padre del progetto GNU ha invitato i produttori di hardware a
rilasciare il codice dei propri driver o, quanto meno, le informazioni
necessarie a supportare i loro prodotti su altre piattaforme
URL: http://punto-informatico.it/pi.asp?i=53087

Bluetooth Security Review, Part 2
Part 2 of the Bluetooth series looks at several unpublished vulnerabilities
in Symbian based phones, and then moves on to discuss "Blue Tag" tracking,
positioning, and privacy issues.
http://www.securityfocus.com/infocus/1834

White Hat or White Whale?
Sometimes an obsession over any one security approach, whether it's policy
or a specific technology, can be a very unhealthy thing overall.
http://www.securityfocus.com/columnists/330

ADVISORIES: MAY 25, 2005
Today's security advisories: qpopper (Debian GNU/Linux); and ImageMagick,
ethereal, kernel, and lesstif (Red Hat Linux).
http://nl.internet.com/ct.html?rtr=on&s=1,1n3y,1,92ud,ahca,85jl,7pty

SENTRY CD--A DIFFERENT FIREWALL APPROACH
If you want to set up a Linux-based firewall, there's no need to run a
bloated distribution that installs everything but the kitchen sink..."
http://nl.internet.com/ct.html?rtr=on&s=1,1n3y,1,f3mb,9am8,85jl,7pty

STOPPING INTRUDERS WITH SNORT & FRIENDS
"When hackers are cooking up trouble, users of an open source tool called
Snort can stop their deliveries...
http://nl.internet.com/ct.html?rtr=on&s=1,1n3y,1,iotf,4g1z,85jl,7pty

MALWARE
Title: Witty worm traced to Europe
Source: CNet
Date Written: 2005-05-26
Date Collected: 2005-05-26
Vern Paxson and Nicholas Weaver, of the International Computer Science
Institute (ICSC), and Abhishek Kumar, a student at the Georgia Institute of
Technology, have recreated how the 2004 Witty worm spread through the
Internet. The Witty worm infected over 12,000 servers in only 75 minutes,
exploiting a flaw in Internet Security Systems (ISS) products. Looking at
Witty's code and the random number generator it used to pick its targets,
the researchers have discovered that the worm was likely launched from a
European server to target systems at a US military base. The researchers say
this is the first time patient zero has been identified, and that the worm
was probably created by an ISS insider. The worm began by infecting 110
vulnerable systems, all of which were at a single US military installation.
http://news.com.com/Witty+worm+traced+to+Europe/2100-7349_3-5721261.html

VULNERABILITIES & EXPLOITS
Title: Microsoft Plugs Phishing Hole on Xbox360 Site
Source: EWeek.com
Date Written: 2005-05-25
Date Collected: 2005-05-26
Microsoft has updated its Xbox360.com website after a cross-site scripting
vulnerability was discovered by security services firm Finjan Software. The
flaw could have been exploited by phishers to steal personal information
about online gamers, but was patched within 12 hours. Finjan did not
publicly disclose details about the vulnerability, but said that e-mail
addresses, home addresses, and credit card numbers were at risk. A separate
vulnerability, affecting the game Halo: Combat Evolved, has been elevated to
moderately critical by security firm Secunia. Secunia recommends that users
only host games on trusted networks until a patch is issued.
http://www.eweek.com/article2/0,1759,1820524,00.asp?kc=EWRSS03129TX1K0000614

VULNERABILITIES & EXPLOITS
Title: Device drivers filled with flaws, threaten security
Source: Security Focus
Date Written: 2005-05-26
Date Collected: 2005-05-27
According to David Maynor, a research engineer for Internet Security
Systems' X-Force vulnerability analysis group, software and hardware vendors
need to do more to prevent coding flaws in device driver software. While
operating systems vendors are working hard to fix common vulnerabilities in
their softwares, device drivers have escaped notice. Code checking software
vendor Coverity found that 50% of flaws in the Linux 2.6.9 kernel were in
device drivers. Device drivers are usually programmed by hardware vendors
rather than the operating system programmers who are implementing
security-aware programming practices. Device driver flaws can be more
dangerous than other flaws since they have direct access to the kernel.
While device driver attacks often require physical access to a computer,
this may not be the case for wireless, networking, or Bluetooth drivers.
Many hardware makers, such as NVidia, are implementing auditing procedures
for their drivers.
http://www.securityfocus.com/news/11260

VULNERABILITIES & EXPLOITS
Title: Microsoft, Linux vendors slow to fix flaw
Source: ZDNet Australia
Date Written: 2005-05-27
Date Collected: 2005-05-27
Microsoft and several Linux vendors have yet to respond to news of a flaw
that could allow hackers to steal sensitive information from Intel
processors with hyper-threading capabilities. FreeBSD says it has received a
formal response on the issue from the makers of the BSD family of operating
systems, but Microsoft, Novell, Red Hat, and Mandriva have not yet
responded. Colin Percival, the researcher who discovered the flaw, says he
informed the various companies of the flaw in March 2005, but they did not
release a patch before he revealed details of the flaw at a conference on
May 13. Red Hat says it is working with OpenSSL to fix the 'moderate'
threat, while Microsoft says it has no evidence of an exploit in the wild.
Intel has done little to address the flaw, considering it "very low" risk.
http://www.zdnet.com.au/news/security/0,2000061744,39193421,00.htm

Microsoft advises IE users to uninstall Netscape 8
http://newsvac.newsforge.com/article.pl?sid=05/05/26/1957226&from=rss
Microsoft has alerted consumers that Netscape's latest browser appears to
break the XML rendering capabilities in Microsoft Internet Explorer.

HOWTO Install VMware 5 on Slackware 10.1
http://newsvac.newsforge.com/article.pl?sid=05/05/27/1745255&from=rss
SilentBob4 writes "Some of you may already know that Vmware does not install
on Slackware Linux without some serious coaxing. Others may not. This HOWTO
is aimed at the latter crowd. In other words, this HOWTO is for you. Enjoy!"

g00d reading! 'n' bye
Security News MainTainer:

The Jackal a.k.a. jAcKallO < jackal [at] capitanlug.it >

(AreaSessantuno Inside) / (SpiPPolatori Collaborator)
(HackerAlliance Member) / (Socio fondatore del CapitanLUG.iT)
(Daily DisInfo CreaTor & MainTainer) / (Security News MainTainer)