CRACKDOWN INTERNAZIONALE CONTRO IL WAREZ Individuati i membri di alcune delle crew piu' note sulla rete, sequestrati computer e molti server e siti dai quali venivano distribuiti software, videogiochi, film e musica. Da qui, forse, la diffusione dell'ultimo Star Wars
URL: http://punto-informatico.it/pi.asp?i=53850
FALLA SENZA PATCH PER IE
Nel browser di casa Microsoft e' stato scoperto un bug che ancora non trova una soluzione. Su Internet circola un exploit capace di trarre vantaggio dalla vulnerabilita'. Esperti in allarme
URL: http://punto-informatico.it/pi.asp?i=53836

FUMETTI HI-TECH PER LA SICUREZZA INFORMATICA Li presenta Zone-H che in un ciclo di pubblicazioni affrontera' i temi della sicurezza, dell'hacking e del cracking con l'occhio originale di un fumetto che gia' si invola verso il Defcon 2005
URL: http://punto-informatico.it/pi.asp?i=53837

BREVETTI, PARLA UNA PMI ITALIANA
Una imprenditrice italiana firma una lucida lettera contro i brevetti trasmessa ai nostri parlamentari in Europa, che mercoledi' voteranno la direttiva. Il testo integrale
URL: http://punto-informatico.it/pi.asp?i=53848

Microsoft Baseline Security Analyzer (MBSA) 2.0 Microsoft ha rilasciato una nuova versione di Microsoft Baseline Security Analyzer (MBSA) nato nell'ambito del programma STPP (programma strategico di protezione della tecnologia) per rispondere direttamente alle esigenze dei clienti, che richiedono un metodo lineare e semplificato per l'identificazione dei più comuni errori di configurazione della protezione, consente di analizzare i sistemi Windows in modalità locale o remota. È possibile eseguire MBSA in Windows 2000 SP2, 2003 e Windows XP per rilevare eventuali vulnerabilità e verificare che siano presenti tutti gli aggiornamenti (hotfix) necessari per i seguenti prodotti: Windows NT 4.0, Windows 2000, Windows 2003, Windows XP, Internet Information Server (IIS) 4.0 e 5.0, SQL Server 7.0 e 2000, Internet Explorer (IE) 5.01 e versioni successive, Office 2000 e 2002. MBSA crea e memorizza singoli report sulla protezione in formato XML per ogni computer analizzato e li visualizza in formato HTML nell'interfaccia utente grafica.
http://www.wintricks.it/news1/article.php?ID=3972

NTFS Reader 1.6
DiskInternals NTFS Reader è un programma gratuito che permette di avere l'accesso ai volumi NTFS anche da sistemi 9x, che mancano del supporto per questo file system.
http://www.wintricks.it/news2/article.php?ID=9086

Disk Investigator 1.32
Disk Investigator è un software gratuito che vi permetterà di recuperare dati persi o cancellati dal disco fisso.
http://www.wintricks.it/news2/article.php?ID=9085

RootkitRevealer 1.54
RootkitRevealer è un ottima utility gratuita per la rivelazione di rootkit.
I rootkit sono un insiemi di programmi utilizzati per perpetrare un attacco
a un sistema.
http://www.wintricks.it/news2/article.php?ID=9083

***Un hard disk con autodistruzione***
Se provi a manometterlo si auto-distrugge, se non hai la password si
auto-incenerisce: insomma, un drive decisamente sicuro, ma permaloso. Citare
"Mission Impossible" potrebbe sembrare banale, ma nel caso della nuova linea
di hard disk della Ensconce Data Technologies non si potrebbe disporre di un
esempio migliore. Si tratta infatti di drive per PC e notebook che, grazie
ad un particolare sistema di protezione, in caso di furto o manomissione si
autodistruggono: all'interno del drive viene infatti rilasciata una
soluzione acida che scioglie i piattelli magnetici vaporizzando quindi ogni
dato immagazzinato.
http://www.pc-facile.com/hard_disk_con_autodistruzione_n33415/

***Attenzione alle nuove false e-mail Microsoft***
Il testo del messaggio ricalca da vicino quello dei bollettini di sicurezza
della società di Bill Gates. Ci risiamo. Sti sta diffondendo una nuova
ondata di false e-mail che sembrano provenire da Microsoft quando in realtà
sono state composte ed inviate col solo scopo di far danni. Il testo del
messaggi di posta elettronica ricalca da vicino i bollettini di sicurezza
Microsoft inviati a chi si registra alla newsletter mantenuta dall'azienda.
Il falso bollettino tenta di convincere il ricevente a cliccare su un link
riportato nel corpo del testo del messaggio spiegandosi che trattasi di un
aggiornamento di sicurezza critico
http://www.pc-facile.com/attenzione_nuove_false_e-mail_microsoft_n33436/

Satya Jith: Bluetooth Tutorial Added
We would like to first of thank Williamc / TwinVega for contributing this
Video. The video will help you understand the security flaw in Bluetooth
enabled devices and how the tool Bluesnarfing tool can be used to exploit
the same.
http://www.remote-exploit.org/index.php/Tutorials

Slackware Linux Essentials 2nd Edition
Recently the Slackware Linux Essentials (the reference book for Slackware
users) has been revised; while we announce it, we would like to thank
everyone who took part in it, and congratulate them for the well done job!
The homepage for this project (which is now an official Slackware project)
is www.slackbook.org , so visit that site if you want to read more (and read
the book online).

Anatomy Of A Hack-The Rise And Fall Of Your Network
There are myriad ways that a network can be compromised, and an
administrator needs to be aware of them all (and anticipate new ways coming
around the corner). This chapter will not to show how to attack something,
but show how attackers take advantage of your mistakes. This will enable you
to protect your network by avoiding the pitfalls attackers use.
http://www.informit.com/articles/article.asp?p=397660

Adding an Easy File Save and File Load Mechanism to Your C++ Program
Why waste your time figuring out an algorithm for storing things in a file?
And why spend time debugging the code? Let the Boost library do it for you.
Saving your data to your own custom-made file formats is easy with the help
of the Boost serialization templates. Jeff Cogswell shows you how to save
the data and read it back in with ease.
http://www.informit.com/articles/article.asp?p=398702

Importing Java Transactions from an External EIS Using JCA 1.5 Transaction Inflow
The introduction of inbound transactions in the Java Connector Architecture
(JCA) 1.5 specification is a great step toward seamless integration of
heterogeneous systems. Madhusudhan Konda explains the simple theory behind
the transaction inflow contract and shows how easy it is to implement a
resource adapter to import a transaction from an external enterprise.
http://www.informit.com/articles/article.asp?p=383047

Linux Kernel Subthread Exec Local Denial Of Service Vulnerability
http://newsvac.newsforge.com/article.pl?sid=05/07/03/1545201&from=rss
The Linux kernel is prone to a local denial of service vulnerability. The
issue manifests when a call to exec is made for a subthread that has a timer
pending. A local attacker may exploit this issue to crash the kernel
effectively denying service for legitimate users. Solution: Fedora advisory
FEDORA-2005-510 for Fedora Core 4 is available to address this issue. Fixes
may be installed using the Red Hat Update Agent; this can be accomplished
using the 'up2date' command. Please see the referenced advisory for more
information. The vendor has released an update.

SSH
Vendor: SSH Communications
A vulnerability was reported in SSH Secure Shell Server, affecting
Windows-based systems. A local user or remote authenticated user can obtain
the host key.
Impact: Disclosure of authentication information
Alert: http://securitytracker.com/alerts/2005/Jun/1014344.html

Ipfw
Vendor: FreeBSD
A vulnerability was reported in FreeBSD's ipfw packet filtering code. A
remote user may be able to send a packet through the firewall.
Impact: Host/resource access via network
Alert: http://securitytracker.com/alerts/2005/Jun/1014336.html

TCP/IP Stack Implementation
Vendor: FreeBSD
Two vulnerabilities were reported in FreeBSD in the TCP stack
implementation. A remote user can cause denial of service conditions.
Impact: Denial of service via network
Alert: http://securitytracker.com/alerts/2005/Jun/1014333.html

Clam AntiVirus
Vendor: clamav.sourceforge.net
iDEFENSE reported two vulnerabilities in Clam AntiVirus. A remote user can
cause denial of service conditions.
Impact: Denial of service via network
Alert: http://securitytracker.com/alerts/2005/Jun/1014332.html

Microsoft Internet Explorer (IE)
Vendor: Microsoft
A vulnerability was reported in Microsoft Internet Explorer in
'javaprxy.dll'. A remote user can cause the target user's browser to crash
or potentially execute arbitrary code.
Impact: Denial of service via network
Alert: http://securitytracker.com/alerts/2005/Jun/1014329.html

Apache
Vendor: Apache Software Foundation
A vulnerability was reported in the Apache web server. A remote user may be
able to conduct HTTP request smuggling attacks against web-based
applications on the target system.
Impact: Modification of user information
Alert: http://securitytracker.com/alerts/2005/Jun/1014323.html

phpBB
Vendor: phpBB Group
A vulnerability was reported in phpBB in the highlighting code in
'viewtopic.php'. A remote user may be able to execute arbitrary commands on
the target system.
Impact: Execution of arbitrary code via network
Alert: http://securitytracker.com/alerts/2005/Jun/1014320.html

Adobe Acrobat
Vendor: Adobe Systems Incorporated
A vulnerability was reported in Adobe Reader and Adobe Acrobat in the
updater function. A local user may be able to gain elevated privileges.
Impact: Root access via local system
Alert: http://securitytracker.com/alerts/2005/Jun/1014319.html

Adobe Acrobat
Vendor: Adobe Systems Incorporated
A vulnerability was reported in Adobe Reader and Adobe Acrobat. A remote
user may be able to execute arbitrary applications on the target user's
system.
Impact: Execution of arbitrary code via network
Alert: http://securitytracker.com/alerts/2005/Jun/1014318.html

ASP Nuke
Vendor: aspnuke.com
Several vulnerabilities were reported in ASP Nuke. A remote user can conduct
SQL injection, cross-site scripting, and HTTP response splitting attacks.
Impact: Disclosure of authentication information
Alert: http://securitytracker.com/alerts/2005/Jun/1014310.html

PHP-Nuke
Vendor: Phpnuke.org
A vulnerability was reported in PHP-Nuke. A remote user can conduct
cross-site scripting attacks.
Impact: Disclosure of authentication information
Alert: http://securitytracker.com/alerts/2005/Jun/1014307.html

Linux Kernel
Vendor: kernel.org
A vulnerability was reported in the Linux kernel in the ptrace() function. A
local user can write to kernel memory.
Impact: Denial of service via local system
Alert: http://securitytracker.com/alerts/2005/Jun/1014305.html

Linux Kernel
Vendor: kernel.org
A vulnerability was reported in the Linux kernel, affecting AMD64-based
systems. A local user can cause denial of service conditions.
Impact: Denial of service via local system
Alert: http://securitytracker.com/alerts/2005/Jun/1014304.html

Linux Kernel
Vendor: kernel.org
A vulnerability was reported in the Linux kernel syscall() function,
affecting AMD64-based systems. A local user can cause denial of service
conditions.
Impact: Denial of service via local system
Alert: http://securitytracker.com/alerts/2005/Jun/1014303.html

Linux Kernel
Vendor: kernel.org
A vulnerability was reported in the Linux kernel ptrace() function,
affecting AMD64-based systems. A local user can cause the kernel to crash.
Impact: Denial of service via local syste
Alert: http://securitytracker.com/alerts/2005/Jun/1014302.html

Mozilla Firefox
Vendor: Mozilla.org
Paul Kurczaba reported a vulnerability in the Mozilla Firefox browser. A
remote user can cause the browser to crash.
Impact: Denial of service via network
Alert: http://securitytracker.com/alerts/2005/Jun/1014294.html

NetBSD
Vendor: NetBSD
A vulnerability was reported in NetBSD in the audio subsystem. A local user
can crash the kernel.
Impact: Denial of service via local system
Alert: http://securitytracker.com/alerts/2005/Jul/1014348.html

Slackware Linux Project Italia
E' con immenso piacere che annuncio la nascita (da un mesetto circa) di
Slackware Linux Project Italia. L'unico progetto ufficiale (a parte
slackware.com) dello Slackware Linux Project! Per maggiori notizie e per
scoprire come supportare il progetto, potete leggere l'annuncio completo
qui:
http://slackware.it/annunci/20050606.txt
oppure collegarvi direttamente al sito:
http://slackware.it/index.php

"GoogleOS: Fake o No?"
Ecco delle foto del nuovo sistema operativo sviluppato da Google....ai
posteri l'ardua sentenza!
http://www.ziobudda.net/Admin/redir_news.php?id=23102

"P2P: I dettagli del caso Cucciolandia"
L'azione della procura di Sulmona contro una rete di server casalinghi
Assalto a Cucciolandia, regno del file sharing. Non sono un gruppo di
animalisti radicali né una gang, ma una rete di server condivisi per il
downloading di file musicali. Che la polizia ha preso di mira tra lo
sconcerto generale. I retroscena della prima operazione contro il peer to
peer, dopo la finta depenalizzazione del governo.
http://www.ziobudda.net/Admin/redir_news.php?id=23095

"Sun, marcia indietro sul desktop Linux"
Il Java Desktop System, molto lontano dai 50 milioni di utenti previsti da
Sun, sarà probabilmente 'donato' alla comunità open source. Che sembra
sempre più l'opzione preferita quando un progetto non raggiunge i numeri
previsti...
http://www.ziobudda.net/Admin/redir_news.php?id=23094
Also - http://punto-informatico.it/pi.asp?i=53888

"Anatomia di un Hack"
Un (lungo) articolo su cosa fare per proteggere il nostro sistema, e
prevenire eventuali nuove tipologie d'attacco.
http://www.ziobudda.net/Admin/redir_news.php?id=23091

SEAMONKEY, IL MOZILLA DEL FUTURO
Si chiama cosi' il progetto open source che, varato ufficialmente negli
scorsi giorni, proseguira' lo sviluppo di Mozilla Suite la' dove Mozilla
Foundation lo ha recentemente sospeso
URL: http://punto-informatico.it/pi.asp?i=53882

LE REDINI DI INTERNET RIMARRANNO AGLI USA
Clamorosa presa di posizione dell'amministrazione Bush che fa infuriare
europei ed asiatici: il Governo a stelle e strisce non vuole una gestione
condivisa dei sistemi che reggono la Rete. E intende tenerseli stretti
URL: http://punto-informatico.it/pi.asp?i=53880

Troubleshooting Basic TCP/IP Problems
Author: Brien M. Posey
Summary: Over the last several years, TCP/IP has gone from being the
protocol that only geeks use, to a universal protocol that everyone uses,
thanks to the widespread use of the Internet. TCP/IP has been around for
decades and is a solid, reliable, mature protocol. Most of the time when
there is a TCP/IP related problem, the problem is related to the way that
one or more of the hosts on the network are configured. In this article, I
will walk you through the process of troubleshooting some common TCP/IP
issues.
Link: http://www.WindowsNetworking.com/articles_tutorials/Troubleshooting-Basic-TCPIP.html

Book Reviews: Still More Security Books
Author: Mitch Tulloch
Summary: Security books keep flooding in from publishers, so it looks like
the business of information security continues to occupy a forefront in the
minds of both business executives and IT professionals. Here's my latest
pick of what's good.
Link: http://www.WindowSecurity.com/articles/Book-Reviews-More-Security-Books.html

UNDERSTANDING CONTINUOUS DATA PROTECTION
A critical element of total backup systems, CDP products can help you find
that needle in your data haystack. More importantly, they offer restoration
capabilities that tape, replication and snapshot technologies lack.
http://www.net-security.org/news.php?id=8133

BROWSER IDENTIFICATION FOR WEB APPLICATIONS
This paper outlines techniques that allow users to determine client browser
types remotely.
http://www.net-security.org/news.php?id=8139

ENCRYPT DATA OR INVITE DISASTER
In today's workplace, stealing information doesn't require a covert Special
Forces team.
http://www.net-security.org/news.php?id=8148

DENIAL OF SERVICE ATTACKS: "SMURFING"
This article provides good information on what a Denial of Service (DoS)
attack is and why they can be so harmful to networks and sites on the
Internet.
http://www.net-security.org/news.php?id=8159

LINUX SECURITY DEFINED
A system running Linux is highly versatile and can be made as secure as a
system running UNIX.
http://www.net-security.org/news.php?id=8162

FOR BETTER SECURITY, KEEP AN EYE ON ACTIVEX
You probably have encountered ActiveX controls on the Internet. Web pages
that play music probably use them. ActiveX controls also can open Windows
Media movies or Microsoft Word documents inside a browser window.
http://www.net-security.org/news.php?id=8165

OPEN SOURCE HIDES SECRET DATA
The art of hiding information from anyone except from the intended receiver
has been used for many centuries.
http://www.net-security.org/news.php?id=8171

Configuring an HP-UX Kernel
This chapter covers the kernel-related commands, gives some examples of
using the commands to modify and build kernels, and gives an overview of
kcweb, the web-based system administration tool.
http://www.informit.com/articles/article.asp?p=392277

Home Network Vulnerabilities: Spam, Cookies, Pop-Ups, Spyware, and Scams
In addition to viruses and worms, there are some other annoying programs and
files out there that you need to protect your home network from. This
chapter focuses on spam, cookies, spyware, and scams-what they are, how they
work, and how to get rid of or at least control them.
http://www.informit.com/articles/article.asp?p=397914

Host Intrusion Prevention Systems: Defense-in-Depth's Best Friend
Today's biggest security issues are highly complex and take many forms in
their efforts to penetrate corporate and home defenses. A defense plan,
while often a layered approach, hinges most successfully on the security
mechanisms located on the endpoint itself. Chad Sullivan takes a look at
common issues and how host Intrusion Prevention Systems (IPS) can become the
most crucial piece of your corporate layered security plan.
http://www.informit.com/articles/article.asp?p=397973

DNS name serving through NSD
http://hardware.newsforge.com/article.pl?sid=05/06/28/1618219&from=rss
Given the sheer importance of name servers in providing Domain Name System
(DNS) resolution -- a process used by every Web-facing application to
translate domain names into IP addresses and vice versa -- not many people
put much thought into the available software alternatives for pulling off
this feat. One compelling application is NSD, an alternative to the widely
deployed BIND name server.

Great Moments in Microprocessor History
http://newsvac.newsforge.com/article.pl?sid=05/07/05/0155227&from=rss
Anonymous Reader writes "The evolution of the modern microprocessor is one
of many surprising twists and turns. Who invented the first micro? Who had
the first 32-bit single-chip design? From the vacuum tube to today's
dual-core multithreaded madness, this article shows the defining decisions
that brought the contemporary microprocessor to its present-day
configuration."

Non passa la direttiva sui brevetti
Con sommo gaudio e tripudio, sono lieto di annunciare che la direttiva sulla
brevettabilità del software non è passata, registrando con 648 contrari su
680 una sconfitta che non lascia spazio a repliche. Una vittoria
schiacciante che premia il lavoro di tutti coloro che si sono impegnati in
questa missione di Libertà. Ecco l'annuncio ufficiale di FSF:
http://mail.fsfeurope.org/pipermail/press-release/2005q3/000109.html
Also - http://punto-informatico.it/pi.asp?i=53935
Also - http://www.zeusnews.it/news.php?cod=4229
Also - http://nl.internet.com/ct.html?rtr=on&s=1,1qhq,1,4dsh,3c49,85jl,7pty
Also - http://www.techworld.com/security/news/index.cfm?RSS&NewsID=3985
Also - http://software.newsforge.com/article.pl?sid=05/07/06/1235211&from=rss

"Dove sono i filesystem 'High Availability'?"
Sono anni che Intermezzo (www.intermezzo.org) o Coda (www.coda.cs.cmu.edu) o
anche il buon AFS di IBM (www-306.ibm.com/software/stormgmt/afs) ci
promettono un filesystem ad alta disponibilita', ossia di un filesystem
fruibile anche in presenza di connessioni di rete lente o temporaneamente
disconnesse. Sarebbe l'alternativa ideale a SMB o NFS in certi casi, e si
sente parlare di qualcosa di simile per il prossimo sistema operativo di
Microsoft. Purtroppo lo sviluppo di tali sistemi e' pressoche' in stallo
(intermezzo - coda) oppure la gestione non e' delle piu' intuitive (AFS). Il
'seguito' di Intermezzo dovrebbe essere Lustre (www.lustre.org), ma pare si
ponga i 'soliti' obiettivi di GFS di RedHat
(www.redhat.com/software/rha/gfs), quelli di filesystem distribuito per
clustering anziche' utenza occasionale con connessioni di rete lente o
off-line saltuariamente. Il link riporta alla home page di Intermezzo,
l'unico filesystem che servirebbe allo scopo, purtroppo tolto dal kernel
recentemente per inattivita'.
http://www.ziobudda.net/Admin/redir_news.php?id=23115

"WordPress, altre insicurezze"
In un solo paccozzo, cross site scripting, sql injection, ed un altro paio
di problemi non molto interessanti. Pare che il nuovo slogan di WP sia "otto
minuti senza un problema di sicurezza".
http://www.ziobudda.net/Admin/redir_news.php?id=23112

APPLICAZIONI PHP, ALLARME SICUREZZA
Gli esperti di sicurezza stanno mettendo in allerta utenti e amministratori
di sistema: una seria vulnerabilita' si annida in molti programmi basati su
PHP, come i sistemi per la gestione di contenuti web e blog
URL: http://punto-informatico.it/pi.asp?i=53897

OH NO, ANCORA COMMWARRIOR!
Il famoso worm per cellulari continua a colpire: e' la base del nuovo
cavallo di Troia Doomboot.A che in questi giorni sta prendendo di mira i
cellulari basati su Symbian. Occhio al falso Doom
URL: http://punto-informatico.it/pi.asp?i=53903
Also - http://www.techworld.com/security/news/index.cfm?RSS&NewsID=3977

COMPARING SECURITY ON WINDOWS AND LINUX
"Software security is quite often a subjective measure, mainly because there
is the risk of a security vulnerability being created with every line of
programming code..."
http://nl.internet.com/ct.html?rtr=on&s=1,1qdn,1,b7gh,bery,85jl,7pty

PYTHON + .NET = IRONPYTHON
"IronPython brings the interactivity and productivity of the Python language
to the.NET world..."
http://nl.internet.com/ct.html?rtr=on&s=1,1qdp,1,imvg,fqnt,85jl,7pty

THE DAEMON, THE GNU & THE PENGUIN, CH. 14, BY DR. PETER H. SALUS
"They concerned 'Plan 9' a new OS being worked on at Bell Labs. It was named
Plan 9 from Bell Labs after 'Plan 9 from Outer Space,' perhaps the worst
science fiction movie ever filmed..."
http://nl.internet.com/ct.html?rtr=on&s=1,1qdp,1,70pa,anrx,85jl,7pty

Security Overview
Learn network security and its natural conflict with network connectivity.
http://www.devshed.com/c/a/Security/Security-Overview/

Google Offers Personalized Home Page
Google is allowing users to customize the home page to show what they want
to see on each visit.
http://www.seochat.com/c/a/Search-Engine-News/Google-Offers-Personalized-Home-Page/

Why All the Hype About Skype?
Learn why this voice over Internet Protocol (VoIP) company is becoming so
popular. It's called disruptive technology.
http://webhosting.devshed.com/c/a/Web-Hosting-News/Why-All-the-Hype-About-Skype/

Problems in OpenSSH, Sudo, and Java
Noel Davis looks at problems in OpenSSH, Sudo, Sun Java, Blackdown Java,
tcpdump, cpio, JBOSS, Adobe Reader and Acrobat, gedit, Gaim, and Trac.
http://www.linuxdevcenter.com/pub/a/linux/2005/06/24/security_alerts.html

Is This Security Alert Really From Microsoft?
An excellent way to get information about Windows updates is via email with
Microsoft Technical Security Notification Services. But how will you know
what's real and what's a spoof? Mitch Tulloch, author of Windows Server
Hacks, shows you how.
http://www.windowsdevcenter.com/pub/a/windows/2005/07/05/scripting.html

Art and Computer Programming
One of the great theoretical debates in computer programming is "Is
programming art?" There are creative components certainly, and aesthetic
aspects occasionally, but do programming's functional concerns push it more
toward craft or engineering? John Littler recently cornered several
well-known hackers for their opinions on the subject.
http://www.onlamp.com/pub/a/onlamp/2005/06/30/artofprog.html

CYBERCRIME-HACKING
Title: Hackers crack two-factor security
Source: vnunet.com
Date Written: 2005-07-04
Date Collected: 2005-07-05
A number of security experts are warning that two-factor authentication may
not offer adequate protection for online banking. Sophos' Graham Cluley
notes that spyware now includes not only keystroke loggers, but also screen
grabbing software to send images of users' activities to the spyware's
master. Bruce Schneier, chief technical officer at Counterpane, doubts two-
factor authentication would be effective against man-in-the- middle and
pharming attacks. However, banks still plan to use two- factor systems;
F-Secure's Patrick Runald says two-factor authentication has worked well in
Sweden. Microsoft and British Telecom have announced plans to adopt
two-factor authentication for stronger security.
http://www.vnunet.com/vnunet/news/2139253/two-factor-authentication

MALWARE
Title: Hackers Unleash Industrial Spy Trojan
Source: NewsFactor
Date Written: 2005-07-01
Date Collected: 2005-07-05
MessageLabs has discovered a trojan targeting only 17 e-mail addresses from
four domains. The trojan uses a buffer overflow in Microsoft Word macro
names to execute malicious code. The e-mail comes with an infected Word
attachment with a message to convince the recipients that they should read
the document for important business information. Most of the e-mail
addresses were for an international organization working in global security.
MessageLabs says it has found a trend of similar targeted malware attacks,
leading researchers to believe trojans are becoming a favored tool for
industrial espionage.
http://www.newsfactor.com/story.xhtml?story_id=37026

VULNERABILITIES & EXPLOITS
Title: Web apps compromised by security hole
Source: Techworld
Date Written: 2005-07-04
Date Collected: 2005-07-05
GulfTech has discovered vulnerabilities in XML-RPC for PHP and PEAR XML_RPC,
which implement web services using HTTP and the PHP scripting language.
Flawed input validation in the parseRequest() function in XML RPC (remote
procedure call) servers could allow an attacker to use single quote
attributes to escape into the eval() function to execute arbitrary code. A
number of popular web applications, such as PostNuke, Drupal, b2evolution,
and TikiWiki, use PHPXMLRPC protocol, built on XML-RPC for PHP. A new
version of PHPXMLRPC is available to fix the problem. The PEAR XML_RPC flaw
resembles the PHPXMLRPC flaw, and is fixed by newly released version 1.3.1
of the software.
http://www.techworld.com/security/news/index.cfm?RSS&NewsID=3968

Preventing Malicious Spyware in the Enterprise
http://newsvac.newsforge.com/article.pl?sid=05/07/05/2054250&from=rss
Guest writes "Spyware threats are becoming more sophisticated; hackers are
finding ways to lodge key logging, backdoor programs and trojans onto more
desktops. However, anti-spyware tools have not kept up with this increased
complexity. This white paper reviews the major technology approaches to
spyware: signature and rules-based methods and points out the strengths and
weaknesses of these approaches. The white paper aims to help admins
critically assess the claims of spyware tools when they say they are
"enterprise-strength"."

Security an ongoing problem for Debian
http://newsvac.newsforge.com/article.pl?sid=05/07/05/1847257&from=rss
Debian is facing difficulties getting timely security updates to users of
its Linux distribution due to lack of manpower and software problems.

"SQL_INJECTION un'introduzione a gestirle"
Un articolo introduttivo, ma anche abbastanza approfondito (quel tanto che
basta per iniziare) su come gestire le problematiche di SQL_INJECTION.
http://www.ziobudda.net/Admin/redir_news.php?id=23164

"Stanca:Meglio nessuna direttiva che una insoddisfacente"
Il ministro per l'Innovazione e le Tecnologie, Lucio Stanca, ha espresso
"rammarico" per la bocciatura della Direttiva sulla brevettabilità del
software da parte del Parlamento europeo, "in quanto l'Europa aveva ed ha
bisogno di un quadro certo di norme su questo fronte". Al tempo stesso il
ministro ha però rilevato che "è meglio nessuna direttiva piuttosto di una
insoddisfacente".
http://www.ziobudda.net/Admin/redir_news.php?id=23159

"gFTP: un client ftp user-friendly"
Continua la nostra serie di articoli dedicata alle guide di base dei
principali applicativi GNU/Linux. Questa volta parleremo di gFTP, un client
ftp casalingo affidabile, comodo da usare ma soprattutto user-friendly. Con
la sua interfaccia grafica molto curata e con le sue funzioni rapide e molto
intuitive capirete subito che questo è il client FTP che fa per voi.
http://www.ziobudda.net/Admin/redir_news.php?id=23158

"A proposito di Schmidt"
Umberto Rapetto fa il punto sulla situazione del recruiting di esperti di
sicurezza tecnologica da parte delle forze dell'ordine. La situazione
attuale, le difficoltà, gli skills necessari per poter diventare un
cyber-cop.
http://www.ziobudda.net/Admin/redir_news.php?id=23132

"Configurare GDM su una connessione VNC"
Questa Guida spiega dettagliatamente come implementare un Server VNC per
fare login direttamente su un Display Manager GDM, sfruttando il protocollo
XDMCP. Particolare attenzione all'utilizzo su server Headless e
ottimizzazione della memoria.
http://www.ziobudda.net/Admin/redir_news.php?id=23129

L'HOME BANKING VOLA, LE TRUFFE ANCHE
Punto Informatico intervista gli agenti della Polizia Postale di Torino che
hanno messo a nudo la frode informatica dietro una serie di ammanchi nei
conti online di molti italiani. Conti che piacciono sempre di piu'
URL: http://punto-informatico.it/pi.asp?i=53939

MS APRE SPICCHI DI ACTIVE DIRECTORY
Lo promette Microsoft, che rende noto un piano per aprire le specifiche
tecniche in modo da rendere la sua tecnologia interoperabile con
applicazioni e sistemi diversi da Windows
URL: http://punto-informatico.it/pi.asp?i=53942

DUE WORM CHE LAVORANO IN COPPIA
Sulla rete di MSN Messenger sta circolando un file che nasconde una doppia
porzione di worm per Windows capaci di lavorare in simbiosi. Attenti a quei due!
URL: http://punto-informatico.it/pi.asp?i=53938

BUCONE IN ACROBAT READER PER LINUX
Una pericolosa falla scoperta in alcune vecchie versioni di Adobe Acrobat
Reader per Unix puo' spalancare le porte ai cracker, consentendo di eseguire
codice malevolo da remoto
URL: http://punto-informatico.it/pi.asp?i=53926
Also - http://www.techworld.com/security/news/index.cfm?RSS&NewsID=3984

ARANZULLA: COME TI INGANNO IL BROWSER
Il giovanissimo bug hunter italiano ha scoperto una nuova vulnerabilita'
presente in alcuni browser, tra cui Firefox e Internet Explorer, che
potrebbe essere utilizzata per attacchi di phishing
URL: http://punto-informatico.it/pi.asp?i=53936

The Student, the Teacher, and Optix Pro (Part 2)
Author: Don Parker
Summary: In this part of the article series we see John begin to configure
his trojan server on the professor's computer, and will ultimately see him
connect to it from his class room.
Link: http://www.WindowSecurity.com/articles/Student-Teacher-Optix-Pro-Part2.html

Making Your DNS Service Fault Tolerant
Author: Brien M. Posey
Summary: Most network administrators know that Active Directory is dependant
on DNS. What you might not realize is that there is a good chance that your
DNS server is performing several other critical tasks in the background. A
DNS failure can be more catastrophic than most people realize. In this
article I will explain why this is the case and how to avoid such a
situation.
Link: http://www.WindowsNetworking.com/articles_tutorials/Making-DNS-Service-Fault-Tolerant.html

ADVISORIES: JULY 5, 2005
Today's security advisories: gaim (Debian GNU/Linux), php (Fedora Core), and
RealPlayer (Red Hat Linux).
http://nl.internet.com/ct.html?rtr=on&s=1,1qho,1,l3ki,294d,85jl,7pty

OPEN SOURCE BLOGS, WIKIS AT RISK FROM NEW FLAW
"Open source projects and Linux vendors alike have issued advisories and
updates and the SANS Internet Storm Center has warned that the flaw could
trigger an epidemic..."
http://nl.internet.com/ct.html?rtr=on&s=1,1qho,1,68en,41bi,85jl,7pty

LINUS TORVALDS: LINUX 2.6.13-RC2
"Among the one-liners of note is the silly block level spinlock bugfix that
obviously hit -rc1 and made itself felt on SMP and preempt under moderate IO
loads...
http://nl.internet.com/ct.html?rtr=on&s=1,1qhq,1,fjch,mgkt,85jl,7pty

How to Boost XP Performance
PC feeling a bit sluggish? It's not tough to juice up its performance. Mitch
Tulloch, author of Windows Server Hacks, shows you how to do it in a few
easy steps.
http://www.windowsdevcenter.com/pub/a/windows/2005/05/17/xp_tuning.html

VULNERABILITIES & EXPLOITS
Title: Microsoft to offer fix for another IE vulnerability
Source: Techworld
Date Written: 2005-07-05
Date Collected: 2005-07-06
Microsoft has released a work-around for an ActiveX flaw in Internet
Explorer. The ActiveX flaw, rated by Secunia as 'extremely critical', would
allow an attacker to crash the browser or run malicious code. The
work-around edits the Windows registry to disable Javaprxy.dll, used by the
Microsoft Java Virtual Machine and parts of Explorer. Microsoft has received
no reports of an exploit for the flaw and has not yet decided whether to
release a patch.
http://www.techworld.com/security/news/index.cfm?RSS&NewsID=3983

"Il NO ai brevetti scongiura la chiusura di 40.000 aziende"
La Confesercenti di Milano si dice soddisfatta dell'esito della votazione UE
sul tema dei brevetti software. In questa battaglia il Governo italiano non
ci ha ascoltato e non ha promosso una linea a difesa delle PMI del settore,
con 300 mila posti di lavoro a rischio.
http://www.ziobudda.net/Admin/redir_news.php?id=23185

"Karsten Gerloff: grande vittoria ma la presa non si molla"
Karsten Gerloff, collaboratore della Free Software Foundation, nel suo blog
espone la situazione presente e futura sui brevetti. Grande vittoria per
tutti, vero, ma il lavoro, ora più difficile per via dei riflettori spenti,
va avanti.
http://www.ziobudda.net/Admin/redir_news.php?id=23183

"Intervista con Fyodor di Nmap"
E' sempre un piacare discutere di GNU/Linux, sicurezza informatica e
quant'altro con i personaggi che hanno contribuito allo sviluppo del mondo
del software libero con i propri lavori. Questa volta abbiamo avuto il
piacere di discutere con Fyodor, conosciuto per il suo gioiello Nmap, lo
scanner di rete più utilizzato e famoso al mondo.
http://www.ziobudda.net/Admin/redir_news.php?id=23175

"Swik, un catalogo online dei progetti open source"
Lo ha annunciato Sourcelabs: si basa su wiki e tutti i contenuti sono
disponibili in licenza Creative Commons Attibution Share-Alike.
http://www.ziobudda.net/Admin/redir_news.php?id=23170

"Accedere alla mail da tutto il mondo con Squirrelmail"
Poter sempre avere accesso alle proprie email è senza alcun dubbio pratico
specialmente per chi viaggia molto, infatti oggi tutti i provider forniscono
un accesso via web alle caselle di posta. Vi sono però situazioni in cui
risulta molto utile poter gestire direttamente la webmail su un proprio
server. La scelta è caduta su Squirrelmail in quanto si è dimostrata essere
una soluzione pratica e funzionale oltre che esteticamente piacevole.
http://www.ziobudda.net/Admin/redir_news.php?id=23169

LA PIU' GRANDE IMPRESA COLLETTIVA ONLINE
Wikipedia non e' soltanto una enciclopedia multilingue in continuo sviluppo,
e' anche una riscossa per il senso piu' profondo della rete. Lo dice a Punto
Informatico l'uomo che l'ha inventata: Jimmy Wales
URL: http://punto-informatico.it/pi.asp?i=53960

DOWNLOAD/ VOIP SIP HURRA! OLTRE SKYPE! (1)
Per telefonare ormai basta un PC: chi non si accontenta di Skype puo' avere
molto di piu' grazie ai telefoni basati sul protocollo libero SIP
URL: http://punto-informatico.it/pi.asp?i=53967

ARRESTATO PER FURTO DI WI-FI
Negli USA non era mai accaduto prima: un illecito per lungo tempo
considerato una moda, inserirsi nelle reti wireless altrui, ora potrebbe
portare un uomo dietro le sbarre
URL: http://punto-informatico.it/pi.asp?i=53966

Bluetooth smartphone hacking for fun and profit (in italiano)
http://www.eviltime.com/download/my/tutorial/Evil-bluetooth-hacking.txt

Into the bluetooth authentication process (in italiano)
http://www.eviltime.com/download/my/tutorial/evil-bsh2.txt

Longhorn blindato
LongHorn punta molto sulla sicurezza e nuove tecnologie lo accompagneranno
nel suo arrivo sul mercato end-user. I punti focali.
http://www.wintricks.it/news1/article.php?ID=3987

DOES OS MATTER ANYMORE FOR SECURITY?
"The Linux servers were actually getting hacked and defaced far more often
than the Windows server and Apache was also being hacked and defaced more
than Microsoft IIS..."
http://nl.internet.com/ct.html?rtr=on&s=1,1qkx,1,b1ik,dn8r,85jl,7pty

ADVISORIES: JULY 6, 2005
Today's security advisories: clamav, razor, trac, and zlib (Debian
GNU/Linux); TikiWiki (Gentoo Linux); zlib (Red Hat Linux); zlib and heimdal
(SUSE Linux); and php4 and php4-universe (Ubuntu Linux).
http://nl.internet.com/ct.html?rtr=on&s=1,1qkx,1,cvnx,by0k,85jl,7pty

GOOGLE EXTENDS FIREFOX
"Google plans to sweeten up the release of the Google Toolbar for the
Firefox browser with two extensions: Suggest and Send to Phone..."
http://nl.internet.com/ct.html?rtr=on&s=1,1qkv,1,b57p,m93a,85jl,7pty

MALWARE
Title: Trojan attack hits worldwide networks
Source: Silicon.com
Date Written: 2005-07-07
Date Collected: 2005-07-07
E-mail security firm MessageLabs reports a sudden surge in trojan activity,
having blocked 54,000 copies of the new Downloader.XZ and .ABC trojans in
the early hours of July 7, 2005. The trojans come attached to an e-mail
designed to look like a spam report from a network administrator, with users
directed to run the attachment to avoid having their e-mail account shut
down. The virus installs a backdoor to allow a hacker access to a machine.
http://software.silicon.com/security/0,39024655,39150134,00.htm

VULNERABILITIES & EXPLOITS
Title: Exploit fear grows around Firefox flaw
Source: Silicon.com
Date Written: 2005-07-07
Date Collected: 2005-07-07
The French Security Incident Response Team (FrSIRT) is warning users that it
has found exploit code in the wild for the Firefox web browser, versions
1.0.1 and earlier. The exploit targets a 'critical' flaw in the way Firefox
handles GIF images. The exploit would allow an attacker to craft a malicious
image to gain control of a computer. Michael Sutton, lab director for
iDefense, believes the exploit poses little threat, since the flaw was
addressed in March 2005 with Firefox 1.0.2 and subsequent versions. The
Mozilla Foundation says most Firefox users have upgraded to the latest
version. 1.0.4. Firefox has gained a reputation for security, earning 70
million downloads of the software and cutting into Internet Explorer's share
of the browser market.
http://networks.silicon.com/webwatch/0,39024667,39150122,00.htm

VULNERABILITIES & EXPLOITS
Title: Zlib Security Flaw Exposes Swath of Programs
Source: EWeek.com
Date Written: 2005-07-06
Date Collected: 2005-07-07
Tavis Ormandy of the Gentoo Linux Security Audit Team has discovered a
serious buffer overflow flaw in the popular Zlib compression library. Zlib
is included in many Linux and BSD distributions as well as proprietary
software, including Microsoft products. An attacker could craft a malformed
compressed file to execute arbitrary code with the user's privileges when
decompressed. It is not clear how many softwares use Zlib, though Symantec
reports it is used in AIX, Debian, FreeBSD, Gentoo, SuSE, Red Hat, Ubuntu.
Microsoft alos uses Zlib in some versions of DirectX, FrontPage, Internet
Explorer, Office, Visual Studio, Messenger and the Windows InstallShield
program. Symantec reports no known exploits at this time. A number of the
open source operating systems are already offering patches for the hole.
http://www.eweek.com/article2/0,1895,1834632,00.asp
Also - http://newsvac.newsforge.com/article.pl?sid=05/07/07/1431258&from=rss

Building and Installing OpenSolaris (Part 1)
http://newsvac.newsforge.com/article.pl?sid=05/07/07/1412246&from=rss
This is the first of two articles in which we describe how to acquire and
build the source code for OpenSolaris. The first article provides all the
necessary background information (terminology, where to get the tools, and
so on) and describes a basic compilation and installation, and the second
article will describe a more complicated compilation and installation.

Simplify Your Life: Eliminate Passwords
http://newsvac.newsforge.com/article.pl?sid=05/07/07/138225&from=rss
LogError writes "In this whitepaper, you learn how you can easily implement
IBM's recommended password elimination Single Sign-On architecture."

"La guerra degli Spyware"
A furia di danni e di dolorose perdite dati, sembra che la gente abbia più o
meno capito (che poi lo metta in pratica è un'altro discorso) che per
proteggere i propri dati si passa per la protezione antivirus. Ma
sfortunatamente, la storia si evolve, con la ribalta degli Spyware/ Malware.
E Microsoft ci mette lo zampino.
http://www.ziobudda.net/Admin/redir_news.php?id=23201

"Guerra al malware: gli hacker non mollano!"
E adesso aspettiamoci attacchi provenienti anche dai file audio e video. I
patiti del peer-to-peer sono avvisati: attenzione a quello che scaricate sul
vostro hd! Il fenomeno descritto dall'Istr (Internet Security Threat
Report), è destinato a diffondersi a macchia d'olio, data la scarsa
attenzione con la quale si procede all'apertura di questo tipo di file e
all'ancora scarsa informazione degli utenti.
http://www.ziobudda.net/Admin/redir_news.php?id=23198

"Quelli dell'open source? Bravi ragazzi! Parola di Ballmer"
Audio,video e trascrizione di una intervista "evangelizzante" di Steve
Ballmer Ceo di Microsoft. Persona disponibile e affabile. Peccato che in
realtà per lui nessuno abbia davvero fatto nulla in questi anni eccetto loro
.forse qualcosina google.
http://www.ziobudda.net/Admin/redir_news.php?id=23213

ADVISORIES: JULY 7, 2005
Today's security advisories: bzip2 (Debian GNU/Linux); zlib (Fedora Core);
zlib (Mandriva Linux).
http://nl.internet.com/ct.html?rtr=on&s=1,1qoq,1,cvza,9920,85jl,7pty

DEBIAN ADDRESSES SECURITY CONCERNS
"Popular Linux distributor Debian has moved quickly to address concerns it
was falling behind on security..."
http://nl.internet.com/ct.html?rtr=on&s=1,1qoq,1,kdp6,9ynk,85jl,7pty

THE DAEMON, THE GNU AND THE PENGUIN, CH. 15
"In the 15 years following the release of V6 (April 1976), Berkeley was not
the only place where versions and clones of UNIX sprouted..."
http://nl.internet.com/ct.html?rtr=on&s=1,1qot,1,emh,bjte,85jl,7pty

Astalavista Security Newsletter 17-18 2005
Issue 17(May) and Issue 18(June) of the Astalavista Security Newsletter can
be found at the following URLs :
http://www.astalavista.com/media/newsletter/issue_17_2005.pdf
http://www.astalavista.com/media/newsletter/issue_18_2005.pdf

Linux compression format flaw found
http://newsvac.newsforge.com/article.pl?sid=05/07/09/1244207&from=rss
A critical flaw in a compression format widely used in Linux and Unix can
give hackers a way into machines, security experts said Friday. A patch for
the zlib library isn't available, but several Linux and BSD distributors
have rolled out fixes of their own.

Open-source licensing: BSD is a better model
http://newsvac.newsforge.com/article.pl?sid=05/07/08/228245&from=rss
As open source licensing models, both the Berkeley Software Distribution
license and the General Public License have advantages and disadvantages.
But in the end, the BSD offers more benefits to enterprise customers.

Open-source licensing: GPL is a better model
http://newsvac.newsforge.com/article.pl?sid=05/07/08/228203&from=rss
No one open source license is ideal in every circumstance. Different
licenses serve different ends. Berkeley Software Distribution-style licenses
have been used to govern the development of exceptional open source projects
such as Apache. Clearly, BSD has its strengths.

g00d reading! 'n' bye
Security News MainTainer:

The Jackal a.k.a. jAcKallO < jackal [at] capitanlug.it >

(AreaSessantuno Inside) / (SpiPPolatori Collaborator)
(HackerAlliance Member) / (Socio fondatore del CapitanLUG.iT)
(Daily DisInfo CreaTor & MainTainer) / (Security News MainTainer)