"Guida in italiano all'installazione di Ubuntu Linux 5.10"
Ubuntu Linux e' sicuramente una distribuzione che sta' riscuotendo molto successo. In questa guida, in italiano, con l'ausilio di vari screenshots , viene mostrata l'installazione passo passo dell'ultima versione, la 5.1 0
http://www.ziobudda.net/Admin/redir_news.php?id=25406

"Nuovo numero del Gnome-Journal"
Si parla di GnomeMeeting, scrivere propri "widgets" usando GTK+ 2.8, ed u
n recente impiego di Gnome su 5000 desktop.
http://www.ziobudda.net/Admin/redir_news.php?id=25403

Usi Internet Explorer e Google Desktop?: attento al phishing dei tuoi dat
i
Chi naviga in Internet con Il browser Microsoft e utilizza Google Desktop
è a rischio di trasmettere informazioni riservate contenute sul propri
o PC. E' stata infatti scoperta da Matan Gillon una vulnerabilità che a
ffligge solo Internet Explorer e che può essere sfruttata da un sito we
b malevolo per leggere le informazioni contenute nel computer del visitat
ore che abbia installato Google Desktop.
http://www.alground.com/news/news.php?page=431
Also - http://punto-informatico.it/pi.asp?i=56634
Also - http://www.tuxjournal.net/news/00372.html

** TUTTI SCHEDATI, ANCHE PER COLPA DELLE MAJOR **
I dati relativi a telefonate e collegamenti Internet di terroristi e di p
rivati cittadini saranno conservati per almeno sei mesi. Creative Media B
usiness Alliance appesantisce il carico.
>> di Valerio Di Stefano
http://www.zeusnews.it/news.php?cod=4469

DIECI ANNI DOPO, APACHE 2.2
Il celebre server web open source e' giunto alla versione stabile 2.2, un
a nuova pietra miliare che scandisce il suo decimo anno di vita
URL: http://punto-informatico.it/pi.asp?i=56653

IL FIREWALL DI KERIO NON MORIRA'
Uno fra i piu' noti personal firewall gratuiti, il cui destino pareva gia
' segnato, verra' salvato dall'oblio da un societa' americana. Promessi f
orti sconti per la versione a pagamento
URL: http://punto-informatico.it/pi.asp?i=56644

DOPPIO BACO SENZA PATCH IN REALPLAYER
Secondo eEye Digital Security le due vulnerabilita' potrebbero mettere a
serio repentaglio la sicurezza degli utenti di Windows. Ecco di cosa si t
ratta
URL: http://punto-informatico.it/pi.asp?i=56633

La sicurezza integrata di VIA
Via Technologies, il famoso sviluppatore chip di Taiwan, ha rilasciato un
kit software per gli sviluppatori in grado di rinforzare la protezione d
ei loro programmi. Il kit è disponibile anche per tutti gli sviluppator
i Linux.
http://www.tuxjournal.net/news/00371.html

Human-oriented IDS, new Paper+Tool
A new paper about a kind of IDS i call 'Human oriented IDS' which uses de
tected differences in users behavior to detect accounts overtaken by atta
ckers. You can find the paper and the beta-version of the tool i call fup
ids2 at
http://cdp.doomed-reality.org/fupids2/

How the iPod Will Change the Face of Computer Security
Apple probably didn't intend it, but the iPod will likely prove to be an
important stepping stone into solving a problem that has faced computer s
cientists for more than 30 years. Bruce Potter explains.
http://www.informit.com/articles/article.asp?p=428905&rl=1

Can't We All Just Get Along? Easy Ways To Integrate Mac and Windows Serve
rs
Life used to be simple: Your company was a Mac shop or a Windows shop. Th
ese days, the line between the two platforms is blurring, with many organ
izations using servers and workstations of both platforms for various fun
ctionalities. Ryan Faas explains some simple ways for system administrato
rs to reduce the headaches of a multiplatform business.
http://www.informit.com/articles/article.asp?p=430213

Cisco 802.11 Wireless Networking: Installing and Configuring Access Point
s
The largest hurdle toward getting your wireless LAN (WLAN) up and running
is the configuration of your access points (APs) and wireless clients. T
his chapter examines how to install and configure the AP.
http://www.informit.com/articles/article.asp?p=426639

An Overview of the syslog Protocol
This chapter presents an overview of the syslog protocol and shows you ho
w to deploy an end-to-end syslog system. You'll learn about the syslog ar
chitecture as well as the issues in deploying syslog servers in Linux and
Windows OSs with a focus on their relevance in a Cisco environment.
http://www.informit.com/articles/article.asp?p=426638

Secure Coding in C and C++: Strings
Strings—such as command-line arguments, environment variables, and cons
ole input—are of special concern in secure programming because they com
prise most of the data exchanged between an end user and a software syste
m. This chapter covers the security issues with strings and how you can s
idestep them.
http://www.informit.com/articles/article.asp?p=430402

Methods of Computer System Attacks
The methods of attack that are available are broad-ranging and insidious,
yet many of them are available to even amateur hackers through the use o
f tools widely available on the Internet. For this reason, securing appli
cations today is no small challenge. This chapter discussed the various k
inds of attack, including categories and examples of social engineering a
ttacks.
http://www.informit.com/articles/article.asp?p=422308

Php
Vendor: PHP Group
A vulnerability was reported in PHP in the mb_send_mail() function. A use
r may be able to inject SMTP headers.
Impact: Modification of system information
Alert: http://securitytracker.com/alerts/2005/Nov/1015296.html

Panda Antivirus Platinum
Vendor: Panda Software
A vulnerability was reported in Panda Antivirus in the processing of ZOO
archives. A remote user may be able to execute arbitrary code on the targ
et system.
Impact: Execution of arbitrary code via network
Alert: http://securitytracker.com/alerts/2005/Nov/1015295.html

Safari
Vendor: Apple Computer
Several vulnerabilities were reported in Apple Safari. A remote user may
be able to cause arbitrary code to be executed on the target user's syste
m. A remote site may be able to cause a downloaded file to be saved to t
he incorrect location. A remote site may be able to spoof dialog boxes.
Impact: Execution of arbitrary code via network
Alert: http://securitytracker.com/alerts/2005/Nov/1015294.html

Mac OS X
Vendor: Apple Computer
A vulnerability was reported in syslog on Mac OS X. A local user may be a
ble to obfuscate or forge log entries.
Impact: Modification of system information
Alert: http://securitytracker.com/alerts/2005/Nov/1015293.html

Mac OS X
Vendor: Apple Computer
A vulnerability was reported in Mac OS X in passwordserver. A local user
may be able to obtain elevated privileges.
Impact: Root access via local system
Alert: http://securitytracker.com/alerts/2005/Nov/1015290.html

pcAnywhere
Vendor: Symantec
A vulnerability was reported in pcAnywhere. A remote user can cause denia
l of service conditions.
Impact: Denial of service via network
Alert: http://securitytracker.com/alerts/2005/Nov/1015284.html

Cisco Security Agent
Vendor: Cisco
A vulnerability was reported in Cisco Security Agent (CSA). A local user
may be able to obtain elevated privileges.
Impact: Execution of arbitrary code via local system
Alert: http://securitytracker.com/alerts/2005/Nov/1015283.html

Java Runtime Environment (JRE)
Vendor: Sun
A vulnerability was reported in Sun's Java Runtime Environment (JRE). A r
emote applet may be able to gain elevated privileges.
Impact: Disclosure of system information
Alert: http://securitytracker.com/alerts/2005/Nov/1015282.html

Java Runtime Environment (JRE)
Vendor: Sun
A vulnerability was reported in Sun's Java Runtime Environment (JRE). A r
emote applet may be able to gain elevated privileges.
Impact: Disclosure of system information
Alert: http://securitytracker.com/alerts/2005/Nov/1015281.html

Java Runtime Environment (JRE)
Vendor: Sun
Several vulnerabilities were reported in Sun's Java Runtime Environment (
JRE). A remote applet may be able to gain elevated privileges.
Impact: Disclosure of system information
Alert: http://securitytracker.com/alerts/2005/Nov/1015280.html

Cisco IOS
Vendor: Cisco
Hugo Vazquez Carames reported a vulnerability in Cisco IOS in the HTTP se
rver. A remote user can conduct cross-site scripting attacks.
Impact: Disclosure of system information
Alert: http://securitytracker.com/alerts/2005/Nov/1015275.html

"Amministrare xen via web"
Se volete installare xen e lo volete amministare con pochi click del mous
e da una semplice interfaccia web, date un occhio a enomalism
http://www.ziobudda.net/Admin/redir_news.php?id=25443

"Novell Identity Manager 3"
Novell Identity Manager 3 offre facilità d’uso senza precedenti per a
iutare i clienti a implementare e gestire rapidamente soluzioni di provis
ioning per l’utente automatizzate e basate sulle policy.
http://www.ziobudda.net/Admin/redir_news.php?id=25438

"Port Forwarding per tutti"
Avendo da poco acquistato un nuovo router wireless mi sono ritrovato a do
ver configurare le corrette porte per programmi tipo "file sharing". Ho t
rovato questo sito che fornisce configurazione per centinaia di router e
programmi. Sicuramente lo conosceranno in molti ma mi sembra utile farlo
conoscere anche agli altri.
http://www.ziobudda.net/Admin/redir_news.php?id=25430

"Slackware su xbox"
sXb è una distro live basata su slackware per XBox che può anche esse
re installata sull'hd della console di M$
http://www.ziobudda.net/Admin/redir_news.php?id=25425

"Deborphan e local purge"
un piccolo tutorial per eliminare i pacchetti "orfani" della nostra distr
ibuzione debian-based
http://www.ziobudda.net/Admin/redir_news.php?id=25424

"Postgresql 8.1"
nuova release per postgresql, piu' di 120 nuove features e bugfix.
http://www.ziobudda.net/Admin/redir_news.php?id=25423
Also - http://nl.internet.com/ct.html?rtr=on&s=1,22oe,1,28bh,eezu,85j
l,7pty

IL P2P VIA GMAIL TRAVOLTO DALL'ENTUSIASMO
G2G SHARE sfrutta il servizio email di Google per favorire lo scambio di
file musicali. Dopo l'annuncio il sito non ha retto la marea montante di
utenti interessati. Gli sviluppatori ne parlano a Punto Informatico. Goog
le? Osserva
URL: http://punto-informatico.it/pi.asp?i=56667

WASHINGTON VERSO IL CONTROLLO DI TUTTE LE RETI
Si alza il tono della polemica contro CALEA, la normativa che introduce l
'obbligo sistematico di backdoor governative in tutti i sistemi di comuni
cazione telematica. ACLU: colpira' anche fuori dagli Stati Uniti
URL: http://punto-informatico.it/pi.asp?i=56668

LINGUAGGIO OPEN PER BABY PROGRAMMATORI
Uno studente australiano sta completando lo sviluppo di un ambiente di pr
ogrammazione visuale per i piu' piccoli. Il software, open source, potra'
essere utilizzato per programmare i robot Lego
URL: http://punto-informatico.it/pi.asp?i=56693

BUG A CACCIA DI UNO STANDARD
Ci prova il Dipartimento per la Homeland Security con l'adozione di un si
stema di scoring standard per valutare il rischio nelle falle del softwar
e. Dentro Cisco e Symantec, fuori Microsoft
URL: http://punto-informatico.it/pi.asp?i=56687

** APPLE E LA DRM DEL FUTURO **
Non potremo più salvare i brani sul nostro PC. E ne saremo contenti.
>> di Michele Bottari
http://www.zeusnews.it/news.php?cod=4476

In difficoltà Hotmail e MSN per il virus Sober.Z
Sono state praticamente esaurite tutte le lettere per descrivere le molte
varianti del virus Sober, nate dal 2003 ad oggi: in questi giorni ne è
stata identificata una nuova che è stata battezzata con la Z; Win32/So
ber.Z@mm è ora il suo nome ufficiale. Dopo Sober.X, il worm che nei gio
rni scorsi si fingeva dell'FBI o vestiva i panni di Paris Hilton, ora è
il turno di quest'altra aggressiva variante, che per la sua diffusione v
ia email sembra prediligere i server di posta di Hotmail e MSN.
http://www.alground.com/news/news.php?page=433
Also - http://news.com.com/Sober+worm+stalls+MSN%2C+Hotmail/2100-7349_3-5
980987.html?tag=cd.top

Using the Root Account on Debian
There is one user account on your Debian system that has the power to cha
nge anything: the root account. By power, I mean absolute power. The root
user account can read, replace, or remove any file. It can read or write
to any attached device. It can read or write to any part of the computer
's memory. If there's even a mere suspicion that a piece of software is b
uggy or poses a security risk, there's no way you should run it as root.
http://www.linuxdevcenter.com/pub/a/linux/2005/12/01/linux_root.html

Analyzing Web Logs with AWStats
A crucial, if often overlooked, aspect of running a successful web site i
s the study of activity occurring within the site. The information gleane
d provides valuable input to continuous improvement initiatives, ranging
from site architecture and content enhancements to traffic generation. Th
is is the first of a two-part series exploring how to use the open source
tool AWStats to perform web server log file analysis. This first part sh
ows how to prepare a sample web log file, perform a basic installation of
AWStats, generate reports, and review web analytics terminology; the sec
ond part will focus on report interpretation. My aim is to clear away som
e of the common misconceptions around hits, pages, and visits. The insigh
t will provide a basis for creating a setup to meet production requiremen
ts.
http://www.onlamp.com/pub/a/onlamp/2005/12/01/awstats.html

What's New in ModSecurity
Two years ago, almost to the day, O'Reilly Network published my first art
icle, Introducing ModSecurity. ModSecurity was stable and useful before t
he article went out, but it was not widely known. The publication of the
article marked a new phase in the life of ModSecurity, introducing it to
a much wider audience. As I write the second article, I can't help but fe
el another phase is about to start. I feel we are entering the phase of m
aturity.
http://www.onlamp.com/pub/a/apache/2005/12/01/modsecurity.html

Implementing File Screening in Windows Server 2003 R2
Author: Mitch Tulloch
Summary: This article walks you through how to configure file screening i
n Windows Server 2003 R2. File screening is a new capability in Windows S
erver that allows administrators to restrict what kind of files users sav
e to their home folders and other shared network folders.
Link: http://www.WindowsNetworking.com/articles_tutorials/Implementing-Fi
le-Screening-Windows-Server-2003-R2.html

Protect your network from rogue users
Author: Deb Shinder
Summary: IT departments spend a great deal of time, effort and money to p
rotect against external threats – those that enter the network via the
Internet or remote access – but sometimes forget the harm that can be d
one by an authorized user who decides to “go rogue” (circumvent netwo
rk security policies for his/her own purposes).
Link: http://www.WindowSecurity.com/articles/Protect-network-rogue-users.
html

Astalavista Group Security Newsletter 23-2005
Issue 23 (November,2005) of the Astalavista Security Newsletter can be
found at the following URL :
http://www.astalavista.com/media/archive1/newsletter/issue_23_2005.pdf
Past issues of our security newsletter can also be found at :
http://www.astalavista.com/index.php?section=newsletter

IMPLEMENT AND DEPLOY WEB SERVICES IN AN APACHE GERONIMO APPLICATION
"Follow along and find out how to implement and deploy Web services into
a Geronimo application using the example, which uses an emulated banking
scenario..."
http://nl.internet.com/ct.html?rtr=on&s=1,22oe,1,2t8e,l9qv,85jl,7pty

UNDERSTANDING LAMP
"If you're at all familiar with open source software, chances are you've
heard the phrase 'LAMP stack' at some point. You may even know what it st
ands for. But do you know what LAMP actually is...?"
http://nl.internet.com/ct.html?rtr=on&s=1,22oe,1,l6pm,bzif,85jl,7pty

EULAs, indemnification, and user protection
http://trends.newsforge.com/article.pl?sid=05/11/28/1819207&from=rss
End user licence agreements (EULA) are nobody's favorite reading. Users o
f free and open source software (FOSS), who are accustomed to licences th
at give no warranty and admit no liability, may be even less inclined to
read EULAs than most computer users. Perhaps, though, we should start. Ov
er the last few years, commercial GNU/Linux distributions have been wrest
ling with the question of whether users should be indemnified in the even
t that a third party patent is upheld -- and, in some cases, their answer
s are starting to appear in their EULAs. However, whether these varying a
nswers offer betteer protection than the GNU General Public License remai
ns unproven.

CLI Magic: More on SSH
http://software.newsforge.com/article.pl?sid=05/12/02/2045221&from=rs
s
We've covered SSH before in CLI Magic, but this week let's look at some a
dditional SSH features that new users might not be aware of. For the purp
ose of this article, we'll be looking specifically at OpenSSH, but many o
f these features apply to other SSH variants as well.

Test version of Windows file system updated
http://newsvac.newsforge.com/article.pl?sid=05/12/06/0247231&from=rss
Microsoft has posted an updated test version of its new Windows file syst
em, called WinFS.

MSN Search tricks for web application footprinting
http://newsvac.newsforge.com/article.pl?sid=05/12/06/0243233&from=rss
LogError writes "This paper describes some of the queries that can be run
against SEARCH.MSN in order to fetch important information that would ev
entually help in web application assessment."

SIMPLIFYING BACKUPS
Most computer users don't make use of a system backup tool until after th
ey suffer the misfortunes of a hard drive crash without one.
http://www.net-security.org/news.php?id=9585

LOCKING DOWN YOUR WEB APPLICATIONS
In this final Web Security School webcast, Mike Cobb, Managing Director o
f Cobweb Applications Ltd. and author of IIS Security, looks at how the a
ctual content of your Web site can open holes in its defenses.
http://www.net-security.org/news.php?id=9587

SECURING LINUX PRODUCTION SYSTEMS
This article is a practical step-by-step guide for securing Linux product
ion systems. It discusses basic Linux security requirements for systems t
hat need to pass various audits in an enterprise environment.
http://www.net-security.org/news.php?id=9596

OPEN SOURCE APPLICATION SCHOOL: SECURITY ADMINISTRATION TOOLS
Find out about Snort and other enterprise-ready open source security appl
ications in this Webcast. Expert speaker Bernard Golden offers a guide to
choosing and using security management and administration applications.
http://www.net-security.org/news.php?id=9620

LEGAL ASPECTS OF HACKING
This week we will focus on a cyber crime case study and delve deeper to g
et an understanding of the hacking process, the most common form of compu
ter crime.
http://www.net-security.org/news.php?id=9630

VULNERABILITIES & EXPLOITS
Title: Cisco warns of IOS, OpenSSL flaws
Source: Search Security
Date Written: 2005-12-05
Date Collected: 2005-12-05
Cisco Systems Inc. has come out with security updates and workarounds to
address vulnerabilities in the Internetwork Operating System (IOS) HTTP s
erver and OpenSSL. The IOS HTTP server flaw "comes into play when HTML co
de inserted into dynamically generated output -- such as the output from
a show buffers command -- is passed to the browser requesting the page."
The updates apply to all CCisco products that run IOS Software versions 1
1.0 through 12.4 with the HTTP server enabled. Cisco also said that sever
al of its products are affected by an OpenSSL flaw discovered in October,
which could be used to launch man-in-the-middle attacks. Affected produc
ts are: Cisco PIX version 7.0.1 through 7.0.4.2; Cisco ASA 5500 version 7
.0.4.2. and prior; CiscoWorks Common Services (CWCS) version 2.2; CiscoWo
rks Common Services (CWCS) version 3.0; Cisco Mainframe Channel Connectio
n (CMCC) version 28-22 and prior; Cisco Global Site Selector (4480, 4490,
4491) version 1.2 and prior; Cisco Wirele
ss Control System Software version 4.0 and prior; Cisco IOS-XR version 3.
3 and prior.
http://searchsecurity.techtarget.com/originalContent/0,289142,sid14_gci11
49779,00.html

VULNERABILITIES & EXPLOITS
Title: Trojans target unpatched IE flaw
Source: ZDNet UK
Date Written: 2005-12-05
Date Collected: 2005-12-05
The Clunky-B and Delf-LT exploits of an unpatched Internet Explorer flaw
could allow remote execution of malicious code. The flaw has to do with t
he "way Internet Explorer handles mismatched document object model object
s" and PCs running Microsoft Internet Explorer on Windows XP Service Pack
s 1 and 2, as well as those running Windows 98, Windows 98 SE, Windows Me
and Windows 2000 Service Pack 4 are vulnerable. Microsoft's next securit
y patch will be released December 13, 2005, but it is not known yet if hi
s flaw will be addressed in that release.
http://news.zdnet.co.uk/0,39020330,39240189,00.htm

"Cominciano i reclami per l'antivirus di Gmail"
Qualche giorno fa si è tanto discusso della tecnologia antivirus integr
ata in ogni account Gmail. Ma dopo la prima settimana d'uso alcuni utenti
si dichiarano abbastanza soddisfatti, altri disorientati ed altri ancora
addirittura molto delusi. L'unico grande critica che accomuna questi gr
uppi di utenti è unica: l'antivirus e tutte le sue caratteristiche di s
icurezza non possono essere disattivate. "Devi usarle e basta", dichiaran
o seccati alcuni utenti Gmail.
http://www.ziobudda.net/Admin/redir_news.php?id=25450

"Cisco risponde alle falle di sicurezza di OpenSSL"
Cisco Systems ha rilasciato Venerdì un bollettino di sicurezza riguardo
l'uso del software open-source OpenSSL all'interno di alcuni dei suoi pr
odotti. Quest'ultima segue a ruota un'altra advisory, sempre su OpenSSL,
rilasciata qualche mese fa, precisamente ad Ottobre.
http://www.ziobudda.net/Admin/redir_news.php?id=25465

LE MAJOR: KAZAA E' UN INSULTO
No, all'industria musicale non basta che gli utenti australiani non possa
no piu' utilizzare il celebre sistema peer-to-peer. Il blocco dell'utenza
, a loro dire, e' un'offesa alla Corte che imponeva i filtri sui contenut
i protetti
URL: http://punto-informatico.it/pi.asp?i=56699

COME DISTRUGGERE UN HARD DISK
C'e' chi lo smonta pezzo per pezzo per poi mangiarsi le dita, chi lo pren
de a martellate, soffrendo di rimorsi, chi lo da' in pasto al cane. Ma, r
accontano tecnici specializzati, gli insetti battono tutti
URL: http://punto-informatico.it/pi.asp?i=56706

XEON 3.0 SOGNA L'ENTERPRISE
La nuova e importante e release del noto software di virtualizzazione ope
n source introduce funzionalita' che lo rendono un avversario ancora piu
' temibile delle soluzioni proprietarie
URL: http://punto-informatico.it/pi.asp?i=56700

FALLA IE, GOOGLE ALZA UNO SCUDO
BigG e' intervenuta per prevenire la possibilita' che i cracker utilizzin
o il proprio Desktop Search per sfruttare una falla ancora non corretta d
el browser Microsoft
URL: http://punto-informatico.it/pi.asp?i=56729

OPEN SOURCE GHIGLIOTTINATO IN FRANCIA?
A fine mese il Parlamento francese potrebbe approvare una nuova legge sul
le royalty e il diritto d'autore che renderebbe illegali molte applicazio
ni multimediali, anche aperte. Multe e galera per chi sgarra
URL: http://punto-informatico.it/pi.asp?i=56725

Imparare il C con gli esempi (Parte I)
Impare a programmare è sempre stata un'operazione alquanto delicata. No
n esiste nessuna persona al mondo che possa seguirvi passo dopo passo ed
in ogni programma per insegnarvi l'arte. Certo, è possibile che vi veng
ano descritti nel dettaglio i costrutti princiapli o nel caso in cui vi v
ada peggio, ve li introducono e a voi spetta approfondire. La cosa certa
è che l'unico modo per impare un linguaggio di programmazione è ...
http://www.tuxjournal.net/c1.html

** INTERNET EXPLORER AGGIRA UN BREVETTO SOFTWARE **
Il browser di Microsoft verrà modificato: dimostrazione che anche i col
ossi sono colpiti dalle restrizioni che impongono i brevetti software.
>> di Paolo Attivissimo
http://www.zeusnews.it/news.php?cod=4481
Also - http://www.techworld.com/security/news/index.cfm?RSS&NewsID=4933

Making Sense of Windows Routing Tables
Author: Brien M. Posey
Summary: It’s amazing the way that time can go by. People tend to think
of computers as being high tech, but the TCP/IP protocol has been around
in one form or another for over three decades. As such, TCP/IP has had t
ime to really mature and be made stable and reliable. When it comes to co
mputers, nothing is foolproof though. When routing packets across a netwo
rk, things do occasionally go wrong. In these situations, it is helpful t
o be familiar with the Windows routing tables. Routing tables dictate the
flow of packets from the machine in question. In this article, I will sh
ow you how to view the Windows routing tables and how to make sense of th
e data that is contained within it.
Link: http://www.WindowsNetworking.com/articles_tutorials/Making-Sense-Wi
ndows-Routing-Tables.html

Biometrics and You
Author: Don Parker
Summary: The world of computer security has spawned yet another way to he
lp secure one’s computer assets. That would be the still maturing area
that is biometrics. Just what are biometrics anyway, and are they really
being adopted by the mainstream? Read on to find out.
Link: http://www.WindowSecurity.com/articles/Biometrics-and-You.html

Trusting software
Trust is in everything we do, from the important to the mundane. Whether
it's open-source or closed-source, how do we evaluate what software, comp
anies and projects are safe to trust?
http://www.securityfocus.com/columnists/373

ROOTKIT LEVELS OF INFECTION AND MITIGATION
"Hackers don many disguises in order to sneak past IT security guards. Th
e rootkit, one of the most effective disguises, not only masks the intrud
er, but covers his trail..."
http://nl.internet.com/ct.html?rtr=on&s=1,22s9,1,jf6b,jnsv,85jl,7pty

PAPER MACHINES AND PHANTOM COMPUTERS--HAS MICROSOFT GONE TOO FAR AGAINST
LINUX?
"Has Microsoft repeated history in its fight against Linux? We wonder if
the Redmond company has confused the proposed implementation of the Open
Document Format as part of the fight against Linux...."
http://nl.internet.com/ct.html?rtr=on&s=1,22sd,1,8k32,dyhc,85jl,7pty

VULNERABILITIES & EXPLOITS
Title: Firm Allegedly Hiding Cisco Bugs
Source: Wired News
Date Written: 2005-12-06
Date Collected: 2005-12-06
Mike Lynn, former security researcher for Internet Security Systems (ISS)
, says he has discovered fifteen unreported flaws in Cisco software. Lynn
revealed a critical hardware flaw that could allow an attacker to contro
l Cisco routers during the Black Hat conference in Las Vegas, costing him
his job. Lynn says ISS has known of these additional flaws for months, b
ut has not informed Cisco. This creates high potential risk since Cisco s
ource code was stolen in 2004, and Lynn has seen evidence that Chinese ha
ckers are exploiting Cisco flaws. The additional flaws are detailed in Ly
nn's notes, but these notes were seized by ISS lawyers in a lawsuit follo
wing his Vegas presentation. The settlement Lynn reached with ISS and Cis
co prevent him from discussing details of Cisco flaws.
http://www.wired.com/news/technology/0,1282,69762,00.html

VULNERABILITIES & EXPLOITS
Title: Web site documents wireless threats, vulnerabilities
Source: SearchSecurity
Date Written: 2005-12-05
Date Collected: 2005-12-06
Network Chemistry has launched the Wireless Vulnerabilities & Exploits (W
Ve) website documenting threats to wireless networks and ways to guard ag
ainst them. While wireless security has become a major concern for busine
sses, network administrators have lacked a single resource devoted the to
pic like sources already available for wired networks. Most resources hav
e been vendor-specific or distributed through multiple users forums. The
website is sponsored by Planet3's Certified Wireless Network Professional
family of certifications and the Center for Advanced Defense Studies.
http://searchsecurity.techtarget.com/originalContent/0,289142,sid14_gci11
50137,00.html?track=sy160

VULNERABILITIES & EXPLOITS
Title: New Sony CD security risk found
Source: C-Net News
Date Written: 2005-12-06
Date Collected: 2005-12-07
Sony BMG and the Electronic Frontier Foundation (EFF) have jointly announ
ced the discovery and repair of a flaw in CDs protected by a SunComm DRM
(digital rights management) scheme. The DRM software is installed automat
ically when a CD is played on a computer and could also allow an attacker
to take over a machine. The flaw was discovered by iSec Partners during
an investigation requested by EFF; NGS Software tested the patch to fix t
he flaw. The flaw affects 27 titles in the United States, different from
the 52 titles affected by the rootkit developed by First 4 Internet.
http://news.com.com/New+Sony+CD+security+risk+found/2100-1002_3-5984764.h
tml

VULNERABILITIES & EXPLOITS
Title: Google Desktop tweaked to block attackers
Source: C-Net News
Date Written: 2005-12-06
Date Collected: 2005-12-07
Matan Gillon, an Israeli security researcher, discovered a method to acce
ss information from other Google Desktop users by exploiting an Internet
explorer browser flaw. Google has since adjusted its desktop search tool
to prevent attacks attempting to exploit the unpatched vulnerability. Gil
lon confirmed that the tool prevents unauthorized access to the informati
on.
http://news.com.com/Google+Desktop+tweaked+to+block+attackers/2100-1002_3
-5984794.html

BEST PRACTICES & RISK MANAGEMENT
Title: White House accidentally exposes data in PDF file
Source: Government Computer News
Date Written: 2005-12-05
Date Collected: 2005-12-06
The White House website posted a PDF copy of President Bush's 'Plan for V
ictory in Iraq', however, hidden in the file was the name of the author o
f the report, Peter Feaver. Feaver, a political science professor at Duke
University, became a special advisor to the National Security Council in
June 2004. Joe Fantuzzi, chief executive of Workshare, says such leaks d
emonstrate the need for policies and technology for handling sensitive el
ectronic documents.
http://www.gcn.com/vol1_no1/daily-updates/37688-1.html?CMP=OTC-RSS

MALWARE
Title: New IM worm chats with intended victims
Source: C-Net News
Date Written: 2005-12-07
Date Collected: 2005-12-07
IMlogic is warning users that a new worm targeting America Online users c
an actually chat with users, tricking them into downloading a malicious p
ayload. IM.Myspace04.AIM send a message with a link to a file named 'clar
issa17.pif'; if users send a message back, the worm responds with "lol no
its not its a virus". The worm disables security, installs a backdoor, a
nd sends itself to people in the user's contact list. While the worm is n
ot widespread, it is likely a precursor to a more sophisticated attack.
http://news.com.com/New+IM+worm+chats+with+intended+victims/2100-7349_3-5
984845.html

MALWARE
Title: Security experts hit over malware list
Source: Techworld
Date Written: 2005-12-07
Date Collected: 2005-12-07
US-CERT's Common Malware Enumeration (CME) initiative, intended to "sort
out some of the confusion created by the different naming systems used by
different security vendors, and to help system administrators deal with
outbreaks more effectively", may not be very effective in practice. The s
ystem does not provide detailed information on malware, and while it does
distinguish "similar pieces of malicious code from one another" the list
is a basic grouping of "names used by different vendors, without listing
details or even including links". While some experts criticize the CME,
others expect that the system will improve and become more useful.
http://www.techworld.com/security/news/index.cfm?RSS&NewsID=4949

Simple Linux Backup Solution
http://newsvac.newsforge.com/article.pl?sid=05/12/06/1916216&from=rss
Anonymous Reader writes "Backing up your data does not have to be hard, t
edious, or expensive. This important process can be done with a few simpl
e tools and some good, old-fashioned know-how. The method which we are go
ing to go over is for POSIX-based (Linux/BSD/UNIX-like OSes) operating sy
stems and leverages and open source application called Simple Backup Solu
tion. This is a simple Python tool which has a GUI interface and is great
for backing up the contents of a single system."

Protecting HTTP traffic
http://newsvac.newsforge.com/article.pl?sid=05/12/08/042202&from=rss
Anonymous Reader writes "Serious concerns are growing around the security
threats associated with employees browsing the Internet. Learn why prote
cting HTTP traffic is integral to your organization's multi-layered secur
ity strategy."

"LaCie lancia USBDrive con Linux preinstallato"
La società francese specializzata in soluzioni di "external storage", L
aCie, insieme con Mandriva, casa della tanto famosa distribuzione Mandriv
a Linux, ha annunciato il lancio sul mercato europeo del suo "Portable Li
nux Desktop", un desktop Linux su chiavette USB da 40 e 80 GB. Nome in c
odice: GlobeTrotter 2.0
http://www.ziobudda.net/Admin/redir_news.php?id=25478

"Firefox non così 'fallace'"
Pare che il tanto clamore suscitato dalla notizia della grave falla di Fi
refox sia da smorzare. Il bug, infatti, sembra non essere riproducibile..
a meno di qualche sistema win.
http://www.ziobudda.net/Admin/redir_news.php?id=25490
Also - http://www.wintricks.it/news1/article.php?ID=4356
Also - http://www.infoworld.com/article/05/12/08/HNfirefoxhole_1.html

"Gmail File Space"
Gmail File Space (Gspace) è un estensione per il browser Open Source Fi
refox che aggiunge funzionalità FTp al proprio account Gmail, permetten
do di utilizzarlo come una sorta di hard disk o una specie di server.
http://www.ziobudda.net/Admin/redir_news.php?id=25486

** ADSL, VIA ALLA LIBERALIZZAZIONE **
L'Unione Europea costringe l'Authority a liberalizzare completamente le t
ariffe Adsl.
>> di Pier Luigi Tolardo
http://www.zeusnews.it/news.php?cod=4486

ADVISORIES, DECEMBER 8, 2005
Today's security advisories: courier (Debian GNU/Linux); libc-client, cur
l, and poppler (Fedora Core); Perl, Webmin, and Usermin (Gentoo Linux); a
nd curl and perl (Mandriva Linux).
http://nl.internet.com/ct.html?rtr=on&s=1,235u,1,6bc,ggzy,85jl,7pty

MOZILLA DOWNPLAYS FIREFOX 1.5 EXPLOIT
"A private security outfit has released a proof-of-concept exploit for a
security flaw in Firefox 1.5, warning that the code can be modified to la
unch code execution attacks..."
http://nl.internet.com/ct.html?rtr=on&s=1,235u,1,5e9d,6a8y,85jl,7pty

PHPDIG EXCELS AT SMALL WEB SITE INDEXING
"Webmasters looking to provide search capabilities for their site would d
o well to try out PhpDig, a Web spider and search engine written in PHP w
ith a MySQL backend..."
http://nl.internet.com/ct.html?rtr=on&s=1,235s,1,d2yg,m2ok,85jl,7pty

BENCHMARKING RAID CONFIGURATIONS
"A long time ago, I wanted to mount a Mirroring RAID using Linux in some
computers..."
http://nl.internet.com/ct.html?rtr=on&s=1,235s,1,6dgy,cdh2,85jl,7pty

OPERA: ANOTHER CONTENDER IN THE BROWSER WARS
"Opera Software has removed the adware banners and licensing fee from ver
sion 8.5 of its browser. This makes Opera a viable competitor to Firefox
and Internet Explorer..."
http://nl.internet.com/ct.html?rtr=on&s=1,235s,1,lnpo,l8pr,85jl,7pty

CHMOD: Tool for Open Source Administration
Read how to change the mode of a file/directory depending on how the chmo
d command is used.
http://www.devshed.com/c/a/Administration/CHMOD-Tool-for-Open-Source-Admi
nistration/

A Portable Chip for Digital Rights Management
Thanks to various digital copyright management systems, many face having
music we have legally purchased locked up in a proprietary player. SanDis
k thinks they have an answer to this problem with TrustedFlash memory.
http://www.devhardware.com/c/a/Opinions/A-Portable-Chip-for-Digital-Right
s-Management/

First Steps in (C) Programming, conclusion
If you're a beginning programmer and want to get deeper into programming
with variables, you've come to the right place.
http://www.devarticles.com/c/a/Cplusplus/First-Steps-in-C-Programming-con
tinued/

Search Engines and Algorithms: Search Engine Algorithms Explored
Look at search engine algorithms, how diverse they are, what they have in
common, why it’s important to know their differences.
http://www.seochat.com/c/a/Search-Engine-Optimization-Help/Search-Engines
-and-Algorithms-Search-Engine-Algorithms-Explored/

How Hackers Think: how the Cisco IOS HTTP Server vulnerability was exploi
ted
First of all, I must tell that I'm really impressed on the fast reaction
of Cisco. Only 2 days after the public release of the vulnerability (and
they were not notified) they have recognised the flaw, they have publishe
d an advisory and they offer some workarounds to this problem, and best o
f all, they are giving credits. Good work Cisco, I think that's the right
way.
http://www.infohacking.com/INFOHACKING_RESEARCH/Our_Advisories/cisco/inde
x.html

Exploiting Freelist[0] On Windows XP Service Pack 2
Windows XP Service pack 2 introduced some new security measures in an att
empt to prevent the use of overwritten heap headers to do arbitrary byte
writing. This method of exploiting heap overflows, and the protection off
ered by service pack 2, is widely known and has been well documented in t
he past. What this paper will attempt to explain is how other functionali
ty of the heap management code can be used to gain execution control afte
r a chunk header has been overwritten. In particular this paper takes a l
ook at exploiting freelist[0] overwrites.
http://www.security-assessment.com/tech-1.htm

Tamper-Evident Digital Signatures : Protecting Certification Authorities
Against Malware
We introduce the notion of tamper-evidence for digital signature generati
on in order to defend against attacks aimed at covertly leaking secret in
formation held by corrupted network nodes. This is achieved by letting ob
servers (which need not be trusted) verify the absence of covert channels
by means of techniques we introduce herein. We call our signature scheme
s tamper-evident since any deviation from the protocol is immediately det
ectable. We demonstrate our technique for RSA-PSS and DSA signature schem
es and how the same technique can be applied to Feige-Fiat-Shamir (FFS) a
nd Schnorr signature schemes. Our technique does not modify the distribut
ion of the generated signature transcripts, and has only a minimal overhe
ad in terms of computation, communication, and storage.
http://www.astalavista.com/index.php?section=directory&linkid=5714

Bots and Botnets : Risks, Issues and Prevention
This paper will explain what bots/botnets are and how they work. It will
also discuss ways to combat them using methods that range from simple sec
urity methodologies through to technical solutions.
http://www.astalavista.com/index.php?section=directory&linkid=5718

Have you ever been BluePIMped?
On August 12, 2004 Ryan Naraine of internetnews.com described a serious v
ulnerability in Widcomm's widely deployed Bluetooth Connectivity Software
. It was said that this new threat could pave the way for the creation of
a wireless worm that spreads between PCs or PDAs using Bluetooth. (Queue
scary music in the background). It is now over a year later and I have y
et to even see signs of an exploit, let alone a worm for either the PC or
PDA. Consider this document as my donation of a small amount of tar to h
elp pave the road to a Widcomm Bluetooth worm.
http://www.astalavista.com/index.php?section=directory&linkid=5721

Digital Forensic Analysis of E-Mails : A Trusted E-Mail Protocol
E-mail has revolutionized business, academic, and personal communication.
However, with e-mail comes the threat of a genuine user being compromise
d through key loggers, social engineering, shoulder surfing, password gue
ssing and other similar, though less technical, methods. This passive esp
ionage can have a direct impact on the genuine user in terms of denial of
information, loss of money, loss of time, mental harassment and an attac
k of personal privacy. To enable digital forensic analysis of e-mails, we
propose behavioral biometric based authentication, which is analogous to
a signature in paper documents. In the proposed system, if someone other
than a genuine user tries to authenticate himself, then detection and fi
xing is possible.
http://www.astalavista.com/index.php?section=directory&linkid=5736

Beginner's Guide to SEO (Search Engine Optimization)
This article is offered as a resource to help individuals, organizations
and companies inexperienced with search engine optimization learn the bas
ics of how the service and process operates. It is our goal to improve yo
ur ability to drive search traffic to your site and debunk major myths ab
out SEO. We share this knowledge to help businesses, government, educatio
nal and non-profit organizations benefit from being listed in the major s
earch engines.
http://www.seomoz.org/articles/beginners-1-page.php

Can the government track your cell phone's location without probable caus
e?
When is the government allowed to track your cell phone's location? What
legal standards must the government meet before a judge can authorize suc
h surveillance? That's the issue in two recent cases where two federal ma
gistrate judges, in an unprecedented move, rejected Department of Justice
requests to track cell phones without a search warrant. Setting aside th
e secrecy that shrouded these requests, the judges sharply rebuked the go
vernment. Both courts found the government's arguments completely unpersu
asive, variously describing them as "contrived," "unsupported," "misleadi
ng," "perverse," and even a "Hail Mary" play. Yet, as the decisions furth
er reveal, the Justice Department has routinely used its bogus legal theo
ry to get secret authorizations for cell phone tracking from a number of
courts, probably for many years.
http://www.eff.org/legal/cases/USA_v_PenRegister/

20 ways to Secure your Apache Configuration
Here are 20 things you can do to make your apache configuration more secu
re.
http://www.petefreitag.com/item/505.cfm

MALWARE
Title: Sober worm plans 5 January attack
Source: The Register
Date Written: 2005-12-08
Date Collected: 2005-12-08
iDefense reports that the most recent Sober worm variant is "designed to
download an unknown payload of code on January 5, 2006", the anniversary
of the founding of the Nazi party 87 years ago. Joe Payne, vice president
of VeriSign iDefense Security Intelligence Services, noted "This discove
ry emphasizes the ever-present and often underestimated threat of 'hackti
vism' - combining malicious code with with political causes."
http://www.theregister.co.uk/2005/12/08/sober_attack/

MALWARE
Title: Security threats soar in 2005
Source: The Register
Date Written: 2005-12-07
Date Collected: 2005-12-08
Almost 16,000 "new viruses, worms and Trojans have appeared in 2005, but
criminals are moving their focus to niche targeted groups with specially
customised malware to steal data and cash", reports anti-virus software f
irm Sophos in the Security Threat Management Report 2005. Called "puddle
phishing", these attacks are usually aimed at smaller financial instituti
ons so "that the creators of the virus can evade the attentions of anti-v
irus software vendors and security providers." Another common tactic, cal
led "spear phishing," approaches employees in a targetted company obtain
passwords and usernames. Because these attacks are focused on a relativel
y small group of users, they are unlikely to be highly publicized.
http://www.theregister.co.uk/2005/12/07/sophos_2005_security_survey/

CIVIL & CONSUMER ISSUES
Title: Hollywood bets on biometric DRM + P2P
Source: The Register
Date Written: 2005-12-06
Date Collected: 2005-12-08
Inventor Gary Brant says his company, Veritouch, has backing from one Hol
lywood studio and a major record label for a project he calls 'MuViBOXX'.
MuVIBOXX is allows users to search for movies and music over a peer-to-p
eer (P2P) system similar to BitTorrent, but access restricted by biometri
cs. Content would be watermarked to separate it from personal content, su
ch as home movies. MuVIBOXX hardware is a Linux router with a 500 GB hard
drive, integrated wireless, and DVD and HDTV outputs. While movies studi
os support the project, MuVIBOXX may also need support from cable broadca
sters.
http://www.theregister.co.uk/2005/12/06/hollywood_biometric/

TECHNOLOGY
Title: Intel readies rootkit rooting hardware
Source: The Register
Date Written: 2005-12-09
Date Collected: 2005-12-09
Intel has begun developing rootkit-detection technology that will monitor
OS software, other software that has been modified to hide its presence,
and any security holes created. The hardware-embedded monitor checks for
unnecessary changes made to memory containing application and system cod
e. Intel hopes to make the technology commercially available in 2008 or 2
009 to complement its "LaGrande" security system, which will encrypt info
rmation held in buffers and to isolate memory blocks to prevent processes
monitoring one another.
http://www.theregister.co.uk/2005/12/09/intel_anti-rootkit_chip/

VULNERABILITIES & EXPLOITS
Title: Sony fixes security hole in CDs, again
Source: CNet
Date Written: 2005-12-08
Date Collected: 2005-12-09
Princeton computer science professor Ed Felten is warning users that a pa
tch for flawed copy protection on Sony BMG CDs is flawed itself. The flaw
ed anti-piracy software was developed by SunComm and included in 27 title
s. Sony and the Electronic Frontier Foundation (EFF) jointly announced th
e original flaw and the patch release. Felten says the patch could trigge
r malware already installed on a computer. Sony says it is working on a n
ew patch. The latest flaw is separate from the so-called Sony rootkit, in
cluded with 52 titles and developed by First 4 Internet.
http://news.com.com/Sony+fixes+security+hole+in+CDs%2C+again/2100-1002_3-
5987776.html?part=rss&tag=5987776&subj=news

VULNERABILITIES & EXPLOITS
Title: Fixes coming for Windows flaws
Source: CNet
Date Written: 2005-12-08
Date Collected: 2005-12-09
Microsoft will release two patches for its December 2005 patch cycle, one
classified as 'critical'. Microsoft did not describe which Windows compo
nents need the patch nor how many flaws the patches address. However, eEy
e Digital Security has a list of six vulnerabilities awaiting a patch, an
d a flaw in Internet Explorer could allow an attacker to take over a comp
uter. Microsoft will also release its latest Windows Malicious Software R
emoval Tool with the next set of patches.
http://news.com.com/Fixes+coming+for+Windows+flaws/2100-1002_3-5987630.ht
ml?part=rss&tag=5987630&subj=news

Unpatched Firefox 1.5 exploit made public
http://newsvac.newsforge.com/article.pl?sid=05/12/08/224200&from=rss
Exploit code for the latest version of open-source browser Firefox was pu
blished Wednesday, potentially putting users at risk of a denial-of-servi
ce attack.

The future of HTML
http://newsvac.newsforge.com/article.pl?sid=05/12/08/2156248&from=rss
Anonymous Reader writes "HTML isn't a very good language for making Web p
ages. However, it has been a very good language for making the Web. This
article examines the future of HTML and what it will mean to Web authors,
browser and developers. It covers the incremental approach embodied by t
he WHATWG specifications and the radical cleanup of XHTML proposed by the
W3C. Additionally, the author gives an overview of the W3C's new Rich Cl
ient Activity."

Deep Freeze Mac 2.0 secures your work environment
http://newsvac.newsforge.com/article.pl?sid=05/12/09/1853231&from=rss
Mirko writes "This all-new edition of Deep Freeze Mac allows for a comple
tely non-restrictive working environment where there is no need to be con
cerned about system misconfiguration, corruption, or malicious damage to
a Mac OS X system."

g00d reading! 'n' bye
Security News MainTainer:

The Jackal a.k.a. jAcKallO < jackal [at] capitanlug.it >

(AreaSessantuno Inside) / (SpiPPolatori Collaborator)
(HackerAlliance Member) / (Socio fondatore del CapitanLUG.iT)
(Daily DisInfo CreaTor & MainTainer) / (Security News MainTainer)