FALLA IN WINDOWS
Ammesso da Microsoft nelle scorse ore un nuovo problema di sicurezza per Internet Explorer. La nuova vulnerabilità permetterebbe all'attaccante di prendere il controllo remoto della macchina bersaglio.
http://www.alground.com/news/news.php?page=652

Ecco la nuova piattaforma di commercio online: SuSkype Una piattaforma di commercio online che sfrutta il VoIP utilizzando la tecnologia di Skype. In questo modo è possibile pubblicare gli annunci in Rete e contattare immediatamente l’inserzionista.
http://www.ziobudda.net/Admin/redir_news.php?id=27302

Browser: dentro la cronologia
Recuperare anche l'irrecuperabile da ciò che i browser memorizzano durante le nostre navigazioni. Per capire quali sono i vantaggi e quali i rischi.
http://www.ziobudda.net/Admin/redir_news.php?id=27301

** DUBBI SUL VOTO ELETTRONICO **
Si arroventa la polemica sui rischi di brogli elettorali legati al voto elettronico nelle prossime elezioni del 9 e 10 aprile.
>> di Pier Luigi Tolardo
http://www.zeusnews.it/news.php?cod=4688

Security Czar
In this column Scott Granneman takes the role of dictator of the security world and presents his ideas about mandatory reforms that would improve security for millions of people.
http://www.securityfocus.com/columnists/394

Learning an advanced skillset
The purpose of this article is to guide network security analysts towards learning the advanced skillset required to help further their careers. We'll look at two key pillars of knowledge, protocols and programming, and why they're both so important in the security field.
http://www.securityfocus.com/infocus/1861

SOLAR DESIGNER ON OPENWALL GNU/*/LINUX
"He developed the famous Unix password cracker John The Ripper and popa3d, a secure POP3 daemon, but also a security enhanced Gnu/Linux
distro: Openwall GNU/*/Linux..."
http://nl.internet.com/ct.html?rtr=on&s=1,2bqu,1,2xlr,cm05,85jl,7pty

ADVISORIES, MARCH 23, 2006
Today's security advisories: firebird2, sendmail, and evolution (Debian GNU/Linux); Sendmail and PHP (Gentoo Linux); RealPlayer (Red Hat Linux); and libcairo (Ubuntu Linux).
http://nl.internet.com/ct.html?rtr=on&s=1,2bqu,1,iq0v,5huk,85jl,7pty

BYE BYE MICROSOFT WORD, HELLO AJAXWRITE
"What if there was alternative for Microsoft Word that would install and open in 6 seconds, read and write Microsoft Word .doc files and run on Macintosh, Microsoft Windows or Linux computers...?"
http://nl.internet.com/ct.html?rtr=on&s=1,2bqy,1,cu2r,k5n1,85jl,7pty

HOWTO REMOVE A USER AND IMPROVE SECURITY "Employee turnover in most organizations runs high. So unless you run a small shop with a stable user base, you need to learn how to clean up after an employee leaves..."
http://nl.internet.com/ct.html?rtr=on&s=1,2bqy,1,g3i6,63zz,85jl,7pty

OphCrack 2.2 released
Ophcrack is a Windows password cracker based on a time-memory trade-off using rainbow tables. This is a new variant of Hellman's original trade-off, with better performance. It recovers 99.9% of alphanumeric passwords in seconds.
http://sourceforge.net/projects/ophcrack

MALWARE
Title: Dangerous code on Net could be used to exploit IE hole
Source: C-Net News
Date Written: 2006-03-23
Date Collected: 2006-03-24
Secure Elements reports that exploit code has been found in the wild for the createTextRange() flaw affecting fully patched installations of Internet Explorer 6 on Windows XP SP2. Secure Elements director of security labs Scott Carpenter expects a virus or worm to appear soon, possibly using e-mail to direct users to a malicious website. Secure Elements has increased its threat rating for the flaw to its highest level, 10, since the vulnerability could allow remote takeover and exploit code exists.
http://news.com.com/2100-1002_3-6053456.html

OpenBSD 3.9 adds sensor framework
http://newsvac.newsforge.com/article.pl?sid=06/03/24/1953235&from=rss
The upcoming version of OpenBSD has better buffer-overflow protection, and can ease the burden of systems monitoring through a new sensor interface framework.

In depth look at the Linux Switch Appliance (LiSA) http://newsvac.newsforge.com/article.pl?sid=06/03/24/1818253&from=rss
Greg Jordan writes "Radu Rendec of the Linux Switch Appliance (LiSA) project has written an in-depth article on the Layer 2 / Layer 3 packet switching engine for Linux. The article looks at LiSA in depth, and follows up on the initial article from issue #1 of o3 magazine that introduced the project. LiSA is a multi-layer switching framework for Linux. o3 magazine is a FREE Open Source publication built with open source tools exclusively."

Tunnels in Hash Functions: MD5 Collisions Within a Minute In this paper we introduce a new idea of tunneling of hash functions. In some sense tunnels replace multi-message modification methods and exponentially accelerate collision search. We describe several tunnels in hash function MD5. Using it we find a MD5 collision roughly in one minute on a standard notebook PC (Intel Pentium, 1.6 GHz). The method works for any initializing value. Tunneling is a general idea, which can be used for finding collisions of other hash functions, such as SHA-1, 2. We show several capabilities of tunnels. A program, which source code is available on a project homepage, experimentally verified the method.
http://cryptography.hyperlink.cz/

Darik's Boot and Nuke (CDR/CDRW Version) Darik's Boot and Nuke ("DBAN") is a self-contained boot floppy that securely wipes the hard disks of most computers. DBAN will automatically and completely delete the contents of any hard disk that it can detect, which makes it an appropriate utility for bulk or emergency data destruction. Please clearly label your DBAN boot media because it is dangerous.
http://dban.sourceforge.net/

WLSI: Windows Local Shellcode Injection
This paper describes a new technique to create 100% reliable local exploits for Windows operating systems, the technique uses some Windows operating systems design weaknesses that allow low privileged processes to insert data on almost any Windows processes no matter if they are running under high privileges. We all know that local exploitation is much easier than remote exploitation but it has some difficulties. After a brief introduction and a description of the technique, a couple of samples will be provided so the reader will be able to write his/her own exploits.
http://www.argeniss.com/

Cell Phone Forensic Tools: An Overview and Analysis All but the most basic phones provide individuals with some ability to load additional applications, store and process personal and sensitive information independently of a desktop or notebook computer, and optionally synchronize the results at some later time. As digital technology evolves, the capabilities of these devices continue to improve rapidly. When cell phones or other cellular devices are involved in a crime or other incident, forensic examiners require tools that allow the proper retrieval and speedy examination of information present on the device. This report gives an overview of current forensic software, designed for acquisition, examination, and reporting of data discovered on cellular handheld devices, and an understanding of their capabilities and limitations.
http://www.astalavista.com/index.php?section=directory&linkid=6443

Accurate Indoor Localization Using Wide GSM Fingerprinting This thesis presents the first accurate GSM-based indoor localization system that achieves median accuracy of 5 meters in large multi-door buildings.
http://www.astalavista.com/index.php?section=directory&linkid=6445

DNS Amplification Attacks
This paper outlines a Distributed Denial of Service (DDoS) attack which abuses open recursive Domain Name System (DNS) name servers using spoofed UDP packets. Our study is based on packet captures and logs from attacks reported to have a volume of 2.8Gbps. We study this data in order to further understand the basics of the reported recursive name server amplification attacks which are also known as DNS amplification or DNS reflector attacks. One of the networks under attack, Sharktech, indicated some attacks have reached as high as 10Gbps and used as many as 140,000 exploited name servers. In addition to the increase in the response packet size, the large UDP packets create IP protocol fragments. Several other responses also contribute to the overall effectiveness of these attacks.
http://www.astalavista.com/index.php?section=directory&linkid=6448

Detecting Botnets Using a Low Interaction Honeypot This paper describes a simple honeypot using PHP and emulating several vulnerabilities in Mambo and Awstats. We show the mechanism used to 'compromise' the server and to download further malware. This honeypot is 'fail-safe' in that when left unattended, the default action is to do nothing – though if the operator is present, exploitation attempts can be investigated. IP addresses and other details have been obfuscated in this version.
http://www.astalavista.com/index.php?section=directory&linkid=6454

Advanced Bash Scripting Guide 3.8
The Advanced Bash Scripting Guide is both a reference and a tutorial on shell scripting. This comprehensive book (the equivalent of about 646 print pages) covers almost every aspect of shell scripting. It contains over 300 profusely commented illustrative examples, and a number of tables. Not just a shell scripting tutorial, this book also provides an introduction to basic programming techniques, such as sorting and recursion. It is well suited for either individual study or classroom use.
http://www.tldp.org/LDP/abs/html/

Airport Security's Achilles Heel
Think airport security has improved since 9/11? It hasn't. One undercover security auditor points out a gaping hole in the system.
http://www.csoonline.com/read/020106/caveat021706.html

Netsukuku
Netsukuku is a P2P network system that generates and sustains itself autonomously, using a fractal algorithm to calculate routes. It is designed to handle a large number of nodes with minimal CPU and memory resources.
http://netsukuku.freaknet.org/

What Changed 1.05
A simple utility that searches for modified files and registry entries.
http://www.vista-software.com/

Little known Microsoft security utilities Microsoft makes a big deal about security, but sometimes a few of the company's security resources slip under the radar. There aren't many, but there are a few obscure Microsoft security utilities that deserve a little more publicity. In this article, I will briefly describe several utilities that you may not have heard of.
http://searchwindowssecurity.techtarget.com/tip/1,289483,sid45_gci1174141,00.html

Secure Coding
This area describes our efforts toward developing secure coding practices that software producers can use to avoid vulnerabilities in new software.
http://www.cert.org/secure-coding/

Zeppoo: i386 Rootkit Detection Tool for Linux Zeppoo is a tool that detects rootkits on i386 Linux. It also detects hidden tasks, modules, syscalls, corrupted symbols and hidden connections.
http://www.zeppoo.net/

Elezione e Linux
Per chi non lo sapesse le prossime elezioni vedranno affiancarsi alle procedure di scrutinio tradizionali, quelle informatiche (che non avranno cmq valore legale). I computer che saranno utilizzati saranno senza disco fisso ed useranno la versione 4.0 di Knoppix. Per chi volesse info su www.ris2006.it accedendo con username "coordinatore" e password "ris2006" potete cosultare tutto il materiale messo a disposizione degli operatori di seggio e vedere anche i video per l'autoistruzione.
http://www.ziobudda.net/Admin/redir_news.php?id=27284

Seconda preview per Samba 4
È stata rilasciata nella giornata di ieri la seconda preview della prossima generazione di Samba, la soluzione open source che consente la condivisione di file e stampanti Windows su sistemi Unix e Linux.
http://www.ziobudda.net/Admin/redir_news.php?id=27276

SLAX aggiornata alla varsioone 5.0.8
Disponibile la nuova versione di SLAX, distribuzione LIVE minimale basata su Slackware. Tra le novità più rilevanti in questa release troviamo l'adozione del kernel 2.6.16 (rilasciato anch'esso pochi giorni
fa) e la disponibilità di SLAX Server edition....
http://www.ziobudda.net/Admin/redir_news.php?id=27264

ASSOPROVIDER: TELECOM SIA DIVISA IN DUE
Come cambiare un mercato broad band dominato da Telecom? La ricetta di Assoprovider in una intervista a Punto Informatico, in cui si parla di ADSL, Wi-Fi e WiMax, di Internet a due velocita' e dei problemi dell'Autorita' TLC
URL: http://punto-informatico.it/pi.asp?i=58520

UNTRUSTED/ GUIDA ALL'ACQUISTO DI SISTEMI TC-FREE di Alessandro Bottoni - Ci sono elenchi dei sistemi trusted ma non li comprendono tutti: come verificare se il computer per cui si stanno spendendo fior di quattrini e' un sistema libero o un sistema blindato?
URL: http://punto-informatico.it/pi.asp?i=58522

CASSANDRA CROSSING/ DRM E TRASPARENZA
di Marco Calamari - La decisione francese sui DRM e' un passo in avanti per alcuni aspetti. Ma si sorvola sul diritto dell'utente di sapere che cio' che acquista puo' essere utilizzato solo a certe condizioni
URL: http://punto-informatico.it/pi.asp?i=58523

CONFERMATA NUOVA FALLA IN IE
In Internet Explorer e' stata scoperta una nuova vulnerabilita' che potrebbe mettere a serio rischio la sicurezza degli utenti. Microsoft al lavoro sulla patch
URL: http://punto-informatico.it/pi.asp?i=58517

UN TROJAN FA STRAGE DI CONTI BANCARI
Si diffonde attraverso messaggi di posta elettronica, sfrutta l'exploit WMF e ruba informazioni bancarie. Gli esperti di iDefense lanciano
l'allarme: e' tra i trojan piu' complessi mai analizzati
URL: http://punto-informatico.it/pi.asp?i=58529

TELECOM: CANONE PERFETTAMENTE LEGITTIMO
L'azienda reagisce alla sentenza del Giudice di Pace di Torre Annunziata, la considera priva di fondamento giuridico, specifica alcuni dettagli e annuncia un ricorso
URL: http://punto-informatico.it/pi.asp?i=58518

ADVISORIES, MARCH 22, 2006
Today's security advisories: snmptrapfmt (Debian GNU/Linux), kernel (Mandriva Linux), and sendmail (Fedora Core, Mandriva Linux, Red Hat Linux, Slackware Linux, and SUSE Linux).
http://nl.internet.com/ct.html?rtr=on&s=1,2bm9,1,k22c,lof4,85jl,7pty

TWO-IN-ONE DNS SERVER WITH BIND9
"This tutorial shows you how to configure BIND9 DNS server to serve an internal network and an external network at the same time with different set of information..."
http://nl.internet.com/ct.html?rtr=on&s=1,2bmb,1,auc8,l85o,85jl,7pty

ENTERPRISE-GRADE WIRELESS LAN SECURITY
This white paper outlines the considerations that should be taken into account to ensure the deployment of a secure wireless network.
http://www.net-security.org/news.php?id=10520

MORE ON MAC SECURITY
Some advice after a handful of mostly harmless worms shows that Macs are vulnerable to attack.
http://www.net-security.org/news.php?id=10525

BEST PRACTICES FOR PROTECTING IP-BASED STORAGE Are you looking at ways to protect sensitive customer data on your storage network? Read this white paper to learn how to solve this critical business issue.
http://www.net-security.org/news.php?id=10532

SECURITY HOLE FOUND IN CRYPTO PROGRAM GPG Attackers could sneak malicious code into e-mails.
http://www.net-security.org/news.php?id=10534

THE 7 MYTHS ABOUT PROTECTING YOUR WEB APPLICATIONS Web applications are currently proving to be one of the most powerful communication and business tool. But they also come with weaknesses and potential risk that network security devices are simply not designed to protect.
http://www.net-security.org/news.php?id=10557

PHILIP ZIMMERMANN RELEASES ZFONE, A PRODUCT THAT SECURES VOIP Zimmermann thinks Zfone is better than the other approaches to secure VoIP, because it achieves security without reliance on a PKI, key certification, trust models, certificate authorities, or key management complexity that bedevils the email encryption world.
http://www.net-security.org/news.php?id=10564

A COMPARISON AMONG SSL, IPSEC AND THE EMERGING CLASS OF MOBILE VPNS This paper provides an in-depth comparison of SSL, IPSec &Mobile VPN solutions, detailing the advantages and disadvantages of each.
http://www.net-security.org/news.php?id=10565

AN INTRODUCTION TO ELLIPTIC CURVE CRYPTOGRAPHY Elliptic Curve Cryptography (ECC) has been gaining momentum as a replacement for RSA public key cryptography largely based on its efficiency, but also because the US National Security Agency (NSA) included it, while excluding RSA, from its Suite B cryptography recommendations.
http://www.net-security.org/news.php?id=10592

MALWARE
Title: MetaFisher Trojan steals thousands of bank details
Source: Techworld
Date Written: 2006-03-23
Date Collected: 2006-03-23
For several weeks, phishers have been engaged in a sophisticated attack against customers of large banks in the United Kingdom, Spain, and Germany, tricking targets into visiting websites that use the Windows Metafile (WMF) flaw to install the MetaFisher trojan. Also known as Spy-Agent and PWS, MetaFisher joins infected computers into a botnet with one of the most sophisticated command and control systems, according to Eric Sites, vice president of research and development at Sunbelt Software. MetaFisher uses PHP-based websites to organize infected machines, track variants, query stolen data, search by keyword, and issue commands based on the nature of individual bots. The interface rivals systems used by many large IT departments. One command server in Washington, DC, tracked 29,000 infected computers and stole data 561,857 times. The internet service provider hosting the site has refused to shut it down.
http://www.techworld.com/security/news/index.cfm?NewsID=5627

VULNERABILITIES & EXPLOITS
Title: IE hit with third bug in one week
Source: Techworld
Date Written: 2006-03-23
Date Collected: 2006-03-23
Security researchers have discovered three flaws in Microsoft'sInternet Explorer in the course of a week. The newest flaw is a critical vulnerability in the createTextRange() function that could allow an attacker to specially create malicious content to take control of a machine, according to Computer Terrorism Ltd. Secunia rates the flaw as 'highly critical'. Computer Terrorism says it has developed "reliable proof-of-concept" exploit code, but has not released it. The
createTextRange() flaw follows news of another flaw that could lead to system takeover and a less serious flaw which would only crash Internet Explorer.
http://www.techworld.com/security/news/index.cfm?NewsID=5629

VULNERABILITIES & EXPLOITS
Title: Sendmail flaw opens door to intruders
Source: C-Net News
Date Written: 2006-03-22
Date Collected: 2006-03-23
Mark Dowd of Internet Security Systems (ISS) has discovered a flaw in the Sendmail e-mail program that could allow an attacker to take over an SMTP server. The flaw, affecting Linux and Unix versions of Sendmail from version 8 to 8.13.5, would allow an attacker to gain control by sending malicious packets at carefully crafted time intervals. Gunter Ollmann, director ISS's X-Force research team, notes that the flaw could become popular among hackers since SMTP traffic is routinely passed through firewalls. Symantec classifies the flaw as 'critical'. Sendmail officials say they have seen no evidence of an exploit, but urge users to upgrade to Sendmail 8.13.6 as soon as possible. Sendmail software delivers 70 percent of the world's e-mail messages, according to the Sendmail Consortium.
http://news.com.com/2100-1002_3-6052758.html

Open Source Magazine launches new US and UK sites http://newsvac.newsforge.com/article.pl?sid=06/03/23/2043208&from=rss
John Buswell writes "o3 magazine, a monthly open source electronic publication focused on open source in the enterprise launched a new website today. This is the second major change at the publication since the new design which was rolled out with issue #4 earlier this month.

Il cybercrime continua a crescere, parola di Symantec L'ultimo Internet Security Threat Report, l'aggiornamento semestrale rilasciato in questi giorni dalla società specialista in sicurezza It, propone un quadro poco rassicurante...
http://www.ziobudda.net/Admin/redir_news.php?id=27257

Ubuntu Breezy Security Alert
La distribuzione Ubuntu 5.10 (Breezy Badger) è affetta da una falla di sicurezza, perfettamente risolvibile. L'annuncio è di oggi e interessa una libreria grafica.
http://www.ziobudda.net/Admin/redir_news.php?id=27255

“Libertà Digitali: Censure e DRM vs libertà dell’utente”
Si può ancora parlare di effettiva libertà in rete?
http://www.ziobudda.net/Admin/redir_news.php?id=27252

Un Trojan sfrutta oltre 100 istituzioni finanziarie Un Trojan sfrutta illegalmente i marchi di oltre 100 istituzioni finanziarie. Un nuovo attacco che modifica i contenuti dei file host sul Pc con una lista di siti che indirizzano tutti al localhost (127.0.0.1)..
http://www.ziobudda.net/Admin/redir_news.php?id=27250

Personal Solution Pac 3.0 per Linux
La prima soluzione “plug and play” per amministrazione di Ups, basata completamente su codice OpenSource.
http://www.ziobudda.net/Admin/redir_news.php?id=27249

Più Live-CD su un DVD
Finalmente uno script che permette di creare un DVD che contiene piu'
Live-CD, tutte eseguibili.
http://www.ziobudda.net/Admin/redir_news.php?id=27247

Nuovo bug per Internet Explorer 6
Bug di Internet Explore segnalato da Michal Zalewski che causa il crash del Browser.
http://www.ziobudda.net/Admin/redir_news.php?id=27244
Also - http://www.techworld.com/security/news/index.cfm?NewsID=5608

Leggere le webmail da Thunderbird
Tramite questo plugin è possibile leggere i propri account di email su Yahoo, Hotmail, Lycos, MailDotCom, Gmail, Libero, e AOL direttamente via Thunderbird.
http://www.ziobudda.net/Admin/redir_news.php?id=27242

Introduzione ad Haskell
Haskell e` un linguaggio di programmazione complesso e flessibile che offre soluzione a problemi piu'difficili da aggirare sfruttando gli strumenti offerti da altri diffusi linguaggi, pur consentendo al programmatore di continuare lo stesso a sfruttarne le tecniche. Potenza e praticita' a un buon compromesso.
http://www.ziobudda.net/Admin/redir_news.php?id=27235

WINDOWS VISTA LO PORTERA' LA BEFANA
Niente Vista prima del prossimo anno, almeno per il grande pubblico. In contrasto con quanto dichiarato fino a pochi giorni fa, Microsoft ha infatti posticipato il lancio del nuovo Windows all'inizio del 2007.
Ecco perche'
URL: http://punto-informatico.it/pi.asp?i=58493

IL CANONE TELECOM? E' ILLEGITTIMO
Lo ha stabilito il Giudice di Pace di Torre Annunziata, accogliendo il ricorso di un utente e condannando l'incumbent a rimborsare i canoni percepiti e al pagamento delle spese di giudizio. Il Codacons: si apre una voragine
URL: http://punto-informatico.it/pi.asp?i=58508

FIREFOX 2.0 RINGHIA A IE7
Mozilla Foundation ha fornito un primo assaggio di quella che sara' la prossima major release di Firefox. Le novita' di questa alpha sono ancora poche, ma nelle future versioni si attendono molte chicche
URL: http://punto-informatico.it/pi.asp?i=58497

ENUM, PIU' VICINA LA VERA TELEFONIA IP
Pubblicati i primi risultati della sperimentazione che coinvolge decine di provider: si avvicina il momento in cui il VoIP abbandonera'
completamente la rete telefonica tradizionale. Con abbattimento delle tariffe. Tutti i dettagli
URL: http://punto-informatico.it/pi.asp?i=58499

** CHI PRODUCE IL MALWARE? **
Worm, virus, trojan horse, spyware, rootkit, dialer, hijacker. Chi li produce?
>> di Luigi Saggese
http://www.zeusnews.it/news.php?cod=4679

Tools of the Trade (Part 2)
Author: Don Parker
Summary: In part one of the article series on “Tools of the Trade” we covered a packet sniffer and network scanner. Both installation and sample usage were shown. In part two we will go on to cover other key tools that are of importance to learn. Read on to find out more!
Link: http://www.WindowSecurity.com/articles/Tools-Trade-Part2.html

New Security Features in Internet Explorer 7
Author: Brien M. Posey
Summary: In Internet Explorer 7, Microsoft seems to have addressed many of the security issues that have plagued Internet Explorer for the last decade. Of course only time will tell if Internet Explorer 7 is really secure or not, but in this article I want to introduce you to some of the new Internet Explorer security features.
Link:
http://www.WindowsNetworking.com/articles_tutorials/Security-Internet-Explorer-7.html

Querying Databases in SQL Server 2005
Read this to understand the interface available for querying the SQL Server 2005 databases.
http://www.aspfree.com/c/a/MS-SQL-Server/Querying-Databases-in-SQL-Server-2005/

Python and OpenOffice.org
See how Python-UNO lets you work with the Open Office API in Python.
http://www.devshed.com/c/a/Python/Python-and-OpenOfficeorg/

ADVISORIES, MARCH 21, 2006
Recent security advisories: libmail-audit-perl, drupal, kdegraphics, crossfire, ilohamail, kernel-patch-vserver, util-vserver, and unzip (Debian GNU/Linux); xorg-x11-server, beagle, and curl (Fedora Core); kernel, gdk-pixbuf, libungif, xpdf, and kdelibs (Fedora Legacy); PEAR-Auth, Heimdal, Crypt, Metamail, PeerCast, Pngcrush, cURL/libcurl, and Macromedia Flash Player (Gentoo Linux); and xorg-x11 and cairo (Mandriva Linux).
http://nl.internet.com/ct.html?rtr=on&s=1,2bev,1,m365,6n85,85jl,7pty

INGRES PREDICTS THE END OF OPEN SOURCE
"As open source becomes the standard, closed source will increasingly become the oddity..."
http://nl.internet.com/ct.html?rtr=on&s=1,2bex,1,d744,ih36,85jl,7pty

OPENVZ TO RELEASE KERNEL FOR SUSE LINUX ENTERPRISE 10 "The OpenVZ Project Thursday will release its kernel for Novell's Suse Linux Enterprise 10, said project officials..."
http://nl.internet.com/ct.html?rtr=on&s=1,2bex,1,lkym,9put,85jl,7pty

CLI MAGIC: TRACKING SYSTEM PERFORMANCE WITH SAR "This suite of programs can be useful in tracking down performance bottlenecks and providing insight into how the system is used throughout the day..."
http://nl.internet.com/ct.html?rtr=on&s=1,2bex,1,htok,gtmh,85jl,7pty

TROUBLESHOOTING UNIX SYSTEMS WITH LSOF
"One of the least-talked-about tools in a UNIX sysadmin's toolkit is lsof. Lsof lists information about files opened by processes. But that's really an understatement..."
http://nl.internet.com/ct.html?rtr=on&s=1,2bex,1,6q77,18nf,85jl,7pty

MALWARE
Title: Anti-spyware group fingers Kazaa
Source: Techworld
Date Written: 2006-03-22
Date Collected: 2006-03-22
The new StopBadware.org group has produced its first report. The report identifies Kazaa, download manager MediaPipe, screeensaver Waterfalls 3, and SpyAxe, an advertised spyware blocker, as “badware”. The group labels any spyware, viruses, or deceptive adware as badware. The four applications met StopBadware.org’s identification guidelines, such as the use of deceptive installation mechanisms, modifying software on the affected computer, and being difficult to uninstall completely.
http://www.techworld.com/security/news/index.cfm?NewsID=5617

MALWARE
Title: Hearse spells doom for surfers
Source: Techworld
Date Written: 2006-03-22
Date Collected: 2006-03-22
Sana Security is warning that there is a “new type of malicious software designed to steal usernames and passwords from web surfers”, called a "rootkit.hearse," that uses rootkit cloaking techniques which make it very difficult to detect. The rootkit.hearse the group identified “has two components: a Trojan horse application that communicates with a Russian server, as well as rootkit software that cloaks the malicious software from system tools and anti-virus programs”. The software does have to be downloaded by a user to become effective, however.
http://www.techworld.com/security/news/index.cfm?NewsID=5613

VULNERABILITIES & EXPLOITS
Title: Symantec pulls Backup Exec patches
Source: Techworld
Date Written: 2006-03-22
Date Collected: 2006-03-22
Symantec has pulled some patches meant to address security flaws in its Veritas Backup Exec “due to quality issues”. The flaws in the Backup Exec Remote Agent “could allow attackers to cause memory access violations or use up all system resources, causing the system to crash and lose backup capability”, which, as the product is used to backup critical data, could be a serious issue. Symantec says it will re-release the patches "shortly".
http://www.techworld.com/security/news/index.cfm?NewsID=5621

Command line Perl for sysadmins
http://programming.newsforge.com/article.pl?sid=06/03/08/1456241&from=rss
Using perl -e allows you to specify a script right on the command line.
It's a powerful, underused feature even for people who use Perl regularly. Perl's powerful command line options make it a more flexible replacement for sed, awk, and even vi. Combine perl -e with the command line editing capability of modern shells and you can, write, test, and debug in record time.

g00d reading! 'n' bye
Daily DisInfo CreaTor & MainTainer:

The Jackal a.k.a. jAcKallO < jackal [at] capitanlug.it >

(AreaSessantuno Inside) / (SpiPPolatori Collaborator) (HackerAlliance Member) / (Socio fondatore del CapitanLUG.iT) (Daily DisInfo CreaTor & MainTainer) / (Security News MainTainer)

...::::: ooOOOo sPoT oOOOoo :::::...

Il Daily DisInfo è disponibile anche
all'indirizzo: http://dailydisinfo.splinder.com

...::::: ooOOOo eNd oOOOoo :::::...