Bookmark or link to: www.kobayashi.cjb.net. All other url`s could change!
News Archive    Translate Traducen
News July 2000
31 july

HPTeam Mail Trojan 0.03.

Rat Cracker 1.31 by "The ExCon" is a password cracker for Deepthroat, Doly, Netbus, Subseven and Wincrash.

Microsoft Security Bulletin (MS00-028)
Microsoft has released a patch that eliminates a security vulnerability in Microsoft(r) Windows NT(r) 4.0 and Windows(r) 2000. Under certain conditions, the vulnerability could enable a malicious user to cause code of his choice to run when another user subsequently logged onto the same machine. Read more.

TheStandard.com:
Cybersecurity Project Threatened. Read more.

CNET.com:
Reno won't stop FBI's email monitoring. Read more.

PCWorld.com:
Windows Vulnerabilities. Read more.

ABCNEWS.com :
Rave Against the Machine
Defcon 2000: Hackers, Geeks, ‘Script Kiddies’ Party. Read more.

ITPArabia.com:
Dubai-based Interactive Technologies are pushing the issue of e-Security into the public eye... Read more.

30 july

AckCmd is a special kind of remote Command Prompt for Windows 2000. It communicates using only TCP ACK segments. This way the client component is able to directly contact the server component through a firewall in some cases.
More Information and download.

NetView scans IP addresses for available Windows File and Print Sharing resources.

AVP updates 28 july 2000.

PCworld:
Uncle Sam Recruits Hackers. Read more.
Computerworld:
Feds warn hackers, then ask them for help. Read more.

vnunet:
Tool traces denial of service sources. Read more.

The Harvard Journal of Law and Technology:
Why the Police Don't Care About Computer Crime. Read more.

MSNBC:
Step inside the world of hacking. Read more.

Yahoo:
Hackers Steal Cyprus University Exam Results. Read more.

29 july

Trojan CC Invader.

Van Hauser wrote the article "Placing Backdoors Through Firewalls".
His new article is called Reverse-WWW-Tunnel-Backdoor v1.6, "Proof-of-Concept Program for the paper "Placing Backdoors through Firewalls".

Anti Pedo Worm by Del_Armg0.

Force Feeding files to Internet Explorer.

Microsoft Security Bulletin (MS00-047):
Patch Available for “NetBIOS Name Server Protocol Spoofing”
Microsoft Security Bulletin MS00-047 announces the availability of a patch that improves the ability of an administrator to protect against denial of service attacks against Microsoft® Windows NT® 4.0 and Windows® 2000 systems.
Read more.

PR Newswire:
Computer Associates Advises Computer Users of New Kak.B Worm Targeted at Microsoft Outlook and Outlook Express. Read more.

Silicon Valley:
Study: Internet's structure vulnerable to organized attack. Read more.

ComputerWorld:
Debate erupts over disclosure of software security holes. Read more.

Planet IT
DEF CON: How Much Security Is Enough?
At the DEFCON 8 computer security convention in Las Vegas this week, hackers, phreaks and federal agents, among others, gathered as they have every summer for the past seven years. Read more.

Security Portal:
Default Passwords and What You Can Do About Them. Read more.

CERT® Coordination Center:
How the FBI Investigates Computer Crime. Read more.

Network World Fusion
Denial-of-service threat gets IETF's attention. Read more.

TheStandard.com:
U.K. Passes E-Mail Snooping Bill Into Law. Read more.

NandoTimes:
FTC supports Internet privacy deal. Read more.

Electronic Telegraph:
Internet 'is a target for terrorism'. Read more.

Slashdot:
Kuro5hin.org Taken Down after Application-level DoS. Read more.

Lawrence Journal-World:
Government vulnerable to computer virus attacks. Read more.

Computerworld:
Expert: Better tools needed to nab computer criminals. Read more

ITP Arabia.Com:
Hacking threat to Middle East. Read more.

28 july

Latest version of Trojan HostControl: HostControl Professional.

Net-Commando 2000 is an Internet security application which claims: "lets you detect and remove all known and unknown Trojan Horses from your computer". It features system analysis tools, such as a startup analyzer, process manager, an executable analyzer, as well as the ability to generate network statistics.
Limitations in downloadable version:
You can use the program up to 336 hours or within 28 days, whichever comes first.

Microsoft Security Bulletin MS00-032 announces the availability of a patch that eliminates a vulnerability in Microsoft® Windows 2000. Microsoft is committed to protecting customers' information, and is providing the bulletin to inform customers of the vulnerability and what they can do about it. Read more

Lexis-Nexis:
FireWall-1, one of the world's top-selling computersecurity systems.
But hackers can not only penetrate the system, but actually gain administrative control and the ability to determine who can get at the data protected by the barrier. Read more.

The Anatomy of File Download Spyware
"Spyware" is a name given to software which secretly tells its manufacturer your personal information. This page investigates the spyware-like features which come installed with RealNetworks RealDownload, Netscape/AOL Smart Download, and NetZip Download Demon utilities. RealNetworks RealDownload turns out not only to send the URL of the files you download, but the Windows GUID, a unique identifier which includes each computers MAC address. Read more.

Nando Times:
Coordinated hacks could break apart Internet, study says. Read more.

PCWORLD:
Security officials from around the world agree that cooperation is needed to catch cybercrooks, and the United States plays a pivotal role. Read more.

CNN.com:
Many countries said to lack computer crime laws. Read more.

ZDNet:
FBI under gun to release Carnivore code. Read more.

Excite:
Silence the best security policy
Well-meaning hackers are creating an army of "script kiddies" by making security holes public, says a speaker at the Black Hat Security Conference. Read more.

Daily News:
Web Master Keeps Secrets — Despite FBI. Read more.

You can contribute to this site by submitting trojans or interesting url`s here or vote here.

27 july

Trojan CrazzyNet 3.7.

Microsoft Releases IIS 5.0 Security Checklist Monday, July 24, 2000 - Microsoft recently released a new security-related document that helps administrators better secure their Internet Information Server 5.0 systems. The document is entitled "Secure Internet Information Services 5 Checklist" and lists a dozen specific items that must be addressed in addition to a few tweaks to the underlying Windows 2000 operating system.

Outlook "Cache Bypass" vulnerability (Patch available).

Logon DoS when Windows 2000 is combined with EFS.
If a user encrypts Autoexec.bat on a Windows 2000 NTFS system volume, no user will be able to logon locally or access resources shared on this computer remotely, not even the Administrator. Read more.

The "Persistent Mail-Browser Link" vulnerability (Patch available)
Microsoft has released a patch that eliminates a security vulnerability affecting Microsoft Outlook Express. The vulnerability allows a malicious user to send an email that would "read over the shoulder" of the recipient as he previews subsequent emails in Outlook Express. Read more.

Distributed Denial of Service Defense Tactics

Results of the Distributed-Systems Intruder Tools Workshop. PDF File. Read more.

ZoneAlarm 2.1. The award-winning ZoneAlarm Internet security utility increases security for Internet-connected personal computers with its unparalleled ease of use and strong protection features.
ZoneAlarm now features MailSafe to stop email-borne Visual Basic Script worms, like the "I Love You" virus. Free.

Step by Step NT Explotation Techniques

Lexis-Nexis/National Post:
Security consultant claims to have found Check Point's FireWall-1 vulnerable to possible hackers attack. Read more.

Report shows most companies use reactive approach to security that leaves holes (IT Director/Bloor Research)
Read more.

NetworkWordFusion:
Denial-of-service threat gets IETF's attention. Read more.

Slashdot:
Open Source Concerns: Trojan Horses In the Code. Read more.

Slashdot:
More trojan horse issues. Read more.

BBC News:
Congress fears FBI internet tap tool. Read more.
Wired: FBI Gives a Little on Carnivore. Read more.
The Economic Times:
Fears on new Net-wiretap system allayed. Read more.
AntiOnline: Fight `Carnivore' with Encryption Program, Says Computer Expert. Read more.

ZDNet Australia: Tech News:
UK Net snooping gets undermined. Read more.

26 july

New trojan: Dark Connection Inside 1.2. Big thanks to GIAST.

Passive Aggression v1.0.
This PERL script is a proof-of-concept exploit for downloading other user's files from FTP servers without needing thier authentication. It works against servers that use passive connections for data transfers and fail to check the incoming address of the data connection. It first attempts to determine the server-side data port incrementation rate and then guesses at the next port, makes a connection, and saves the retrieved data to a file. This does not work against M$ boxen, but is fairly impressive when run against large public FTP servers. A much more sinister purpose would be to snag confidential files being passed between corporate networks at scheduled times, like end of the day batch processing of customer orders, or crontab'd FTP backups.

NetGuard will sit in your Windows system tray and monitor popular trojan ports for connection attempts. When a connection is made, the detected IP is traced and optionally logged to a file on your hard drive. The intruding computer is then automatically disconnected.

Network Administrators Tool for Analyzing and Sniffer
A Windows 2000 sniffer that can capture/sniff all traffic on the network, filter with rules, write partially-decoded packets to a log file, log http addresses, and more. Download.

Big Brother vulnerability scanner.

Idlescan alpha3 for Linux, bugs fixed
Features: - Target never sees your ip address
- No limit in the number of sensors working in parallel
- Automatic windows ip.id increment detection (windows counts in little endian)
- Auto-dropping sensors with traffic
BugTraq article.

Microsoft Security Bulletin MS00-050 announces the availability of a patch that eliminates a vulnerability in the Telnet Server that ships with Microsoft® Windows 2000. Read more

Personal Firewalls / Intrusion Detection Systems
An Analysis of Mini-Firewalls for Personal use. Read more.

The Register: Wanna know how BT.com was hacked? Read more.

Congress isn't swallowing Carnivore. Read more.
FBI grilled over software that opens e-mails. Read more.
Carnivore. Read more.

Why the Police Don't Care About Computer Crime.
An article in the Harvard Journal of Law and Technology from the summer of 1997 issue warns that police may face attacks against their information systems in the 21st century. Read more.

AntiOnline: Denial-Of-Service Threat Gets Ietf's Attention. Read more.

To heck with hactivism
Do politically motivated hackers really think they're promoting global change by defacing Web sites? Read more.

25 july

Trojan Barrio Trojan 3.10.

Weekly Microsoft Security Digest 2000/07/17 to 2000/07/23. Read more.

Weekly Linux Security Digest 2000/07/17 to 2000/07/23. Read more.

Weekly Solaris Security Digest 2000/07/17 to 2000/07/23. Read more.

ICAT is a searchable index of information on computer vulnerabilities. It provides search capability at a fine granularity and links users to vulnerability and patch information. Link.

The Internet Traffic Archive is a moderated repository to support widespread access to traces of Internet network traffic, sponsored by ACM SIGCOMM. The traces can be used to study network dynamics, usage characteristics, and growth patterns, as well as providing the grist for trace-driven simulations. The archive is also open to programs for reducing raw trace data to more manageable forms, for generating synthetic traces, and for analyzing traces. Read more.

GUI trojan creator… TROJ_SENNASPY.2K Read more.

FBI Shows Off Its 'Carnivore' . Read more.
FBI demos e-mail sniffer program 'Carnivore'. Read more.

Applause for IE's Cookie Catcher. Read more.

Performance versus security. Read more.

U.S. lawmakers introduce workplace privacy measure. Read more.

Cracked! Part 7: The Cracker's Revenge. Read more.

Korean cyberthieves sell hacked customer information. Read more.

24 july

Trojan Host Control 2.5.

Web blocking software can be easily bypassed.
CyberSitter, CyberPatrol, SurfWatch, Net Nanny, I-Gear, SmartFilter, WebSENSE, BESS, X-Stop, NetRated and SafeSurf are among the most popular Web blocking applications available on the market. Those applications try to block users from reaching certain web sites. Can those applications really block users from reaching prohibited web sites?
Read more.

Biggest German free e-mailer hacked. Read more.

State Department stricken by computer virus. Read more.

Powergen in security scandal - thousands of debit card details open to abuse. Read more.

23 july

New Trojan PC Invader 0.7. Thanks to Senna Spy.

Linux Today: Caldera Systems Security Update: DoS on gpm. Read more.
Red Hat Security Advisory: Updated PAM packages are available. Read more.

Remotely Exploitable Buffer Overflow in Outlook "Malformed E-mail MIME Header" Vulnerability. Published by USSR. Read more.

CNN: Microsoft scrambling to fix new Outlook security hole. Read more.

AVP updates 21 july 2000

surfCONTROL SuperScout URL blocking can be easily bypassed. Read more.

Rain Forest Puppy, a.k.a. RFP: The bane of Microsoft. Best known for releasing the Microsoft IIS RDS exploit used by thousands of script kiddies. RFP is the author of the Web-scanning tool whisker, which can defeat intrusion detection systems. RFP is credited for recently revealing a backdoor inserted by Microsoft engineers that stated that "Netscape engineers are weenies!" RFP prefers to keep his professional identify anonymous. Read more.
Here his site and his RDS/IIS 4.0 Vulnerability and exploit .

They Gain Root
Know Your Enemy: III Read more.

Scam artist copies PayPal Web site. Read more.

'New breed' drowning out hacker culture? Read more.

Spying or Security? Read more.

22 july

Barrio Trojan 3.05. Thanks to Explorer!
It will send reports to your E-Mail each time person connects to internet.
What you can find in reports:
- Dial-Up password
- Cached resourses
- Crypted passwords from E-Type Dialer
- Everything that was pressed in some windows (Login request e.t.s.)
Send bugs, suggestions to Barrio.

Windows NT rootkit alpha Release 0.31 (source and debug-build binary, NT 4.X and 5.X Only) 222Kb.
It also has been tested under Windows 2000 as well as 4.0.
This build is testing a new technique called EXE Redirection which can hide any trojan from the user. If you open, hash, CRC, or scan the file - you see the original file, but if you execute the file, you get the trojan. This is a very powerful stealth technique. Also, this build sports the ability to hide registry keys and values.
Download.

Trojan Reversing by defiler.

Win32 Buffer Overflows by dark spyrit AKA Barnaby Jack

Malicious ActiveX Content Embedded in Microsoft Office Documents Threatens Windows Users. Read more.

Patching the NT Kernel
A 4-byte patch that removes ALL security from an NT network.. completely violates the Subject->Object security relationship by patching the SeAccessCheck() function. Read more.

Microsoft adds cookie control to IE 5.5. Read more.

Security Scanner Nessus 1.0.3. Read more.

Paranoia Runs Deep at Hacker Convention. Read more.

Bug Watch: a two Trojan Horse race. Read more.

Software Functions As A Robotic Hacker. Read more.

Mitnick teaches 'social engineering. Read more.

Teen hacked into local server from abroad.
The 15-year-old Indonesian boy, facing 16 charges, admitted accessing and modifying system. Read more.

BT hacked: Revenge for crap service. Read more.

21 july

Dripper grabs dial up information on a local computer.

ToPo 1.2 adds 'codeable' areas to Win32 exe/dll's. By MrCrimson.

Ginastub 1.0 is a WinLogon password grabber. By txGreg .

AntiSniff 1.02 for Win 95/98/NT byL0pht Heavy Industries.

Libnet for NT available from eEye. Read more.

Known NT Exploits
Good guys annouce security weaknesses, the bad guys keep them to themselves... Read more.

Design and Implementation of a Sniffer Detector. Read more.

Another security hole found in Microsoft's Outlook. Read more.

First AutoCad virus found. Read more.

Zonealarm Firewall can be easily scanned for open ports. Read more.

Out of order SMTP DATA command can be used to bypass firewall protection. Read more.

Another brick in the wall.
Fighting a losing battle on the front lines of security. Read more.

Why Do I Have to Tighten Security on My System? Read more.

The Name Game: Groking the Love Bug.
Every few months the computer security community is thrust into the public spotlight with a huge scandal that has every world media outlet scrambling through the Net for the exclusive. Most recently we've seen such frenzies with the defacing of the New York Times Web site, the Melissa virus, the massive DDoS attacks, and now with the virus affectionately known as "The Love Bug." Read more.

Security guru: Napster a security risk. Read more.

The Legality of Linking.
Is hyperlinking ever illegal? That question will be before the court in the lawsuits between MP3Board.com and the Recording Industry Association of America. Read more.

Hackers: The millennial scapegoats? Read more.

Teen Hacking Idol Hits Big Apple. Read more.

20 july

New version of SheepGoat. Server only 14k.

Connector 1.0.
Raw TCP/IP socket connection tool. Able to connect to any host computer using a TCP socket connection. You can send and receive plaintext commands and answers. Can be used for example to send E-Mail with SMTP by hand, or as a simple telnet client. Basically, you can simulate any ASCII text protocol over such a TCP/IP connection. It is also very useful if you want to test if a server works properly, especially if you are developing your own TCP server applications.

The "Nessus" Project aims to provide to the internet community a free, powerful,up-to-date and easy to use remote security scanner.
A security scanner is a software which will audit remotely a given network and determine whether bad guys (aka 'crackers') may break into it, or misuse it in some way. Nessus is made up of two parts : a client and a server. You need a Unix-like system to use the server (Linux is just fine). Link.

Anonymizer Surfing prevents web sites from tracking you and from accessing sensitive information in your browser. The Anonymizer acts as an agent between you and the site you want to view. You go to the Anonymizer, then the Anonymizer goes off in the network to find the page you wish to view, and then the Anonymizer shows you the page. It acts as a security screen between you and the web site page. Link.

Apache and Secure Transactions. Read more.

Microsoft Security Bulletin (MS00-043)
Patch Available for “Malformed E-mail Header” Vulnerability.Download.
Read more.
Hackers use e-mail code to control computers. Read more.
Microsoft says e-mail program vulnerable to hackers. Read more.
Outlook 2000 SR-1 Update: E-mail Security. Read more.
Now, e-mail is even more dangerous. Read more.

A Prime Port of Call for Hackers?
The easy passage of all kinds of data through computers' Port 80 is making it harder to build Web virus killers. Read more.

Interception Capabilities 2000
Report about Interception of data. Read more.

Long file names cause havoc. Read more.

Bureau names new eFBI chief.
The FBI has named a new assistant director to oversee the design and launch of eFBI, a recently renamed and resurrected program that will give bureau agents the ability to share and sift through information via the World Wide Web. Read more.

White House proposes updated wiretapping laws. Read more.

Pssssst ... someone may be following you on the Internet. Read more.

Engage proposes P3P for Cookies standard. Read more.

19 july

New Trojan: PrivatePort 001a

Securing Your Home Network. Read more.

Yesmail Fights Blacklist Threat. Read more.

E-tailers Hit Hard By Credit Card Fraud. Read more.

In Unique Tactic, ACLU Seeks FBI Computer Code On "Carnivore" and Other Cybersnoop Programs. Read more.

When hacking is guessing. Read more.

White House Proposes Extension of Federal Wiretap Laws. Read more.

Calling the Cops. Read more.

18 july

Trapdoor Server. Thanks to Senna Spy.

Personal Firewalls / Intrusion Detection Systems. Read more.

Weekly Microsoft Security Digest 2000/07/10 to 2000/07/16 Read more.

Weekly Linux Security Digest 2000/07/10 to 2000/07/16. Read more.

Weekly Solaris Security Digest 2000/07/10 to 2000/07/16. Read more.

Weekly BSD Security Digest 2000/07/10 to 2000/07/16 . Read more.

Linux Magazine: Unix Security Holes. Read more.

Net bulletin boards will be watched. Read more.

ADSL fundamentally insecure - BT. Read more.

Scour Denies Unauthorized File Sharing. Read more.

Hollywood vs hackers in US court case. Read more.

Calling the Cops. Read more.

17 july

Trojan Y3K Rat 1.2 by -/Chucky-\- and [Firelarm].

Trojan cleaner: The Cleaner 3.0.

New Release:
SAINT 2.1.1 is the Security Administrator's Integrated Network Tool. In its simplest mode, it gathers as much information about remote hosts and networks as possible by examining such network services as finger, NFS, NIS, ftp and tftp, rexd, statd, and other services. The information gathered includes the presence of various network information services as well as potential security flaws -- usually in the form of incorrectly setup or configured network services, well-known bugs in system or network utilities, or poor or ignorant policy decisions.
Platforms:
SunOS 4.1.3_U1
SunOS 5 (Solaris)
Linux
Irix 5.3

New Release 7-9-2000:
Intrusion Detection Joins Net Security Arsenal . Read more.

Instructor is a 32-bit instruction set auditor. By sequentially executing every 32 Bit OpCode, it is easy to find instructions that might have adverse effects on operating environments. For example, Instructor was used to find the non-privileged halt instruction. Link.
Platforms:
OpenBSD 2.5
Linux/Alpha 2.2.x
Linux/x86 2.2.x

The "Nessus" Project aims to provide to the internet community a free, powerful,up-to-date and easy to use remote security scanner. A security scanner is a software which will audit remotely a given network and determine whether bad guys (aka 'crackers') may break into it, or misuse it in some way. Link.

IDLEScan:
To run the program you will have to be able to reach one or more idle machines. Almost any device with an IP network interface will do: printers, switches, routers, windows or UN*X boxes with low network traffic. The scan is conducted from the attacking machine, but the IP packets are forged to make it look as though they came from the idle machines (we'll call those 'sensors'). Port scans are performed by sending certain packets to the target and waiting for a reply. In this case, the answer will return to the 'sensor'. But predictable IP numbering makes it possible for us to know if an answer came back to the 'sensor' or not, by sending a packet to it ourselves and observing the returned packet ID. This conducts a fairly reliable port scan, while completely faking the origin of the scan. Download.

The Deception ToolKit (DTK) is a toolkit designed to give defenders a couple of orders of magnitude advantage over attackers. The basic idea is not new. We use deception to counter attacks. In the case of DTK, the deception is intended to make it appear to attackers as if the system running DTK has a large number of widely known vulnerabilities. DTK's deception is programmable, but it is typically limited to producing output in response to attacker input in such a way as to simulate the behavior of a system which is vulnerable to the attackers method. Link.

WebTrends Security Analyzer discovers and fixes the latest known security vulnerabilities on Internet, intranet and extranet hosts. Currently Security Analyzer supports over 1000 tests for Windows, Solaris and Linux with the most advanced agent-based technology available. Link.

LANguard safeguards your network against unauthorised access, hackers, trojans and password crackers and prevents misuse of the internet by employees. Link.

Remailer Programs. Link.

A Balanced Approach to DoS
It's virtually impossible to block denial-of-service attacks.
But you can take steps to mitigate their impact, including deploying intermediate devices such as load balancers.
Read more.

HACKER WHACKER scans your computer for free.

Web Scan Network Audit
Web Scan is a network auditing service that gives system administrators the ability to audit their internet presence for potential network misconfiguration and security vulnerabilities. Also free scan Link.

Cult of the Dead Cow's bizarre theater. Read moe.

Hacked Web Sites. Link.

Hacker zine prepares to defend itself in court. Read more.

Hotmail compromises users' data... again. Read more.

16 july

Hooker 2.5. Thanks to Duke/SMF, president of Super Malware Force group.

UIN to IP finds IP from UIN by PhilippP.

AVP updates 14 july 2000.

Hardening Windows NT Against Attack by Paul E. Proctor. Read more.

Snort is a lightweight network intrusion detection system, capable of performing real-time traffic analysis and packet logging on IP networks. Link.

Vetescan is a bulk vulnerability scanner which contains programs to check for and/or exploit many remote network security exploits that are known for Windows or UNIX. It includes various programs for doing different kinds of scanning. Fixes for vulnerablities are included along with the exploits. Link.

NAT (NetBIOS Auditing Tool)
Note: This is an unofficial download site.
Description:
The NetBIOS Auditing Tool (NAT) is designed to explorethe NETBIOS file-sharing services offered by the target system. It implements a stepwise approach to gather information and attempt to obtain file system-level access as though it were a legitimate local client.

Fragrouter is aimed at testing the correctness of a NIDS,according to the specific TCP/IP attacks listed in the Secure Networks NIDS evasion paper. [2] Other NIDS evasion toolkits which implement these attacks are in circulation among hackers or publically available, and it is assumed that they are currently being used to bypass NIDSs. Link.

NETCAT
TCP/IP swiss army knife A simple Unix utility which reads and writes data across network connections using TCP or UDP protocol. It is designed to be a reliable "back-end" tool that can be used directly or easily driven by other programs and scripts. At the same time it is a feature-rich network debugging and exploration tool, since it can create almost any kind of connection you would need and has several interesting built-in capabilities. Link.

Apache::ASP security hole. Read more.

Java Web Server vulnerable to remote command execution. Read more.

Internet Explorer 5.5 and 5.01 suffer from a security problem that enables malicious web sites to create a special HTML page which reads the content of any local and remotely accessible html or text file. The real danger is reading parsed web pages from Intranet web servers that are supposedly secured behind the firewall. The bug is also exploitable from HTML based email messages. IE 5.5 local text file reading vulnerability .

Tracing e-mail by Frederick M. Avolio.

Big Brother daemon listens for incoming connections on port 1984. Two separate security holes allow remote attackers to read and write arbitrary files on the system, entirely compromising the server's security. Read more.

"How I hacked PacketStorm" by rain forest puppy.
A look at hacking wwwthreads via SQL. Read more

A Very Good Year For Viruses.Read more.

EarthLink just says no to FBI's Carnivore. Read more.

Hacker Charged In NASA, University Break-Ins. Read more.

NASA blocks all Excite@Home traffic to thwart hackers. Read more.

You can contribute to this site by submitting trojans, url`s and voting.
New: Exploits and Vulnerabilities.

15 july

Trojan Nirvana 1.99 with sources.

Port scanner: 7thSpere 1.2 basic.

Encryption Plus for Email is a one-step, e-mail encryption plug-in for Microsoft Outlook. This handy utility lets you encrypt your outgoing messages with a single mouse click. Your recipient only needs the password in order to read your message.

L0phtCrack is designed to recover passwords for Windows NT. NT does not store the actual passwords on an NT Domain Controller or Workstation. Instead it stores a cryptographic hash of the passwords. L0phtCrack can take the hashes of passwords and generate the cleartext passwords from them. Read more

Backdoors and Rootkids. Read more.

Packet Storm Assessment Section.

SSL Any clear text sent through network services such as e-mail, web pages and similar mediums are easily read by individuals using packet sniffers as the packets with the clear text information travel across networks.Information that is transmitted over insecure communications are subject to intercept or collection by criminals or others snooping on the Internet.
Kissing the Secure Socket Layer Frog. Read more.

BSD Security. Read more.

The SmartDownload feature in Netscape's Navigator browser (included as an option since version 4.7) logs user downloads and sends this data to Netscape. This data includes the file name, the file's server name and the user's IP address. It may also include the user's email address. A cookie pointing to this information is also added to the browser. This is all done without informing the user or asking his/her permission.
So just how guilty is Netscape? Read more.

Cisco firewall falls for forged packets. Read more.

Nearly undetectable tracking device raises concern. Read more.

The Cookie Leak Security Hole in HTML Email messages. Read more.

A Web Bug is a graphics on a Web page or in an Email message that is designed to monitor who is reading the Web page or Email message. Web Bugs are often invisible.
Web Bugs Basics. Read more.
Web Bug Search Page. Read more.

Hotmail glitch exposes email addresses. Read more.

NSI to close hijack Hole. Read more.

Story: Don't Get Burned: Get a Firewall (Here's How). Read more.

Microsoft admits to Internet Explorer bug. Read more.

Security group going to the dogs after hoax alert. Read more.

FBI about hidden zombie network software. Read more.

Computer hackers decipher secret information on Mexico's bank scandal. Read more.

Smash virus more hype than hurt. Read more.

Sony dogged by Internet hacker spoof. Read more.

Domain Hijacking: A step-by-step guide. Read more.

U.S. Probation Office lets high-profile hacker Kevin Mitnick back online. Read more.

Avoiding future denial-of-service attacks. Read more.

Reno puts head in Carnivore's mouth. Read more.
FBI's 'Carnivore' bites online privacy. Read more.

Two accused of hacking NASA computers. Read more.

14 july

Senna Spy Auto Trojan.
This is an especial trojan, there does not exist another similar in the world !
. It auto-send files of the a infected machine to a ftp.
This allow you get files of the computer, without need manualy download and upload files. By Senna Spy.

Do you need make a Visual Basic program, with Auto-Update Support ?
VB auto update support By Senna Spy.

Lobo 1.2. Simple, yet very effective program that launches a "counter-attack" against anyone who makes the mistake of scanning you for Back Orifice servers. By Low Noise.

Ch3 backdoor linux by Champion.

IRC plugin 1_81-4 for BO2K. It is an IRC client, Channel Bot style. Is fully customizable and once logged into an IRC server, it is remotely administrable through the IRC /msg or /query commands. The bot will rejoin any channel where get kicked, reconnect on disconnect, generate random nicks on raw 432 or 433, can delete, list, copy, spawn files on remote machine through irc. Changes: Added a packet flooder for taking down connections.

'Smash' virus could attack on Friday. Read more.

More about Wintrinoo.

Network Security, Filters and Firewalls. Read more.

Security Site Handbook by Fraser.

Defending Against Sequence Number Attacks by Bellovin.

The SANS Institute: "Handling A Distributed Denial of Service Trojan Infection: Step-by-Step." Read more.

Denial of service. Read more.

RID can detect any remote software that ellicits a predefined response to a given set of packets.
Examples are:
The Trinoo distributed denial of service attack client.
The Tribal flood network distributed denial of service attack client.
The StachelDraht distributed denial of service attack client.

Anonymity and privacy on the Internet. Read more.

Super MalWare Force is a great site about vrii. SMF

L0pht Heavy Industries.
Just a bunch of hackers who got together and started working on projects together. They frequently release security advisories and utilities such as L0phtcrack, the Windows NT password auditing tool.

Default Password List Link

Were You Ready for the Melissa Virus? Read more.

Credit card fraud affects 1000's weekly. Read more.

Hack university: Learning from the pros. Read more.

the art of backdooring vol 1 by haz0r (c) 2k. Read more.

Kevin Mitnick's reversal of fortune. Read more

FBI Using Automated Internet Wiretap. Read more.

NASA Hacker Busted in N.Y. Read more.

Hacker Charged In NASA, University Break-Ins. Read more.
Man Charged with Breaking Into NASA Computers. Read more.

Techniques Adopted By 'System Crackers' When Attempting To Break Into Corporate or Sensitive Private Networks. Read more.

Scan. A Story. Read more.

Hacking: It's a love-hate relationship. Read more.

Script kiddies: The Net's cybergangs. Read more.

FBI investigates Qualcomm hacker attack. Read more.

'Carnivore' Eats Your Privacy. Read more.

13 july

Skydance 2.23 beta.

Skydance Remover.

VBS_PICA.A
This VB Script virus propagates via MS Outlook. Once executed, it sends itself out as an attachment to all contacts in the infected user's address book. Once it sends out the email, it does not do so again, even if it executed. Read more.

Trojan Security monitors 12 different ports where trojans are known to be installed. When an intruder attempts to connect to the port, Trojan Security alerts you and relays information about the attack and the attacker. It also disconnects the intruder.

Cookie Crusher controls Web browser cookies in real-time before they are placed on your hard drive.

An Introduction to PGP. Read more.

A Prime Port of Call for Hackers?
The easy passage of all kinds of data through computers' Port 80 is making it harder to build Web virus killers. Read more.

Stolen Computers Will Self-Destruct. Read more

Cracked! Part 7: The Cracker's Revenge. Read more.

Openhack gets cracked! Read more.

Learning how to hack the enemy. Read more.

VASCO's Digipass Technology Helps Fight Crime by Securing Internet Gang Database. Read more.

Open Sources:Outsourcing security. Read more.

Microsoft bids bye-bye to Java. Read more.

FBI’s system to covertly search e-mail raises privacy, legal issues. Read more.

Microsoft aims to sell developers on its new computing platform. Read more.

Internet hacking threat to national security. Read more

Mitnick gets OK to lecture, consult. Read more.

OpenSSH's Cinderella story. Read more.

Internet Attacks More Serious and Technically Complex Says Author of ''Building Internet Firewalls. Read more.

Computers Made Plain - When Checking Network Security, Can You Hire Hacker Think Tank? Read more.

12 july

Remote Explorer 2000: fixed server.

Worm and Backdoor Generator: Sensi11 by Del_Armg0.
Worm Apulia version 4.

Passive OS fingerprinting technique bases on information coming from remote host when it establishes connection to our system. Captured packets contains enough information to determine OS - and, unlike active scanners (nmap, queSO) - without sending anything to this host. Passive OS fingerprinting tool.

Fling is a new suite of internet protocols that perform the function of DNS, TCP, and UDP in a manner that's both untraceable and untappable. Fling protects clients from servers, servers from clients, and both from an eavesdropper in-between. The result is that anyone can serve or retrieve any data, without fear of censure. Read more.

Remotely Triggered Trojans.

This script will upload a trojan to an RDS vulnerable site and will execute the trojan (as long as it runs on NT).
Trojan Run Script by bansh33 of r00tabega.

Netkill - generic remote DoS attack tool. read more.

Elza is a script language, which doubles as a unique attack tool. This script language allows you to write simple scripts that mimic HTTP clients, and can be used to test HTTP servers' security.

Zombie Zapper is a free, open source tool that can tell a 'zombie' system flooding packets to stop flooding. This affectively stops Trinoo, TFN, and Stacheldraht. Read more.

Tripwire - The Only Way to Really Know. Read more.

Can anyone crawl into your computer while you're connected to the Internet? You may be VERY surprised to find out! Shields Up.

FBI system covertly searches e-mail.
The U.S. Federal Bureau of Investigation is using a superfast system called Carnivore to covertly search e-mails for messages from criminal suspects. Read more.

Security, the Way It Should Be. Read more.

Napster trap.
Napster can be tricked into letting just about any data out of a user's desktop when combined with another "wrapping" program called wrapster. Read more.

Openhack gets cracked! Read more.
eWeek: Openhack gets cracked! - E-commerce application [MiniVend] proves vulnerable in security test. Read more.

BorderManager allows unauthenticated user to surf as any authenticated user. Read more.

CheckPoint FW1 SecureRemote DoS. Read more.

New Denial of Service attacks on Windows 2000 Server. Read more.

The Love Bug.
A Wired News Collection. Read more.

Counterpane To Offer Hacker Insurance. Read more.

Hackers and viruses to cost business $1.6tn. Read more.

Sofware cracking challenge. Link.

Hacked Off.
Eight things hackers hate about you. Read more.

The DSL Experience. Read more.

It Pays to Cheat, Not Surf. Read more.

11 july

Doly 1.35.

Weekly Microsoft Security Digest. 2000/07/03 to 2000/07/09. Read more.

Weekly Linux Security Digest 2000/07/03 to 2000/07/09. Read more.

Weekly Solaris Security Digest 2000/07/03 to 2000/07/09. Read more.

Weekly Axent Security Digest 2000/07/03 to 2000/07/09. Read more.

Weekly BSD Security Digest 2000/07/03 to 2000/07/09. Read more.

Weekly Check Point Security Digest 2000/07/03 to 2000/07/09. Read more.

CERT Advisory CA-2000-13 Two Input Validation Problems In FTPD, Read more.

Microsoft's Outlook is vulnerable to Internet-borne virus attacks, the next generation of which will be able to execute on arrival and infect a system, without attachments. Read more.

Study Tallies High Expense Of Computer Viruses. Read more.

Feature: Cracked! Part 7: The Cracker's Revenge
This is the seventh part of the story of a community network that was cracked and what was done to recover from it. Complete Story

TROJ_SENNASPY.2K Read more

Virus name: VBS/COD, Aliases: Crayon of Doom, LIST.VBS, PORNLIST.DOC
This is an Internet worm written in VBScript and embedded within a Word document. This worm may arrive by MAPI email or on IRC chat from infected users. The file name is "PORNLIST.DOC". Read more

FBI Investigating Qualcomm Hacker. Read more.

Lloyd's offers hacker insurance. Read more.

British 'hacker' files case against Emirati telecoms. Read more.

10 july

Trojan Gip 1.12 modified.

Confused yet about NT passwords? Try the 7-14 rule; those numbers work better than most. Read more.

ICMP Usage in Scanning. (Pdf file)

Everything You Need to Know About Intrusion Detection' to Help Companies Protect Their Critical E-Business Assets from Hackers. Read more.

Intruder Alert: Detect and Respond to Attacks Before It's Too Late. Link

AOL/Netscape hit with privacy lawsuit. Read more.

IT Week: Microsoft tries to allay security fears. Read more.

Should you encode your e-mail? Read more.

AOL Enhances E-Mail To Protect Against Scams. Read more.

9 july

Hooker 2.52 can download files from any location in internet and start them absolutely invisible from user.
Keylog function.
Works under any Win32 platform (Win95/98/NT)

Symantec releases cyber security survey. Read more.

A Security Pitfall: the Dial-Up Modem. Read more.

It's Time to Clamp Down -- When It Comes to Data And System Security, Many Businesses Have Good Intentions. But Attacks And Other Breaches Continue to Exact A Huge Toll. Read more.

Scanning the World.
A mysterious California company is sweeping the net for live hosts, and touching off alarms around the world. Read more.

FBI Investigates Qualcomm Hacker Attack. Read more.

Sneaky new virus format has software makers scrambling. Read more.

Norton Antivirus update crashes some PCs. Read more.

Hacker insurance. Read more.

Linux World dishes dirt on ISS founder. Read more.

Accused hacker sues Mideast Internet company for defamation. Read more.

8 july

SubSeven Java Client 0.4 beta

GConvert is a powerful tool that lets you view and extract all icons from any Windows icons files such as executable, DLL, ICL, OCX, VBX, CPL, NIL, IL files... Then GConvert allows you to save your extracted icons as icon, bitmap, GIF, JPG, PNG formats or even copy them to the Windows clipboard for re-use in your applications, documents, Web pages. Link

AVP updates 07 july 2000

Lee Ashurst, the 21-year-old British resident of Dubai who was recently arrested for allegedly hacking the United Arab Emirates ISP Etisalat, has set up a support website. Link.

Russia arrests US-Lithuanian hacker-spy. Read more.

E-Signatures: Ties That Bind. Read more.

Mail.com Anti-Virus Service Interceptions Increase 580 Percent in Second Quarter. Read more.

CyberGuard Corporation Announces Release 4.3 for KnightSTAR Premium Appliance Firewall. Read more.

Defending against Outlook viruses. Read more.

No Love for Computer Bugs. Read more.

What's the hat got to do with it? Read more.

Internet Spy Bill Set at £20m. Read more.

Web Contest Challenges Hackers To Crack Site. Read more.

Engineers on hacking charges. Read more.

Interpol asks Silicon Valley for anti-hacker help. Read more.

7 july

Trojan BioNet 2.6.1a.

OpenSSH UseLogin Vulnerability. Read more.

Interpol to Get Bay Area Help Foiling Hackers. Read more.

Crypto Users Can't See FBI.gov. Read more.

Defending against Outlook viruses. Read more.

A Year Ago: Exclusive: UK hackers have an easy life. Read more.

Interpol may enlist AtomicTangerine to help with hackers . Read more.

6 july

New version of AntiLamer Toolkit Pro "Haebu CoceDA": Naebi 2.41.

Senna Spy Local Network Shared displays all shared devices in a local network.

Compromises via WU-FTP "site exec" Vulnerability.
Compromises via BIND Vulnerability.
Scans and Probes.
CERT/CC Current Activity.

Trojan Alert: DILBER Trojan.

Was Arab ISP Hack Illegal? Read more.

Closing Another IE Security Hole.
Microsoft releases patch to fix browser bug that could enable hackers to launch DoS attacks.
Read more.

By 2002, approximately 19 million people worldwide will have the skills to mount a cyber attack. Read more.

How Hackers Hack. Read more.

How To Become A Hacker. Read more.

5 july

Trojan NetSpy 2000.

How to protect your network. Read more.

New legal storm on Net horizon. Read more.

Crackers are common criminals. Read more.

Kaspersky Lab Warns Of Worm-Infected Web Pages. Read more.

Accused UAE Hacker Files Defamation Lawsuit. Read more.

Stages Virus Most Common In Survey. Read more.

Houston, We Don't Have A Problem. ….Read more.

4 july

Trojan NokNok5.

NASA disputes report that hacker endangered astronauts. Read more.

E-Commerce and Cyber Crime: New Strategies for Managing the Risks of Exploitation. Read more.

Web page virus prompts security concerns. Read more.

UK managers ignorant over danger of Internet hackers. Read more.

3 july

New version of the Doly Trojan. Doly 2.0.

Hacker risked astronauts' lives. Read more.
British astronaut's life 'endangered by hackers. Read more.

Weekly Microsoft Security Digest 2000/06/26 to 2000/07/02. Read more.

Weekly Linux Security Roundup 2000/06/26 to 2000/07/02. Read more.

Weekly Solaris Security Roundup 2000/06/26 to 2000/07/02. Read more.

2 july

MoSucker 1.1
SMS-Notify for german users (D1, D2, E-Plus) !!!
Improved IP-Scanner
Filemanager bugfixed

AVP updates 30 june 2000

British 'hacker' in UAE creates website to garner support. Read more.

Student pleads guilty to hacking government computers. Read more.

Rain Forest Puppy. Read more.

Survey - Cybercrime Concern Outweighs Precautions. Read more.

Judge: Hacker In Officer's Hands. Read more.

Teens Accused of Duping AOL Users. Read more.

1 july

New trojan Voodoo Doll. Thanks to Senna Spy.

Free Linux Firewall Released to Public. Read more.

Chat Clients and Network Security. Read more.
Chat-security concerns cited. Read more.

Student Admits Government Hacks. Read more.

Hotmail Is Victim Of E-mail Prank. Read more.

Hackers break Dreamcast safeguards, distribute games online. Read more.

Small firms at risk from hackers. Read more.

Anti-hacker site raises hackles of online underworld. Read more.


Copyright© MegaSecurity.org