[TOOL] EckBox - TEMPEST Software Package

• Previous message: SecuriTeam: "[NEWS] RealNetworks Helix Server 9 Administration Server Buffer Overflow"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

To: list@securiteam.com
Date: 25 Mar 2004 17:37:00 +0200

The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com
- - promotion

The SecuriTeam alerts list - Free, Accurate, Independent.

Get your security news from a reliable source.
http://www.securiteam.com/mailinglist.html

- - - - - - - - -

  EckBox - TEMPEST Software Package
------------------------------------------------------------------------

SUMMARY

DETAILS

EckBox is a piece software designed to aid in a specific type of security
testing against a spying attack known as van Eck Phreaking or TEMPEST. It
involves picking up radiation leaking from an electronic device, such as a
monitor, and interpreting the signal to recreate the data contained in the
device. This can be thought of as a sort of shoulder surfing. EckBox is
the first and only open-source software designed that helps to test
against this kind of attack (and we might point out that a van Eck
Phreaking attack is far easier, less time consuming, and less costly than
trying to dictionary or brute force almost any encryption).

ADDITIONAL INFORMATION

The tool can be downloaded from: <http://eckbox.sourceforge.net/>
http://eckbox.sourceforge.net/.

========================================

This bulletin is sent to members of the SecuriTeam mailing list.
To unsubscribe from the list, send mail with an empty subject line and body to: list-unsubscribe@securiteam.com
In order to subscribe to the mailing list, simply forward this email to: list-subscribe@securiteam.com

====================
====================

DISCLAIMER:
The information in this bulletin is provided "AS IS" without warranty of any kind.
In no event shall we be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages.

• Previous message: SecuriTeam: "[NEWS] RealNetworks Helix Server 9 Administration Server Buffer Overflow"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages [REVS] Understanding and Preventing DNS-related Attacks by Phishers ... The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com ... This paper, extending the original material of "The Phishing Guide", ... Internet-based customers are dependent upon, and how they can be exploited ... This paper focuses upon a recent group of attack vectors used by criminals ... (Securiteam) [NT] Microsoft Outlook Web Access XSS (MS08-039) ... The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com ... Web Access (OWA) 2003/2007. ... Exchange Server 2007, Exchange Server 2007 SP1) ... An attacker can craft a malicious email which contains the attack strings ... (Securiteam) [REVS] Multiple Collisions attack on MD5 and other Hashing Algorithms ... The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com ... This collision attack might someday introduce a weakness in MD5 ... The presented attack can find many real collisions which are ... (Securiteam) [NEWS] Common DNS Misconfiguration can Lead to "same Site" Scripting ... The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com ... attack is trivial, for example, from a shared UNIX system, an attacker ... via) a machine that hosts another website, ... configurations for domains that host websites that rely on HTTP state ... (Securiteam) [NT] Windows 2000/2003 SYN DoS Attack Protection ... The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com ... Windows 2000/2003 SYN DoS Attack Protection ... The vulnerability resides in the hash table management, ... (Securiteam)