SecurityFocus Microsoft Newsletter #133
From: Marc Fossi (mfossi@securityfocus.com)
Date: 04/14/03
- Previous message: Chris Alliey: "RE: How to generate a report of inactive domain user accounts"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Mon, 14 Apr 2003 12:21:31 -0600 (MDT) From: Marc Fossi <mfossi@securityfocus.com> To: Focus-MS <focus-ms@securityfocus.com>
SecurityFocus Microsoft Newsletter #133
---------------------------------------
This issue is Sponsored by: NwTech
STOPPING SPAM !!!
Prevent Spam from entering your network.
Request your Free White Paper & Security Solutions CD on how to “STOP
SPAM” from clogging your Mail Server with Junk Mail, and Viruses. Let us
show you how !
http://www.securityfocus.com/NwTech-ms-secnews
-------------------------------------------------------------------------------
I. FRONT AND CENTER
1. Steganography Revealed
2. Specter: A Commercial Honeypot Solution for Windows
3. Cryptographic File Systems, Part Two: Implementation
4. Super-DMCA Not So Bad
5. SecurityFocus DPP Program
II. MICROSOFT VULNERABILITY SUMMARY
1. SETI@home Client Program Information Disclosure Vulnerability
2. MollenSoft Hyperion FTP Server USER Command Buffer Overflow...
3. JPEGX Wizard Password Bypass Vulnerability
4. AutomatedShops WebC Script Name Remote Buffer Overrun...
5. Progress Database Error Message File Disclosure Vulnerability
6. SignHere Guestbook HTML Injection Vulnerability
7. Samba Multiple Unspecified Remote Buffer Overflow Vulnerabilities
8. Invision Board functions.php SQL Injection Vulnerability
9. Sakki Guestbook HTML Injection Vulnerability
10. AutomatedShops WebC Symbolic Link Following Configuration File...
11. Citrix ICA Client Server Key Verification Vulnerability
12. Hyperion FTP Server MKDIR Buffer Overflow Vulnerability
13. Multiple Vendor I/O System Call File Existence Weakness...
14. BRS WebWeaver Long Request Remote Denial of Service Vulnerability
15. Abyss Web Server Incomplete HTTP Request Denial Of Service...
16. SETI@home Client Program Remote Buffer Overflow Vulnerability
17. QuickFront File Disclosure Vulnerability
18. Samba 'call_trans2open' Remote Buffer Overflow Vulnerability
19. MIRC DCC Get Dialog File Spoofing Weakness
III. MICROSOFT FOCUS LIST SUMMARY
1. ISA Log file analysis software - suggestions? (Thread)
2. checking server status (Thread)
3. SUS server (Thread)
4. VPN and ISA server (Thread)
5. Federated Security Applications and Implications. (Thread)
6. Closed and Open Systems (was SUS Server) (Thread)
7. Isolating Windows Applications (Thread)
8. AW: SUS server (Thread)
IV. NEW PRODUCTS FOR MICROSOFT PLATFORMS
1. Firewall
2. Preventon Web Protect
3. ViraLock
V. NEW TOOLS FOR MICROSOFT PLATFORMS
1. wping v0.1a
2. GFI LANguard Network Security Scanner (N.S.S.) v3.0
3. Advanced Archive Password Recovery
VI. SPONSOR INFORMATION
I. FRONT AND CENTER
-------------------
1. Steganography Revealed
By Kristy Westphal
Steganography is a means of protecting the confidentiality of data by
"hiding" it within a larger file of data. This technique can be used for
both legitimate and illegitimate purposes. This article will offer a brief
introductory discussion of steganography: what it is, how it can be used,
and the implications it can have for security.
http://www.securityfocus.com/infocus/1684
2. Specter: a Commercial Honeypot Solution for Windows
by Lance Spitzner
This is the third installment in an ongoing series of articles looking at
honeypots. In the first two papers, we discussed the OpenSource honeypot
Honeyd, how it works, and a deployment in the wild. In this paper we will
look at a different honeypot, the commercially supported solution Specter.
http://www.securityfocus.com/infocus/1683
3. Cryptographic File Systems, Part Two: Implementation
by Ido Dubrawsky
This is the second article in a two-part series looking at cryptographic
filesystems. The first article in this series covered the background on
cryptographic filesystems from the underlying concepts to some of the
mechanics of those systems. This article will cover implementation. The
focus will be on implementing the Microsoft's EFS under Windows 2000 and
the Linux CryptoAPI.
http://www.securityfocus.com/infocus/1685
4. Super-DMCA Not So Bad
By Mark Rasch
The latest version of the controversial law could be a valuable weapon
against thieves and pirates.
http://www.securityfocus.com/columnists/153
5. SecurityFocus DPP Program
Attention Universities!! Sign-up now for preferred pricing on the only
global early-warning system for cyber attacks - SecurityFocus DeepSight
Threat Management System.
Click here for more information:
http://www.securityfocus.com/corporate/products/dpsection.shtml
II. BUGTRAQ SUMMARY
-------------------
1. SETI@home Client Program Information Disclosure Vulnerability
BugTraq ID: 7281
Remote: Yes
Date Published: Apr 04 2003 12:00AM
Relevant URL:
http://www.securityfocus.com/bid/7281
Summary:
SETI@home is a client program designed to run on a computer when it is not
in use. The client receives data from a central server, which it later
analyzes in search of various information. It is available for a variety
of platforms including Linux, Unix, and the Microsoft Windows operating
system.
A vulnerability has been reported in the SETI@home client program.
Specifically, sensitive information is transmitted from the client to the
server in plain text. As a result, sensitive operating system and
processor information may be disclosed to an attacker.
An attacker could exploit this system by sniffing network traffic
transmitted between the client and the server. Access to this type of
information may aid in launching attacks against the system running the
client.
This vulnerability was reported for SETI@home version 3.03.
2. MollenSoft Hyperion FTP Server USER Command Buffer Overflow Vulnerability
BugTraq ID: 7307
Remote: Yes
Date Published: Apr 08 2003 12:00AM
Relevant URL:
http://www.securityfocus.com/bid/7307
Summary:
MollenSoft Hyperion FTP Server is a server that supports basic FTP
functionality and more. It is available for the Microsoft Windows
operating systems.
MollenSoft Hyperion FTP Server reported prone to a buffer overflow
vulnerability.
Reportedly the buffer overflow results from a lack of sufficient bounds
checking performed on arguments passed to the FTP 'USER' command. If an
excessive quantity of data (> 931 bytes) is passed to the affected
command, an internal memory buffer may be overrun. This could result in
the memory adjacent to the buffer being corrupted with attacker-supplied
data.
If the adjacent memory contains values that are crucial to program
execution, the attacker may redirect execution flow, and cause the
vulnerable application to execute attacker-supplied instructions.
This vulnerability has been reported to be exploitable to trigger a DoS
condition and in some cases bypass the Hyperion FTP server authentication
mechanism.
Although unconfirmed arbitrary code execution may also be possible.
It should be noted that this vulnerability was discovered in version 3.0.0
of Hyperion FTP Server. It is not yet known whether this issue affects
earlier versions.
3. JPEGX Wizard Password Bypass Vulnerability
BugTraq ID: 7298
Remote: No
Date Published: Apr 07 2003 12:00AM
Relevant URL:
http://www.securityfocus.com/bid/7298
Summary:
JPEGX is steganography software for Microsoft Windows, it is designed to
embed encrypted data into JPEG files.
JpegX has been reported prone to a password bypass vulnerability.
It has been reported that when no password credentials are supplied if
using the JpegX wizard to decrypt data contained in JpegX JPEG files,
JpegX will decipher the file regardless.
This vulnerability may lead to sensitive information disclosure.
4. AutomatedShops WebC Script Name Remote Buffer Overrun Vulnerability
BugTraq ID: 7268
Remote: Yes
Date Published: Apr 03 2003 12:00AM
Relevant URL:
http://www.securityfocus.com/bid/7268
Summary:
WebC is the server-side scripting language interpretting engine used by
AutomatedShops products. It is available for Unix, Linux, and Microsoft
operating systems.
A problem with the program may make it possible for remote users to gain
unauthorized access to systems.
It has been reported that a boundary condition error exists in WebC.
Because of this, it may be possible for a remote attacker to gain
unauthorized access to a vulnerable host.
The problem is in the handling of long script arguments by the WebC
engine. When the program is directly invoked with a script name of
excessive length, generally 550 bytes or more, an exploitable boundary
condition error occurs. This could allow a remote attacker to execute
code with the privileges of the web server process. On UNIX systems, this
typically would result in an attacker gaining local unprivileged access,
whereas on Microsoft Systems, this could result in an attacker gaining
access to the host with the privileges of the user SYSTEM.
5. Progress Database Error Message File Disclosure Vulnerability
BugTraq ID: 7273
Remote: No
Date Published: Apr 03 2003 12:00AM
Relevant URL:
http://www.securityfocus.com/bid/7273
Summary:
Progress Database is a commercial database for Microsoft Windows and Unix
systems.
Some Progress Database binaries are reportedly installed setuid root on
Unix systems. It is possible for a local user to specify an arbitrary
path to a configuration file via environment variables, which will be
accessed with elevated privileges. The database reads all configuration
files as the root user as a result.
An unprivileged user can specify any file as a Progress configuration file
thorugh use of environment variables such as PROSTARTUP. Once the file is
set as the PROSTARTUP file, the user simply has to start the database
software causing an error message to be generated. The contents of this
error message will include the contents of the file specified as the
PROSTARTUP file.
6. SignHere Guestbook HTML Injection Vulnerability
BugTraq ID: 7289
Remote: Yes
Date Published: Apr 05 2003 12:00AM
Relevant URL:
http://www.securityfocus.com/bid/7289
Summary:
SignHere Guestbook is guestbook software implemented in ASP and
distributed by Bitstrike Software. It is available for the Microsoft
Windows operating system.
It has been reported that SignHere does not sufficiently filter
user-supplied values from the 'email' field. As a result, attackers may
embed malicious script code or HTML into SignHere posts. When a malicious
post is viewed by another user, the attacker-supplied code will be
interpreted in their web browser in the security context of the site
hosting the software.
This issue may be exploited to steal cookie-based authentication
credentials from legitimate users of the website running the vulnerable
software. The attacker may hijack the session of the legitimate by using
cookie-based authentication credentials. Other attacks are also possible.
7. Samba Multiple Unspecified Remote Buffer Overflow Vulnerabilities
BugTraq ID: 7295
Remote: Yes
Date Published: Apr 07 2003 12:00AM
Relevant URL:
http://www.securityfocus.com/bid/7295
Summary:
Samba is a freely available file and printer sharing application
maintained and developed by the Samba Development Team. Samba allows file
and printer sharing between operating systems on the Unix and Microsoft
platforms. The Samba daemon is typically run with super user privileges.
Multiple remote buffer overflow vulnerabilities have been reported for
Samba and Samba-TNG. The overflows are reported to occur in both stack and
heap-based memory. This issue occurs due to insufficient bounds checking
when copying user-supplied data to internal buffers.
Although it has not been confirmed, it is likely that these issues can be
exploited to execute arbitrary code, with the privileges of Samba (which
typically runs as root).
These issues are reported to affect Samba 2.2.8 and Samba-TNG 0.3.1.
The precise technical details regarding these vulnerabilities is currently
unknown. This BID will be updated as further information is made
available.
It should be noted that these vulnerabilities may be similar to the issue
described in BID 7294.
8. Invision Board functions.php SQL Injection Vulnerability
BugTraq ID: 7290
Remote: Yes
Date Published: Apr 05 2003 12:00AM
Relevant URL:
http://www.securityfocus.com/bid/7290
Summary:
Invision Board is web forum software. It is implemented in PHP and is
available for Unix and Linux variants and Microsoft Windows operating
systems.
An input validation error has been reported in Invision Board which may
result in the manipulation of SQL queries. This vulnerability exists in
the load_skin() function of the functions.php script file. Specifically,
the value supplied for the 'skinid' variable is not properly cast as an
integer type.
An attacker may be able to exploit this vulnerability by manipulating
'skinid' URI parameter to include malicious SQL commands and queries which
may result in information disclosure, or database corruption. The
consequences depend on the nature of specific queries. This issue may
allow the attacker to exploit latent vulnerabilities in the underlying
database.
This vulnerability was reported for Invision Board 1.1.1.
9. Sakki Guestbook HTML Injection Vulnerability
BugTraq ID: 7265
Remote: Yes
Date Published: Apr 03 2003 12:00AM
Relevant URL:
http://www.securityfocus.com/bid/7265
Summary:
Sakki Guestbook is guestbook software implemented in ASP. It is available
for the Microsoft Windows operating system.
It has been reported that Guestbook does not sufficiently filter
user-supplied values from the 'name' , 'city/state' and 'own url' fields.
As a result, attackers may embed malicious script code or HTML into
Guestbook posts. When a malicious post is viewed by another user, the
attacker-supplied code will be interpreted in their web browser in the
security context of the site hosting the software.
This issue may be exploited to steal cookie-based authentication
credentials from legitimate users of the website running the vulnerable
software. The attacker may hijack the session of the legitimate by using
cookie-based authentication credentials. Other attacks are also possible.
This vulnerability was reported for Sakki Guestbook 1.01.
10. AutomatedShops WebC Symbolic Link Following Configuration File Weakness
BugTraq ID: 7272
Remote: No
Date Published: Apr 03 2003 12:00AM
Relevant URL:
http://www.securityfocus.com/bid/7272
Summary:
WebC is the server-side scripting language interpretting engine used by
AutomatedShops products. It is available for Unix, Linux, and Microsoft
operating systems.
A problem with the program may make it possible for local users to execute
the program with a malicious configuration file.
It has been reported that WebC will execute in the directory of a symbolic
link from which it is invoked. Because of this, it may be possible for a
local user to load a configuration file that enabled dangerous variables.
When WebC is invoked, it typically loads its configuration file from the
same directory in which it is executing. An attacker could create a
symbolic link to the binary from an arbitrary directory containing a
malicious configuration file, and potentially enable debugging variables
in the program. This could aid in exploitation of other vulnerabilities,
since enabling debugging will cause the environment to be dumped to a
local file.
11. Citrix ICA Client Server Key Verification Vulnerability
BugTraq ID: 7276
Remote: Yes
Date Published: Apr 03 2003 12:00AM
Relevant URL:
http://www.securityfocus.com/bid/7276
Summary:
Citrix ICA Client is a remote desktop software package. It is available
for a number of platforms including Microsoft Windows and Unix/Linux
variants. ICA Client implements the ICA protocol.
A vulnerability has been reported in the Citrix ICA Client. When the ICA
client initiates a session with the server, the client does not validate
the server's public key in any way, allowing for potential man in the
middle attacks.
An attacker could therefore cause the ICA client to connect to a server
under their control and send the client a public key to which they possess
the private key.
12. Hyperion FTP Server MKDIR Buffer Overflow Vulnerability
BugTraq ID: 7278
Remote: Yes
Date Published: Apr 04 2003 12:00AM
Relevant URL:
http://www.securityfocus.com/bid/7278
Summary:
Hyperion FTP Server is an FTP server for Microsoft Windows platforms.
Hyperion FTP Server is prone to a remotely exploitable buffer overflow
condition. This is due to insufficient bounds checking of FTP 'mkdir'
commands. It is possible to trigger the condition by submitting a
malformed 'mkdir' command with a directory string that is 251+ bytes in
length. This will permit an authenticated FTP user to corrupt sensitive
regions of memory with malicious values.
It may be possible to exploit this vulnerability to execute malicious
instructions in the context of the FTP server. The FTP server is
typically run with SYSTEM privileges.
This issue may be related to BID 6467.
13. Multiple Vendor I/O System Call File Existence Weakness
BugTraq ID: 7279
Remote: No
Date Published: Apr 04 2003 12:00AM
Relevant URL:
http://www.securityfocus.com/bid/7279
Summary:
A weakness has been discovered in the implementation of various I/O system
calls. The problem occurs due to varying error return times, when
accessing existent and non-existent files. This issue has been confirmed
to affect the open() system call, however it is likely that other similar
calls are also affected.
An attacker could exploit this vulnerability by calling the open() system
call on unreadable files. By making requests for various unreadable files,
it may be possible for an attacker to deduce a timing window that can be
used to verify the existence of the file.
It should be noted that a fix for this weakness might not be plausible, as
the kernel is meant to be as efficient as possible. However, the specific
problem may occur due to a differing sequence of events while attempting
to access non-existent files. A solution may be to have an identical
sequence of permission checking on directories, before checking for the
file.
It has been reported that this weakness has successfully been exploited on
various Linux and BSD releases. However, this weakness likely exists in
other operating systems including Sun Solaris and Microsoft Windows.
14. BRS WebWeaver Long Request Remote Denial of Service Vulnerability
BugTraq ID: 7280
Remote: Yes
Date Published: Apr 04 2003 12:00AM
Relevant URL:
http://www.securityfocus.com/bid/7280
Summary:
BRS WebWeaver is a small personal web server available for the Microsoft
Windows operating systems.
A denial of service vulnerability has been discovered BRS WebWeaver. The
problem occurs when a request is made for a URL containing excessive data.
Specifically, making a request containing 2499361 bytes of data will cause
the server to consume all available memory.
Exploitation of this vulnerability may allow an anonymous remote attacker
to crash a vulnerable service and possibly the entire system. This will
effectively deny service to other legitimate users.
15. Abyss Web Server Incomplete HTTP Request Denial Of Service Vulnerability
BugTraq ID: 7287
Remote: Yes
Date Published: Apr 05 2003 12:00AM
Relevant URL:
http://www.securityfocus.com/bid/7287
Summary:
Abyss Web Server is a freely available personal web server. It is
maintained by Aprelium Technologies and runs on Microsoft Windows
operating systems, as well as Linux.
A denial of service vulnerability has been reported for Abyss Web Server.
The vulnerability exists when Abyss attempts to parse certain incomplete
HTTP headers. Specifically, if the 'Connection:' and 'Range:' HTTP headers
are blank, the web server will crash.
An attacker can exploit this vulnerability by connecting to a vulnerable
server and sending blank 'Connection:' and 'Range:' HTTP headers. This
will result in a denial of service condition.
This vulnerability was reported for Abyss Web Server 1.1.2.
16. SETI@home Client Program Remote Buffer Overflow Vulnerability
BugTraq ID: 7292
Remote: Yes
Date Published: Apr 06 2003 12:00AM
Relevant URL:
http://www.securityfocus.com/bid/7292
Summary:
SETI@home is a client program designed to run on a computer when it is not
in use. The client receives data from a central server, which it later
analyzes in search of various information. It is available for a variety
of platforms including Linux, Unix, and the Microsoft Windows operating
system.
A vulnerability has been discovered in the SETI@home client program. Due
to insufficient bounds checking when processing server data, it may be
possible for a remote attacker to trigger a buffer overflow.
This issue could be exploited by forging an HTTP request which mimics a
server response handler. When a vulnerable client attempts to process the
malicious server response, a buffer overflow will be triggered.
Successful exploitatation of this issue may allow an attacker to execute
arbitrary commands on a target system, with the privileges of the user
invoking the software.
This vulnerability affects SETI@home clients prior to 3.08.
17. QuickFront File Disclosure Vulnerability
BugTraq ID: 7308
Remote: Yes
Date Published: Apr 09 2003 12:00AM
Relevant URL:
http://www.securityfocus.com/bid/7308
Summary:
QuickFront is a tool that is a tool that allows e-mail searches using a
web browser. It is marketed as a Microsoft Exchange add-on product.
A vulnerability has been reported for QuickFront that will result in the
disclosure of sensitive system resources to remote attackers.
QuickFront does not properly sanitize user-supplied input. Specifically,
directory traversal sequences such as '../' to HTTP requests are not
removed.
A remote attacker is able to exploit this vulnerability by issuing a HTTP
request which includes directory traversal sequences. Upon receiving such
a request, the QuickFront web server will return the requested resource.
Information gathered in such a way may be used to launch further attacks
against the webserver.
This vulnerability was reported for QuickFront 1.0.0.189.
18. Samba 'call_trans2open' Remote Buffer Overflow Vulnerability
BugTraq ID: 7294
Remote: Yes
Date Published: Apr 07 2003 12:00AM
Relevant URL:
http://www.securityfocus.com/bid/7294
Summary:
Samba is a freely available file and printer sharing application
maintained and developed by the Samba Development Team. Samba allows file
and printer sharing between operating systems on the Unix and Microsoft
platforms. The Samba daemon is typically run with super user privileges.
A buffer overflow vulnerability has been reported for Samba that could
allow an anonymous remote attacker to execute arbitrary code.
The vulnerability occurs in the 'call_trans2open()' function when copying
data into a 1024 byte static buffer. Sufficient bounds checking is not
performed when a call to the 'Strncpy()' function is invoked. The length
argument supplied to 'Strncpy()' is exactly the length of the
user-supplied data. As a result, an attacker could exploit this
vulnerability by sending data in excess of 1024 bytes.
Successful exploitation of this vulnerability could allow an anonymous
attacker to overwrite sensitive stack variables, including the
'open_trans2open()' functions' saved return address. The ability to
influence sensitive memory could be leveraged by the attacker to execute
arbitrary code with the privileges of the Samba server process.
19. MIRC DCC Get Dialog File Spoofing Weakness
BugTraq ID: 7304
Remote: Yes
Date Published: Apr 08 2003 12:00AM
Relevant URL:
http://www.securityfocus.com/bid/7304
Summary:
mIRC is a chat client for the IRC protocol, designed for Microsoft Windows
based operating systems.
It has been reported that it is possible to spoof file extensions in
mIRC's DCC Get dialog. A malicious IRC user could construct a filename
with a "safe" extension such as .jpg or .txt, followed by a number of
"alt+0160" characters to create whitespace, followed by the real
extension. When this file is displayed in the DCC GET dialog, the real
extension will not be displayed. The issue occurs because the DCC GET
dialog will truncate filenames if they are too long. This will only work
if the real extension is not on an ignore list.
This could be exploited to trick a user into thinking a malicious file is
safe, which may create a false sense of security and cause the user to
open the file.
III. MICROSOFT FOCUS LIST SUMMARY
---------------------------------
1. ISA Log file analysis software - suggestions? (Thread)
Relevant URL:
http://online.securityfocus.com/archive/88/318102
2. checking server status (Thread)
Relevant URL:
http://online.securityfocus.com/archive/88/318179
3. SUS server (Thread)
Relevant URL:
http://online.securityfocus.com/archive/88/318068
4. VPN and ISA server (Thread)
Relevant URL:
http://online.securityfocus.com/archive/88/317934
5. Federated Security Applications and Implications. (Thread)
Relevant URL:
http://online.securityfocus.com/archive/88/317927
6. Closed and Open Systems (was SUS Server) (Thread)
Relevant URL:
http://online.securityfocus.com/archive/88/317810
7. Isolating Windows Applications (Thread)
Relevant URL:
http://online.securityfocus.com/archive/88/317744
8. AW: SUS server (Thread)
Relevant URL:
http://online.securityfocus.com/archive/88/317543
IV. NEW PRODUCTS FOR MICROSOFT PLATFORMS
----------------------------------------
1. Firewall
by Ashley Laurent Inc
Platforms: MacOS, Windows 2000, Windows 95/98, Windows NT
Relevant URL:
http://www.ashleylaurent.com/products/firewall_specs.htm
Summary:
The Firewall enables the user to create an Internet access policy for a
single or multiple devices: Packet Filtering, Intrusion Detection, Content
Selection, Permissive or Restrictive Policy Methodology ,Domain
Validation, Newsgroup Validation, Content Inspection, Lifestyle Adaptive
Policy, Network Address Translation (NAT), Internal DHCP Server, Traffic
Scheduling and Priority Queuing
2. Preventon Web Protect
by PreventonTechnologies Ltd.
Platforms: Windows 2000, Windows 95/98, Windows XP
Relevant URL:
http://www.preventon.com/webprotect/
Summary:
Preventon Web Protect is an advanced defence system for protecting your
website against attack! This exceptional security software provides
control over the communications between the Internet and your web server
by filtering out malicious attacks that it recognises, including: worm
attacks, buffer overflows attacks, unauthorised page uploads, and many
others!
3. ViraLock
by SentryBay Corporation
Platforms: Windows 2000, Windows 95/98, Windows NT, Windows XP
Relevant URL:
http://www.viralock.com/
Summary:
For use by individuals and small businesses --and with a network version
in development, ViraLock encrypts addresses found in e-mail programs so
that a virus cannot replicate by sending itself out. While current
anti-virus software blocks known viruses from entering, ViraLock prevents
all viruses, known or unknown, from using e-mail addresses to spread by
exiting to other computers. In so doing, ViraLock also blocks the
potential loss of confidential information. We like to think of it as the
first "virus-locking" software and the missing half of the anti-virus
solution.
V. NEW TOOLS FOR MICROSOFT PLATFORMS
-------------------------------------
1. wping v0.1a
by x-router
Relevant URL:
http://www.x-router.com
Platforms: Perl (any system supporting perl)
Summary:
wping is a Web-based graphical ping log. It logs ping response times to a
user-defined list of hosts and produces a Web page that contains a current
ping graph and a historic ping graph over a specified time period. Ping
response times are averaged in order to give a smooth reading.
2. GFI LANguard Network Security Scanner (N.S.S.) v3.0
by GFI
Relevant URL:
http://www.gfisoftware.com/lannetscan/index.htm
Platforms: Windows 2000, Windows 95/98, Windows NT, Windows XP
Summary:
GFI LANguard Network Security Scanner (N.S.S.) is a tool that checks your
network for all potential methods that a hacker might use to attack your
network. By analyzing the operating system and the applications running on
your network, GFI LANguard N.S.S. identifies possible security holes in
your network. In other words, it plays the devil's advocate and alerts you
to weaknesses before a hacker can find them, enabling you to deal with
these issues before a hacker can exploit them.
3. Advanced Archive Password Recovery
by Elcom Ltd.
Relevant URL:
http://www.elcomsoft.com/archpr.html
Platforms: Windows 2000, Windows 95/98, Windows NT
Summary:
A program for recovering lost or forgotten passwords for ZIP (PKZip,
WinZip), ARJ (WinARJ), RAR (WinRAR) and ACE (WinACE) archives. Supports
the customizable "brute-force" attack, effectively optimized for speed
(for ZIP, up to ten million passwords per second on Pentium III);
dictionary-based attack, and very fast and effective known-plaintext
attack. Multilanguage interface is provided.
VI. SPONSOR INFORMATION
-----------------------
This issue is Sponsored by: NwTech
STOPPING SPAM !!!
Prevent Spam from entering your network.
Request your Free White Paper & Security Solutions CD on how to “STOP
SPAM” from clogging your Mail Server with Junk Mail, and Viruses. Let us
show you how !
http://www.securityfocus.com/NwTech-ms-secnews
-------------------------------------------------------------------------------
----------------------------------------------------------------------
Block Spam, Smut & Viruses
SurfControl E-mail Filter for SMTP & Exchange leverages multiple layers of
technology including filtering embedded and attached file content. Rid your
enterprise of unwanted content.
http://www.securityfocus.com/SurfControl-focus-ms2
Download your free fully functional trial, complete with 30-days of free
technical support.
----------------------------------------------------------------------
- Previous message: Chris Alliey: "RE: How to generate a report of inactive domain user accounts"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
