Virus Alerts

U will probably need to “morphine” your evil apps before you run them on an AV protected machine - download morphine from hxdef.org; might as well pick up a copy of hf’s rootkit while your there…
Richard
- every1 say: “thankyou HF!”
—–Original Message—–
From: Matt Reid [mailto:matthew@servepath.com]
Sent: Saturday, 6 August 2005 8:06 AM
To: Omar Herrera; pen-test@securityfocus.com
Subject: Re: All of the things you need to learn to be a pen-tester (Re: Pen t est basic needs)
Hi all,
Here is a basic list of some progs to use for pen-testing. If anyone
wants to add some on here in the respective categories we could get a
really good list going for pen-testers!
-Matt Reid
*Port Scanners*
Amap – versioning port scanner
NMap – general purpose port scanner
pPscan – proxy port scanner
*
Vuln Scanners*
Nessus – general vul. scanner
DNAscan – for ASP
Owa – Outlook Web
Nikto – http vulns
*Brute Forcers & Crackers*
John the Ripper – password cracker
WlGen – word list generator
Hydra – multi-protocol authentication brute forcer
*DNS enumeration*
Ghba – RDNS scanner
Dig – DNS lookup util
Nslookup – interactive name server query engine
*Loggers*
Tcpdump – network traffic dumper
Ethereal – network traffic analyzer – use in conjunction with tcpdump
Kismet – wifi traffic analyzer
*Dicts [to concat into larger file]*
Argon – 2GB dict file
Cracklib - another good one
Word.lst - word list
*Trojans & Rootkits*
BackOrifice - Back Orifice is not a virus. It is in essence a remote
administration tool.
LRK – Linux-kernel Root Kit
Netbus - NetBus runs under the NT operating system as well as Win95/98
*Firewall Throughpass*
Firewalk – trace packets through firewall filters
——————————————————————————
FREE WHITE PAPER - Wireless LAN Security: What Hackers Know That You Don’t
Learn the hacker’s secrets that compromise wireless LANs. Secure your
WLAN by understanding these threats, available hacking tools and proven
countermeasures. Defend your WLAN against man-in-the-Middle attacks and
session hijacking, denial-of-service, rogue access points, identity
thefts and MAC spoofing. Request your complimentary white paper at:
http://www.securityfocus.com/sponsor/AirDefense_pen-test_050801
——————————————————————————-

!+!+!+!+!+!+!+!+!+!+!+!+!+!+!+!+!+!+!+!+!+!+!+!+!+!+!+
CryptoMail provides free end-to-end message encryption.
http://www.cryptomail.org/ Ensure your right to privacy.
Traditional email messages are not secure. They are sent as
clear-text and thus are readable by anyone with the motivation
to acquire a copy.
!+!+!+!+!+!+!+!+!+!+!+!+!+!+!+!+!+!+!+!+!+!+!+!+!+!+!+

——————————————————————————
FREE WHITE PAPER - Wireless LAN Security: What Hackers Know That You Don’t

Learn the hacker’s secrets that compromise wireless LANs. Secure your
WLAN by understanding these threats, available hacking tools and proven
countermeasures. Defend your WLAN against man-in-the-Middle attacks and
session hijacking, denial-of-service, rogue access points, identity
thefts and MAC spoofing. Request your complimentary white paper at:

http://www.securityfocus.com/sponsor/AirDefense_pen-test_050801
——————————————————————————-

IIS has a simple and not particularly secure firewall. It is a hell of
a lot better but it is definitely not up there for security

Vs-ftp is considered good if patches (like everything)

IIS FTP has had numerous vulnerabilities, especially in the past - the
default proxy forwarding was a good one

CSW

—–Original Message—–
From: Roger A. Grimes [mailto:roger@banneretcs.com]
Sent: 23 July 2005 2:54
To: Leon; security-basics@securityfocus.com
Subject: RE: ftp server windows

IIS’s FTP is an excellent, secure FTP server. I don’t know of any
exploits against it ever other than one obscure client-side
cross-scripting type of attack that was never publicly exploited.

I’ve been running it for years and never a single problem.

Roger

************************************************************************
***
*Roger A. Grimes, Banneret Computer Security, Computer Security
Consultant *CPA, CISSP, MCSE: Security (NT/2000/2003/MVP), CNE (3/4),
CEH, CHFI
*email: roger@banneretcs.com
*cell: 757-615-3355
*Author of Malicious Mobile Code: Virus Protection for Windows by
O’Reilly *http://www.oreilly.com/catalog/malmobcode
*Author of Honeypots for Windows (Apress)
*http://www.apress.com/book/bookDisplay.html?bID=281
************************************************************************
****

—–Original Message—–
From: Leon [mailto:roastin@yahoo.com]
Sent: Thursday, July 21, 2005 8:19 PM
To: security-basics@securityfocus.com
Subject: ftp server windows

Does anyone know of a good ftp sever for windows with a good security
track record. WS_FTP is out because of the last vuln where not only did
they not address the issue when it was posted on bugtraq but it took
them close to 3 weeks to come up with a patch.

I have been told about serv-u and bulletproof. Are there any others
that I should be aware of (with a good history any can google ftp server
windows).

Thanks

____________________________________________________
Start your day with Yahoo! - make it your home page
http://www.yahoo.com/r/hs

The following column was published on SecurityFocus today:

Sony’s legal issues
by Mark Rasch
2005-11-14

Sony is in the spotlight over the rootkit they distribute on some of
their music CDs, and it bring up interesting legal issues relating to
EULAs and enforcement by the FTC.

http://www.securityfocus.com/columnists/369