SecurityFocus Linux Newsletter #132

SecurityFocus Linux Newsletter #132

This Issue is Sponsored By: SpiDynamics

FREE White Paper: "How A Hacker Launches A Web App Attack!" Learn why 70% of today's successful hacks involve Web Application attacks such as: SQL Injection, XSS, Cookie Manipulation, and Parameter Manipulation.

All undetectable by Firewalls and IDS!

Download *FREE* white paper from SPI Dynamics for a complete guide to protection!

Visit us at: http://www.spidynamics.com/mktg/webappsecurity103

I. FRONT AND CENTER

1. Security Tools: From Mermaids to Suckling Pigs
2. Malware Myths and Misinformation, Part One
3. Securing Apache: Step-by-Step
4. U.S. Information Security Law, Part 3
5. Relax, It Was a Honeypot II. LINUX VULNERABILITY SUMMARY
6. Lgames LTris Local Memory Corruption Vulnerability
7. BitchX Mode Change Denial Of Service Vulnerability
8. PHPNuke Web_Links Module Remote SQL Injection Vulnerability
9. Boa Webserver File Disclosure Vulnerability
10. KDE Kopete GPG Plugin Remote Command Execution Vulnerability
11. Firebird GDS_Inet_Server Interbase Environment Variable Buffe...
12. Best Practical Solutions RT HTML Injection Vulnerability
13. PHP-Nuke Modules.PHP Username URI Parameter Cross Site...
14. PHP-Nuke Multiple Downloads Module SQL Injection Vulnerabilities
15. AIX Sendmail Open Relay Default Configuration Weakness...
16. Netscape Navigator False URL Information Vulnerability
17. vBulletin Private Message HTML Injection Vulnerability
18. Inktomi Traffic Server Cross-Site Scripting Vulnerability III. LINUX FOCUS LIST SUMMARY
19. AW: IPChains Question (compatibility mode on kernel 2.4.x)...
20. IPChains Question (compatibility mode on kernel 2.4.x) (Thread)
21. how to check current backlog queue size(against synflood)... IV. NEW PRODUCTS FOR LINUX PLATFORMS
22. EncrLib ECC Cryptographic Library
23. SelectAccess
24. SSP XBoard-440
25. NEW TOOLS FOR LINUX PLATFORMS
26. WifiScanner v0.9.0
27. Ginsu Chat Client v0.4.7
28. phpBandwidth Monitor v1.5 VI. SPONSOR INFORMATION
29. FRONT AND CENTER

    ---

30. Security Tools: From Mermaids to Suckling Pigs By Scott Granneman

The recent Nmap-hackers survey provides a glimpse of what security professionals are packing in their tool-belts these days.

Do you need help?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

2. Malware Myths and Misinformation, Part One

By David Harley

This article is the first of a three-part series looking at some of the myths and misconceptions that undermine anti-virus protection. The fallacies we address here tend to begin with the words "I'm safe from viruses because..."

http://www.securityfocus.com/infocus/1695

3. Securing Apache: Step-by-Step
By Artur Maj

This article shows in a step-by-step fashion, how to install and configure the Apache 1.3.x Web server in order to mitigate or avoid successful break-in when new vulnerabilities in this software are found.

4. U.S. Information Security Law, Part 3 By Steven Robinson
This is the third part of a four-part series looking at U.S. information security laws and the way those laws affect security professionals. In this installment, we will look at the basics of the criminal information security law.

http://www.securityfocus.com/infocus/1693

Do you need more help?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

5. Relax, It Was a Honeypot
By Tim Mullen

A security company cleverly tricks hackers into compromising one of its distribution sites. Really.

http://www.securityfocus.com/columnists/162

II. BUGTRAQ SUMMARY

1. Lgames LTris Local Memory Corruption Vulnerability BugTraq ID: 7537 Remote: No Date Published: May 09 2003 12:00AM Relevant URL: http://www.securityfocus.com/bid/7537 Summary:

LTris is a Tetris clone written for Linux variant and BSD operating systems. It is maintained by LGames.

A memory corruption vulnerability has been reported for LTris that may result in a local attacker obtaining elevated privileges.

An attacker can exploit this vulnerability by creating an overly long $HOME environment variable, consisting of at least 520 bytes. The attacker then invokes /usr/local/share/ltris and the vulnerability is triggered resulting in the corruption of sensitive memory and the execution of attacker-supplied code. Any code to be executed will be executed with group 'games' privileges.

This vulnerability was reported to affect LTris installed on FreeBSD systems. It is likely that other systems are also affected.

Can we help you?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

2. BitchX Mode Change Denial Of Service Vulnerability BugTraq ID: 7551
Remote: Yes
Date Published: May 10 2003 12:00AM
Relevant URL:
http://www.securityfocus.com/bid/7551
Summary:

BitchX is a freely available, open source IRC client. It is available for Unix, Linux, and Microsoft operating systems.

A denial of service vulnerability has been reported for BitchX. It is possible to cause BitchX to crash when certain mode changes are made.

The vulnerability exists in the names.c source file where a check is not made for any arguments provided with a mode change.

The precise details of this vulnerability are currently unknown. This BID will be updated as more information becomes available.

This vulnerability affects BitchX cvs versions prior to 05/09/2003.

3. PHPNuke Web_Links Module Remote SQL Injection Vulnerability BugTraq ID: 7558
Remote: Yes
Date Published: May 12 2003 12:00AM
Relevant URL:
http://www.securityfocus.com/bid/7558
Summary:

PHPNuke is a freely available, open source content management system written in PHP. It is available for Unix, Linux, and Microsoft Operating Systems.

Can't find what you're looking for?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

It has been reported that multiple input validation bugs exist in the Web_Links module used by PHPNuke.

The problem is in the sanitizing of data passed to construct database queries. Insufficient sanity checks are performed by the Web_Links module, making it possible to inject SQL code into the database behind PHPNuke. This issue could be exploited to gain access to potentially sensitive information contained in the database with the privileges of the web application. Compromise of the web forums may also be possible. Consequences could vary depending on the the queries involved and the capabilities of the underlying database implementation.

These issues could be especially dangerous for databases that support the UNION function, allowing for execution of multiple queries. It should also be noted that an additional 20 instances of SQL injection vulnerabilities exist in this module.

4. Boa Webserver File Disclosure Vulnerability BugTraq ID: 7544
Remote: Yes
Date Published: May 09 2003 12:00AM
Relevant URL:
http://www.securityfocus.com/bid/7544
Summary:

Boa is a single-tasking a high performance web server for Unix based systems.

Boa webserver has been reported prone to a file disclosure vulnerability. The issue presents itself due to a lack of sufficient sanitization performed on user supplied HTTP requests.

Reportedly an attacker may exploit this vulnerability by submitting a HTTP request that contains dot-dot (../..) directory traversal sequences designed to break out of the web root and access a webserver readable file on the vulnerable system. Reportedly the file contents will be displayed in the attacker's browser.

It should be noted that Boa webserver version '0.92r' on the 'PowerLinkT WAN Aggregator' appliance has been reported vulnerable. It is not yet confirmed if other platforms are vulnerable; this issue was not reproducible on Boa webserver version '0.92r' compiled and installed on Red Hat Linux 6.2.

Don't know where to look next?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

This issue may be related to the vulnerability reported in BID 1770.

5. KDE Kopete GPG Plugin Remote Command Execution Vulnerability BugTraq ID: 7536
Remote: Yes
Date Published: May 08 2003 12:00AM
Relevant URL:
http://www.securityfocus.com/bid/7536
Summary:

Kopete is a freely available, open source instant messaging client. It is available for the Linux Operating Systems.

A problem with kopete may make unauthorized command execution possible.

It has been reported that kopete does not properly sanitize input from remote users under some circumstances. Because of this, an attacker may be able to execute arbitrary commands on a vulnerable version of the client.

The problem is in the handling of GPG signed messages. When the kopete client is used with the GPG plugin, the plugin does not properly sanitize messages from remote users. This input will be passed as command line parameters to the GPG program. This could result in the execution of commands with the privileges of the kopete user.

It should be noted that the kopete plugin is not enabled by default.

6. Firebird GDS_Inet_Server Interbase Environment Variable Buffer Overflow Vulnerability BugTraq ID: 7546
Remote: No
Date Published: May 10 2003 12:00AM
Relevant URL:
http://www.securityfocus.com/bid/7546
Summary:

Confused? Frustrated?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

Interbase is a database distributed and maintained by Borland. It is available for Unix and Linux operating systems. As Firebird is based on Borland/Inprise Interbase source code, it is very likely that Interbase is prone to this issue also.

A problem with Firebird could make it possible for a local user to gain elevated privileges.

A buffer overflow has been discovered in the setuid root program gds_inet_server, packaged with Firebird. This problem could allow a local user to execute the program with strings of arbitrary length. By using a custom crafted string, the attacker could overwrite stack memory, including the return address of a function, and potentially execute arbitrary code as root.

The vulnerability occurs in the INTERBASE environment variable. When the gds_inet_server program is executed with a string of arbitrary length (typically 500 or more bytes) in the INTERBASE environment variable, the result in an exploitable buffer overflow.

This could make it possible for a local user to gain administrative access.

7. Best Practical Solutions RT HTML Injection Vulnerability BugTraq ID: 7509
Remote: Yes
Date Published: May 08 2003 12:00AM
Relevant URL:
http://www.securityfocus.com/bid/7509
Summary:

RT (Request Tracker) is a ticketing system implemented in Perl. It is distributed by Best Practical Solutions and is available for a variety of platforms including Microsoft Windows and Linux variant systems.

A vulnerability has been discovered in RT which may make it prone to HTML injection attacks.

Call Pantek today for Open Source Technical Support at 1-877-546-8934 - 24/7/365

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

The vulnerability exists due to insufficient sanitization of user-supplied values. Specifically, the content included in message bodies is not properly sanitized of malicious HTML code.

This lack of sanitization provides an opportunity for an attacker to launch HTML injection attacks against the vulnerable site hosting RT. It is possible for a remote attacker to create a malicious ticket containing script code that will be executed in the browser of a legitimate user.

Any attacker-supplied code will be executed within the context of the website running RT.

This issue may be exploited to steal cookie-based authentication credentials from legitimate users of the website running the vulnerable software. The attacker may hijack the session of the legitimate by using cookie-based authentication credentials. Other attacks are also possible.

This vulnerability was reported for RT 1.0.7 and earlier.

8. PHP-Nuke Modules.PHP Username URI Parameter Cross Site Scripting Vulnerability BugTraq ID: 7570
Remote: Yes
Date Published: May 13 2003 12:00AM
Relevant URL:
http://www.securityfocus.com/bid/7570
Summary:

PHP-Nuke is a freely available, open source content management system written in PHP. It is available for Unix, Linux, and Microsoft Operating Systems.

A cross site scripting vulnerability has been reported for PHP-Nuke. Specifically, PHP-Nuke does not sufficiently sanitize user-supplied input for the 'username' URI parameter to the modules.php script.

Do you need help?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

As a result of this deficiency, it is possible for a remote attacker to create a malicious link containing script code that will be executed in the browser of a legitimate user. Specifically the attacker can pass malicious HTML code as a value for the 'username' URI parameter supplied to the 'modules.php' page. All code will be executed within the context of the website running PHP-Nuke.

This may allow for theft of cookie-based authentication credentials and other attacks.

This vulnerability was reported to affect PHP-Nuke version 6.5.

9. PHP-Nuke Multiple Downloads Module SQL Injection Vulnerabilities BugTraq ID: 7588
Remote: Yes
Date Published: May 13 2003 12:00AM
Relevant URL:
http://www.securityfocus.com/bid/7588
Summary:

PHP-Nuke is a web-based portal system. Implemented in PHP, it is available for a range of systems, including Unix, Linux, and Microsoft Windows.

PHP-Nuke is reportedly prone to multiple SQL injection vulnerabilities in the Downloads. User-supplied input is included in SQL queries made by the module without being sanitized.

Exploitation could allow for injection of malicious SQL syntax, resulting in modification of SQL query logic or other attacks. Consequences will vary depending on the specific queries and the capabilities of the underlying database implementation. At the very minimum it may be possible to gain access to sensitive information that is stored in the database.

1. AIX Sendmail Open Relay Default Configuration Weakness BugTraq ID: 7580 Remote: Yes Date Published: May 13 2003 12:00AM Relevant URL: http://www.securityfocus.com/bid/7580 Summary:

Sendmail is a freely available, open source mail transport agent. It is available for various UNIX and Linux operating systems.

Do you need more help?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

A problem with the default sendmail implementation on AIX systems may lead to violations in security policy.

It has been reported that the default sendmail configuration on AIX systems enables promiscuous e-mail relaying options. Because of this, a remote attacker may be able to use the e-mail server to obscure the origins of e-mail.

The problem is in the default sendmail.cf deployed with AIX. The sendmail.cf enables options that can allow anonymous remote users to relay e-mail through AIX systems. This could be used for spam, e-mail attacks, or other nefarious purposes.

1. Netscape Navigator False URL Information Vulnerability BugTraq ID: 7564 Remote: Yes Date Published: May 13 2003 12:00AM Relevant URL: http://www.securityfocus.com/bid/7564 Summary:

Netscape is a web browser that is available for a number of platforms, including Microsoft Windows and Unix and Linux variants.

An issue has been reported for Netscape Navigator that may result in a false sense of security for a user.

Due to the way Netscape handles the history.back() function, the URL displayed on the 'location bar' will not correspond to the actual URL of the site displayed in the browser window. As a result, a malicious attacker can exploit this issue to entice a user to visit a web site and make them believe they are at known or trusted page.

This vulnerability was reported for Netscape Navigator 7.02 for Windows operating systems.

1. vBulletin Private Message HTML Injection Vulnerability BugTraq ID: 7594 Remote: Yes Date Published: May 14 2003 12:00AM Relevant URL: http://www.securityfocus.com/bid/7594 Summary:

vBulletin is commercial web forum software written in PHP and back-ended by a MySQL database. It will run on most Linux and Unix variants, as well as Microsoft operating systems.

Can we help you?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

A vulnerability has been reported for vBulletin 3.0.0. beta 2 which may make it prone to HTML injection attacks. The problem is said to occur while previewing private messages.

Specifically, private messages may not be sufficiently sanitized of malicious content. This may make it possible for an attacker to place HTML or script code within a private message for another user. When the legitimate forum user attempts to preview the message the malicious code will be interpreted by their browser.

Attackers may potentially exploit this issue to manipulate web content or to steal cookie-based authentication credentials. It may be possible to take arbitrary actions as the victim user.

1. Inktomi Traffic Server Cross-Site Scripting Vulnerability BugTraq ID: 7596 Remote: Yes Date Published: May 14 2003 12:00AM Relevant URL: http://www.securityfocus.com/bid/7596 Summary:

Inktomi Traffic Server is a transparent web caching application. It is designed for use with Unix and Linux variants as well as Microsoft Windows operating environments.

Inktomi Traffic Server is prone to a cross-site scripting vulnerability. This is due to insufficient sanitization of input passed to the proxy, which will be echoed back in error pages under some circumstances.

It has been reported that Inktomi Traffic Server will generate errors when an open port other than 80/http is requested. The connection will time out when the request port on the remote system is closed, which will not generate an error. There is one reported exception to this. The proxy server will generate an error for requests to port 443/https regardless of whether the port is open or whether the requested host exists.

A malicious attacker could exploit this issue by creating a link which contains hostile HTML and script code and then enticing users of the proxy to visit the link. When the link is visited via the proxy, attacker-supplied script may be interpreted in the user's browser.

Exploitation could permit HTML and script code to access properties of the domain that is requested through the proxy. This could permit theft of cookie-based authentication credentials from arbitrary domains or other attacks.

Can't find what you're looking for?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

III. LINUX FOCUS LIST SUMMARY

1. AW: IPChains Question (compatibility mode on kernel 2.4.x) (Thread) Relevant URL:

http://www.securityfocus.com/archive/91/321455

2. IPChains Question (compatibility mode on kernel 2.4.x) (Thread) Relevant URL:

http://www.securityfocus.com/archive/91/321453

3. how to check current backlog queue size(against synflood) (Thread) Relevant URL:

http://www.securityfocus.com/archive/91/321212

IV. NEW PRODUCTS FOR LINUX PLATFORMS

1. EncrLib ECC Cryptographic Library by Encryption Software Platforms: Linux, UNIX, Windows 2000, Windows 95/98, Windows NT Relevant URL: http://www.encrsoft.com/products/encrlib.html Summary:

EncrLib ECC Cryptographic Library is a C++, secure, powerful, portable, easy-to-use, and extremely fast public-key encryption and digital signature solution, based on the most exciting public-key development in the cryptographic community of the last decade -- Elliptic Curve Cryptography (ECC).

Don't know where to look next?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

2. SelectAccess
by Baltimore Technologies
Platforms: Linux, Solaris, SunOS, UNIX, Windows 2000, Windows NT Relevant URL:
http://www.baltimoretechnologies.com/selectaccess/index.asp Summary:

SelectAccess enables businesses to capitalize on the potential of extranets, intranets and portals by providing web-based single sign-on for a seamless user experience. SelectAccess greatly reduces administration cost and complexity by providing a unified approach to defining authorization policies and securely managing role-based access to on-line resources.

3. SSP XBoard-440
by SSP Solutions
Platforms: Linux, Windows 2000
Relevant URL:
http://www.sspsolutions.com/products/sspxboard440/ Summary:

The SSP XBoard-440 is a 32-bit PCI bus interface board designed to maximize the performance of secure webservers by eliminating the processor bottlenecks incurred by SSL. As a direct result, the customer enjoys a faster connection, experiences immediate server response, and receives the full security benefits of the encryption process, from fewer servers. The SSP XBoard-440 eliminates the need to purchase additional servers to handle the increased burden of secure connections. The SSP XBoard-440 provides the speed and security needed to authenticate and securely pass information between client and server. By consolidating server resources, organizations can reduce operating, maintenance, and acquisition costs.

V. NEW TOOLS FOR LINUX PLATFORMS

1. WifiScanner v0.9.0 by Jerome Poggi jerome.poggi@hsc-labs.fr Relevant URL: http://wifiscanner.sourceforge.net/ Platforms: Linux, POSIX Summary:

WifiScanner is an analyzer and detector of 802.11b stations and access points. It can listen alternatively on all the 14 channels, write packet information in real time, can search access points and associated client stations, and can generate a graphic of the architecture using GraphViz. All network traffic can be saved in the libpcap format for post analysis. It works under Linux with a PrismII card and with the linux-wlan driver.

2. Ginsu Chat Client v0.4.7
by John Meacham
Relevant URL:
http://repetae.net/john/computer/ginsu/
Platforms: POSIX
Summary:

Ginsu is a client for the Gale chat system. It is designed to be powerful and above all stable, as well as having a quick learning curve.

Confused? Frustrated?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

3. phpBandwidth Monitor v1.5
by Eric Binger
Relevant URL:
http://www.phpBandwidth.com
Platforms: Linux
Summary:

phpBandwidth monitors a particular network interface (eth0, eth1, ppp0, etc.) and provides a realtime graph showing bandwidth consumption on a server.

VI. SPONSOR INFORMATION

FREE White Paper: "How A Hacker Launches A Web App Attack!" Learn why 70% of today's successful hacks involve Web Application attacks such as: SQL Injection, XSS, Cookie Manipulation, and Parameter Manipulation.

All undetectable by Firewalls and IDS!

Download *FREE* white paper from SPI Dynamics for a complete guide to protection!

Visit us at: http://www.spidynamics.com/mktg/webappsecurity103