HNS Newsletter
Issue 63 - 13.05.2001
http://net-security.org
http://security-db.com

This is a newsletter delivered to you by Help Net Security. It covers weekly 
roundups of security events that were in the news the past week. Visit Help 
Net Security for the latest security news - http://www.net-security.org.

Subscribe to this weekly digest on:
http://www.net-security.org/text/newsletter

Archive of the newsletter in TXT and PDF format is available here:
http://www.net-security.org/news/archive/newsletter

Current subscriber count to this digest: 2368

Table of contents:
 
1) General security news
2) Security issues
3) Security world
4) Featured products
5) Security software
6) Defaced archives


========================================================
Help Net Security T-Shirt available
========================================================
Thanks to our affiliate Jinx Hackwear we are offering you the opportunity 
to wear a nifty HNS shirt :) The image speaks for itself so follow the link 
and get yourself one, summer is just around the corner.
Get one here: http://207.21.213.175:8000/ss?click&jinx&3af04db0
========================================================


General security news
---------------------
 
----------------------------------------------------------------------------

E-COMMERCE FIRMS FACING MORE ONLINE SECURITY RISKS
Online security can pose a threat to the IT industry world over. According to 
the managing director of Safe Acript Atul Saran, the industry suffered losses 
to the tune of $10 billion during the last two years. Speaking at a seminar - 
Consilience-2000 - organised by the National Law School of India University 
here on Sunday, he said the companies could cut down on problems by 
taking precautionary measures.
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.timesofindia.com/today/07info13.htm


A CRITIQUE OF MEDIA REPORTAGE OF VIRUSES
In this article, George Smith takes a critical look at the way the media reports 
viruses. Specifically, he critiques the shortcomings of the 'crisis' mode used by 
the media to report virus threats and virus-writing competitions and examines 
the effects of that school of reportage on the public's reaction to viruses.
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.securityfocus.com/focus/virus/articles/diseased.html


HACKERS DENIED ACCESS
Access Research, a security firm founded earlier this year, has unveiled its 
security products to protect corporate data. Access Denied is a strong 
authentication system, preventing unauthorised users from connecting to 
company servers. It protects firms from hackers' spoofing, denial of service 
and Trojan attacks at the IP level, safeguarding Web servers and clients, the 
company said. The technology scans traffic at the TCP/IP connection level, 
alongside other security features, such as firewalls, and controls communication 
channels between Web servers and clients.
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.zdnet.co.uk/news/2001/18/ns-22662.html


NT SERVICE PACK 7: D.O.A.
SP7 is now officially dead. This is unfortunate, since it makes fixing all the 
security holes present on an NT system more difficult. For day-to-day 
operations, the lack of service packs won't make a huge difference. In the 
last few years, Microsoft has only released six service packs for NT (not 
counting multiple releases of Service Pack 6 that were broken to various 
degrees). Administrators typically apply Microsoft's hotfixes as they become 
available; otherwise, it is trivial in most cases for attackers to break into 
unpatched systems.
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://securityportal.com/articles/ntspseven20010507.html


WORMS COME UNDER ATTACK
When the ILoveYou virus swept through corporate networks around the 
world last May, it took everyone by surprise - especially anti-virus software 
developers. As the one-year anniversary of the Love Bug's attack passed 
last week, McAfee Corp., Trend Micro Inc. and other anti-virus vendors 
were working on new technologies and strategies that they hope will 
reduce the likelihood of another outbreak of that scale.
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.zdnet.com/eweek/stories/general/0,11011,2715700,00.html


NEO-NAZIS ATTACK LIBRARY'S WEB SITE 
The State Library of NSW was inundated with calls after an attacker replaced 
its Web site with images of Hitler and a Nazi swastika across an Australian flag 
in an unprecedented racially motivated attack.
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.smh.com.au/news/0105/07/national/national16.html


EXODUS CUSTOMER SECURITY SITE HACKED
Internet hosting company Exodus Communications suffered an embarrassing 
break-in of one of its security-related Web sites Friday night. Hackers left a 
message bragging that they had access to the company’s network and posted 
personal information about a company employee on www.security.exodus.net. 
Exodus, which co-hosts big-name Web sites like Yahoo.com and eBay.com, 
confirmed the break-in. But company officials say the attackers were only 
able to access arcane Web server log files for a few Exodus customers.
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.msnbc.com/news/569965.asp


THE NEW SECURITY PRO
"The really bad security breaches that would make the hair on the back of 
your neck stand up are not being reported [in the media]," says David Foote, 
a managing partner at Foote Partners LLC, a New Canaan, Conn.-based 
research and consulting firm specializing in the IT workforce. "But companies 
know about them, and they're scared." As companies place an increased 
emphasis on security, says Foote, the role of the security professional is 
changing from a strictly back-office IT support role to one that's strategically 
tied in with the entire company.
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.computerworld.com/cwi/story/0,1199,NAV47_STO60207,00.html


2600 CLUBS
The Washington Post's Ariana Eunjung Cha did an article on 2600 clubs 
around the states. "Club members still draw the attention of authorities. 
But the perception that their meetings are solely a place where hackers 
exchange trade secrets and plot electronic break-ins is exaggerated, or 
at least outdated".
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.chicagotribune.com/business/printedition/article/0,2669,SAV-0105070210,FF.html


HACKERS BREAK INTO INFOSYS’ BANKING SITE
Hackers reached IT major Infosys, with unidentified miscreants breaking in into 
the company’s banking division website. According to an Infosys spokesperson, 
the company’s technical personnel were attempting to rectify the damage and 
restore the site. "Work is on at present and the site should be up soon," the 
spokesperson said. The hackers changed the content of the site though it is 
not clear how and why the break in occurred.
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.hindustantimes.com/nonfram/080501/detECO10.asp


STREAMER.MICROSOFT.COM HACKED
According to Alldas.de, a Web server located within Microsoft's .com domain at 
streamer.microsoft.com was cracked and defaced in the early hours of Tuesday 
morning by a computer crackers calling themselves Prime Suspectz. Just last 
Friday, the same group, which claims to be based in Brazil, vandalised three 
international Microsoft Web sites, Microsoft UK, Mexico and Saudi Arabia.
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.zdnet.co.uk/news/2001/18/ns-22672.html


HACKER ATTACKS UTV SITE
UTV are investigating how an attacker managed to link the front page of their 
web site to a commemoration site for hunger-striker Bobby Sands last weekend. 
According to UTV, the attacker changed a link early Saturday morning, May 5th. 
The problem was rectified within hours of being spotted.
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.ireland.com/newspaper/breaking/2001/0508/breaking44.htm


IIS ATTACKING WORM OUT THERE
CERT issued an advisory on a new piece of self-propagating malicious code. 
Based on preliminary analysis, the sadmind/IIS worm exploits a vulnerability in 
Solaris systems and subsequently installs software to attack Microsoft IIS web 
servers. In addition, it includes a component to propagate itself automatically 
to other vulnerable Solaris systems. It will add "+ +" to the .rhosts file in the 
root user's home directory. Finally, it will modify the index.html on the host 
Solaris system after compromising 2,000 IIS systems.
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.cert.org/advisories/CA-2001-11.html


WHY OPENBSD WILL NEVER BE AS SECURE AS LINUX
OpenBSD fans everywhere simultaneously draw their flame guns and set them 
to "well done". OpenBSD claims to be "secure by default", and has undergone 
an extensive code audit -- so the question is this: has Kurt been hit in the 
head with a blunt object, or what? Wait! Before you hit the send button and 
put me out of my ignorance-induced misery, please read the whole article. 
Your thoughts will probably be addressed.
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://securityportal.com/closet/closet20010509.html


WHITEHAT HACKER MADE FBI PATSY
American federal officials used threats and a false promise of leniency to lure 
computer security researcher and admitted cyber intruder Max Butler into 
becoming an undercover FBI informant, according to a defense motion filed 
in the case Tuesday. It was only when Butler balked at covertly recording a 
friend and colleague, and instead sought advice from an attorney, that the 
government threw the book at him, the motion charges. "The government as 
much as promised him he would receive consideration," says defense attorney 
Jennifer Granick. "At least until he hired an attorney."
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.theregister.co.uk/content/8/18817.html


AUSTRALIAN PARLIAMENT HIT BY VBSWG.X
VBSWG.X has hit the Australian parliament's e-mail system opening a selection 
of pornographic websites on its victims' screens. International research company
Trend Micro says the virus was first detected in the US and has spread to more
than 50 Australian businesses. At least 2,500 cases of the virus have also been 
recorded in New Zealand.
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.ananova.com/news/story/sm_287043.html


AN INTRODUCTION TO NESSUS
"There are a number of security scanners out there. Most of them are vendor 
specific, and each boasts a number of vulnerability checks to determine what 
is secure on your system and what is not. So what if you are a hardcore open 
source paranoid like myself who wouldn't think to spend a dime on the latest 
commercial security scanner from CyberSlueths or CrackerCops? Well there is 
a superior alternative that is regularly updated, free, and open source. It's 
called Nessus, and it is by far the best scanner available."
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.linuxsecurity.com/feature_stories/feature_story-86.html


BALTIMORE WILL FIRE 10% OF STAFF?
Baltimore Technologies Plc, a security software maker that issued two lowered 
profit forecasts this year, may fire as many as 120 workers or about 10 percent 
of its staff, the Irish Independent newspaper said, citing analysts.
Link: http://news.cnet.com/investor/news/newsitem/0-9900-1028-5868866-0.html


VBSWG.X UPDATE
A spokesman for the antiviral software company Sophos said that 80 companies 
have reported being hit by the virus, and several said that they have each sent 
out up to 100,000 infected e-mails. Another antiviral firm, MessageLabs, reports 
similar statistics, adding that its data indicates Homepage is spreading faster 
than the Kournikova virus.
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.wired.com/news/culture/0,1284,43681,00.html


"WAR" IS OVER
Chinese 'hackers', engaged in a "cyberwar" with their counterparts in the 
United States, boasted on Wednesday they had defaced 1,000 U.S. Web 
sites, but called a truce to the conflict.
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.zdnet.com/zdnn/stories/news/0,4586,5082576,00.html


DUMMY INTERNET FIRM USED TO SNAG RUSSIAN HACKERS
Invita Security Corp. looked like a typical Internet company: It had offices, 
computers, employees, even a secure computer system. The only thing 
missing was the customers. Far from a failed start-up, the aptly named 
Invita turned out to be a bogus company set up by the Federal Bureau 
of Investigation to ensnare a pair of young Russian hackers accused of 
breaking into U.S. Internet companies' computers, stealing financial and 
other sensitive data and demanding extortion payments. Authorities say 
Alexey Ivanov, 21, and Vasily Gorshkov, 25, both of Chelyabinsk, fell for 
the bait. Arrested and jailed on 20 criminal counts including conspiracy 
and wire fraud, they are set to go on trial May 29 in federal court in Seattle.
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.dallasnews.com/technology/362473_fbihackers_10b.html


WINDOWS VS. LINUX - TAKING SECURITY SERIOUSLY
Network security cannot be left to chance these days. It is incumbent on 
businesses, given the throng of Internet connections across the globe, that 
their systems - no matter what types of operating systems or servers involved, 
are patched, hardened and secure. Then again, if it is up to individual 
organisations to protect what they have, perhaps the role of OS vendors is to 
strengthen the security features they offer. Just which vendor does this better
is difficult to establish. While proponents of Linux systems maintain that the 
many security vulnerabilities and attacks coming to the fore are due to 
Microsoft's dominance in the market and its inherent vulnerabilities, others 
believe that Bill Gates' behemoth company is beginning to hold its own in 
acknowledging and addressing security issues. With fame, however, 
misfortune can follow.
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.westcoast.com/securecomputing/2001_05/special/special.html


USING SENDMAIL AND AMAVIS TO HALT VIRUS DISTRIBUTION
Unlike days past where viruses were primarily spread through sneaker-net 
distribution of floppy disks, most modern viruses are spread via e-mail. 
Advanced scripting languages for the Windows platform coupled with the 
relative insecurity of certain Windows mail clients have increased the ranks 
of the virus, worm, and other mal-ware authors. Fortunately, most Unix 
servers and mail systems can halt the spread of such mal-ware. This tutorial 
will focus on integrating the AMaViS (0.2.1) anti-virus cleanser with Sendmail 
8.9.1b, the default mail server shipped with Solaris 7. However, the setup and 
configuration procedures are very similar on Linux and xBSD.
Link: http://www.sunhelp.org/pages.php?page=article-amavis


SECURING LINUX WITH AIDE
It is often difficult to assess damage from an intrusion through syslogs and good 
old-fashioned sysadmin work alone. Host-based intrusion detection systems can 
assist in these efforts. One such host-based IDS for Unix operating systems is 
AIDE. AIDE is a valuable, configurable tool that takes a snapshot of a system 
in its original state in order to track subsequent changes in the system. This 
article will discuss various aspects of using AIDE on Linux systems, including: 
configuring and using AIDE, troubleshooting your configuration, reviewing logs 
and cleaning up rulesets.
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.securityfocus.com/focus/linux/articles/linuxaide.html


MAC: RIPE FOR A HACK?
"Think Different" has been an Apple rallying cry for the last few years. And 
recently, many Mac fans have begun to think different(ly) - about computer 
security. Macs have rarely been the target of hack attacks or viruses, due 
in part to the fact that many malicious hackers are unfamiliar with the Mac 
operating system. But Apple's new operating system, OS X, is built around 
an open-source, Unix-based core - an operating system that many hackers 
are already very familiar with.
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.wired.com/news/infostructure/0,1377,43638,00.html


INFOSYS TRACKING ATTACKERS
India's top software firm Infosys Technologies said Tuesday it has tracked down 
the origin of computer hackers who targeted its website on Monday. "The attack 
seems to have been launched from an educational institution. We are trying to 
reach the administrators of the institution to pinpoint the source," the company 
said in a statement.
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.timesofindia.com/090501/09info17.htm


ICSA LABS TO CERTIFY PC FIREWALLS
TruSecure Corp.'s ICSA Labs division has added PC Firewalls to its list of security 
applications that it certifies. Through the personal firewall certification program, 
personal firewall vendors will have their software tested, assessed, and validated 
by ICSA's independent labs.
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.informationweek.com/story/IWK20010510S0003


GOVERNMENT AGENCIES DEFLECT "HOMEPAGE" WORM
“We haven’t seen anything significant in the United States,” said a spokesman 
for FedCIRC, the government’s computer intrusion response center. “It has 
mostly been overseas.”
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.gcn.com/vol1_no1/daily-updates/4221-1.html


GATEWAY UK TURNS PERSONAL INFO PUBLIC
A security gaffe by Gateway 2000 has resulted in the exposure of sensitive 
customer information on the PC vendor's web site. Up until late this afternoon 
searching for 'delivery cost' on Gateway's UK site returned two copies of an 
Excel spreadsheet containing order details, customer contacts and phone 
numbers.
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.theregister.co.uk/content/8/18867.html


DMZS FOR DUMMIES
You've ordered a new firewall, and you want to get it running on your network 
ASAP. Your first reaction is probably to put every client and server behind it. 
That's fine for a small company, but a larger company should consider creating 
a perimeter security network called a demilitarized zone (DMZ) that separates 
the internal network from the outside world.
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.zdnet.com/enterprise/stories/main/0,10228,2717224,00.html


ASK BUFFY
Questions this week cover Logging Root Commands; WINS, NetBIOS problems;
Protecting Solaris from IP Spoofing; xinetd and tcp_wrappers; and BCC Email 
Tracking.
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://securityportal.com/buffy/buffy20010510.html


ANOTHER HOTMAIL SCAM
"You're one of 100 hotmail winners!" reads the title from an email apparently 
sent from from the "Hotmail Staff" and presents the users with a form to indicate 
sign-in name, password, comments and..a picture. Infact the email was sent by 
a "max@relay.1c.kiev.ua" and over html code directly links to http://193.125.79.67/, 
which according to the RIPE whois data base belongs the Tara Shevchenko Kiev 
University, 01033 Kiev, Ukraine. The only price to win would be your hacked 
hotmail account.


IIS WORM - 8836 IP ADDRESSES ATTACKED
On Tuesday, May 8, Attrition staff received email containing a list of 8836 IP 
addresses that were said to be victims of the "sadmind/IIS Worm". From there, 
they broke the list down into a few major types of machines/names; ADSL 
boxes, Cable Modems, DHCP servers, DNS machines, DSL boxes, Mail hosts, 
personal machines, "regular" servers and "in-addr" addresses.
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.attrition.org/security/commentary/worm01.html


2600.COM WASN'T HIJACKED; NSI PROBLEMS
2600.com reported that their domain got hijacked yesterday - "Imagine our 
surprise when we were told by readers that 2600.com no longer belongs to 
2600.com! That's the nightmare that we were greeted with on Friday due to 
a bizarre foulup with Network Solutions." In a short time they were able to 
track down the right people at Network Solutions Inc, so the mistake got fixed.
Link: http://www.2600.com/news/display.shtml?id=412
Link: http://www.2600.com/news/display.shtml?id=413


STATE DEPARTMENT'S OFFICE OF IIP SITE DEFACED
A confidential U.S. State Department Web site (State Department's Office of 
International Information Programs) was defaced and some internal Internet 
servers were shut down in a cyberattack launched earlier this week by an 
unknown assailant, department spokeswoman Victoria DeLong announced.
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.computerworld.com/cwi/stories/0,1199,NAV47-68-84-88_STO60494,00.html


PROTOCOL TO SECURE DATA FOR WLANS
Industry experts are tipping Kerberos to become the accepted security standard 
for roaming between access points in the growing wireless local area network 
(WLAN) market. Concerns about the rival Wireless Equivalent Privacy (WEP) 
security protocol used in the 802.11b WLAN standard have surfaced recently, 
putting IT managers off adopting the technology, due to fears about the 
security of connections and the verification of users as they 'roam' from 
one access point to another.
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.zdnet.co.uk/news/2001/18/ns-22764.html


0WN THIS BOX CHALLENGE
Cylant's "0wn this box challenge" is a research effort providing a good 
challenge to skilled crackers. Dave Wreski and Benjamin Thomas of 
LinuxSecurity.com interview Cylant Technology, Inc.seeking to find 
more information regarding the work to create this contest, and the 
experiences gained from holding it.
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.linuxsecurity.com/feature_stories/feature_story-87.html

----------------------------------------------------------------------------




Security issues
---------------

All vulnerabilities are located at:
http://net-security.org/text/bugs


----------------------------------------------------------------------------

DEBIAN LINUX: CRON LOCAL ROOT EXPLOIT
A recent (fall 2000) security fix to cron introduced an error in giving up 
privileges before invoking the editor. A malicious user could easily gain 
root access. This has been fixed in version 3.0pl1-57.3 (or 3.0pl1-67 
for unstable). No exploits are known to exist, but we recommend that 
you upgrade your cron packages immediately.
Link: http://www.net-security.org/text/bugs/989242718,76559,.shtml


IIS 5.0 PROPFIND DoS #2
It is possible to remotely restart all IIS related services using specially 
crafted request. If this request is repeated continously this seriously 
affects IIS performance.
Link: http://www.net-security.org/text/bugs/989242918,59658,.shtml


MP3MYSTIC VULNERABILITY
MP3Mystic is a webserver that lets a visitor browse your harddrive only 
showing MP3 files. It is vulnerable to the dot dot bug. 
Link: http://www.net-security.org/text/bugs/989345433,40148,.shtml


ELECTROCOMM 2.0 VULNERABILITY
ElectroComm allows you to connect to a comm port on a computer over a 
network using any Telnet client. The program can fall victim to a DoS.
Link: http://www.net-security.org/text/bugs/989345489,35284,.shtml


VIRTUAL DNS VULNERABILITY
Virtual DNS (Vdns) allows users with DSL & ADSL type connections to run their 
own web server with their own domain name. It suffers from a DoS.
Link: http://www.net-security.org/text/bugs/989345611,74236,.shtml


LINUX MANDRAKE - PINE UPDATE
Versions of the Pine email client prior to 4.33 have various temporary file 
creation problems, as does the pico editor. These issues allow any user 
with local system access to cause any files owned by any other user, 
including root, to potentially be overwritten if the conditions were right.
Link: http://www.net-security.org/text/bugs/989351502,70657,.shtml


TURBOLINUX SECURITY ANNOUNCEMENT: VIXIE-CRON
A security hole has been discovered in the package vixie-cron. Please
update the packages in your installation as soon as possible.
Link: http://www.net-security.org/text/bugs/989408997,40125,.shtml


TURBOLINUX SECURITY ANNOUNCEMENT: SQUID
A security hole has been discovered in the package squid. Please update
this package in your installation as soon as possible.
Link: http://www.net-security.org/text/bugs/989409105,89300,.shtml


TURBOLINUX SECURITY ANNOUNCEMENT: DHCP
A security hole has been discovered in the dhcp packages. Please update
the packages in your installation as soon as possible.
Link: http://www.net-security.org/text/bugs/989409220,8713,.shtml


TURBOLINUX SECURITY ANNOUNCEMENT: XNTP3
A security hole has been discovered in the xntp3 packages. Please update
the packages in your installation as soon as possible.
Link: http://www.net-security.org/text/bugs/989409271,97178,.shtml


WINDOWS 2000 KERBEROS DoS
The Kerberos service and kerberos password service contain a flaw that could 
allow a malicious attacker to cause a Denial of Service on the Kerberos service 
and thus making all domain authentication impossible.
Link: http://www.net-security.org/text/bugs/989436098,15488,.shtml


DEBIAN LINUX - SAMBA SECURITY FIX UPDATE
Marc Jacobsen from HP discovered that the security fixes from samba 2.0.8 did 
not fully fix the /tmp symlink attack problem. The samba team released version 
2.0.9 to fix that, and those fixes have been added to version 2.0.7-3.3 of the
Debian samba packages.
Link: http://www.net-security.org/text/bugs/989582948,34149,.shtml


RED HAT LINUX: UPDATED NEDIT PACKAGES
nedit creates temporary files in an insecure fashion. This version has been 
patched to use mkstemp().
Link: http://www.net-security.org/text/bugs/989583041,52988,.shtml


SQL SERVER 7.0 SERVICE PACK PASSWORD BUG
When SQL Server 7.0 Service Packs 1, 2, or 3 are installed on a machine that 
is configured to perform authentication using Mixed Mode, the password for the 
SQL Server standard security System Administrator (sa) account is recorded in 
plaintext in the files %TEMP%\sqlsp.log and %WINNT%\setup.iss. The default 
permissions on the files would allow any user to read them who could log onto 
the server interactively.
Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.microsoft.com/technet/security/bulletin/MS00-035.asp


VULNERABILTY IN TYPSOFT FTP SERVER V0.95
An attacker with anonymous access to the ftp server can break out of the ftp 
root using the dot vulnerability.
Link: http://www.net-security.org/text/bugs/989607354,81774,.shtml


DENICOMP REXECD/RSHD DENIAL OF SERVICE
There exists a problem in the port-handling code of mentioned products which
exposes the services provided by these to a DoS attack.
Link: http://www.net-security.org/text/bugs/989607535,50259,.shtml


DEBIAN LINUX - GFTP REMOTE EXPLOIT
The gftp package as distributed with Debian GNU/Linux 2.2 has a problem
in its logging code: it logged data received from the network but it did
not protect itself from printf format attacks. An attacker can use this
by making a FTP server return special responses that exploit this.
Link: http://www.net-security.org/text/bugs/989607865,68250,.shtml

----------------------------------------------------------------------------




Security world
--------------

All press releases are located at:
http://net-security.org/text/press


----------------------------------------------------------------------------

TRAFFIC LIMITING INTRUSION DETECTION SYSTEM (TLIDS) - [07.05.2001]

Captus Networks, the world leader in protecting against Denial of Service 
attacks, announced a major software enhancement to its CaptIO family of 
network security solutions that greatly simplifies the task of systems 
administrators for ensuring the security and availability of their Internet 
networks.

Press release:
< http://www.net-security.org/text/press/989243503,12040,.shtml >

----------------------------------------------------------------------------

SAFENET PARTNERS WITH TEXAS INSTRUMENTS - [07.05.2001]

SafeNet, a leading provider of Internet security technology that is the de facto 
standard in the VPN industry, announced that it has been chosen to partner 
with Texas Instruments to provide a new wireless security library for next 
generation (2.5 and 3G) wireless devices. SafeNet's encryption technology, 
combined with TI's DSP-based OMAP family of processors, will enable the 
strongest security for next generation wireless devices including personal 
digital assistants, cell phones, and pagers. The OMAP architecture is fast 
becoming a de facto standard for 2.5 and 3G wireless devices. Today, TI's 
OMAP architecture has been publicly endorsed by Nokia, Ericsson, Sony, 
Sendo, HTC, Symbian, Microsoft, and Sun Microsystems.

Press release:
< http://www.net-security.org/text/press/989243541,30009,.shtml >

----------------------------------------------------------------------------

PROACTIVENET 4.0 PROVIDES ROOT CAUSE ANALYSIS - [08.05.2001]

ProactiveNet, Inc., a leading provider of performance management solutions for 
Internet, intranet and extranet applications, today announced ProactiveNet 4.0, 
the company's flagship management application. The product makes its debut at 
the Networld + Interop show in Las Vegas this week, in ProactiveNet's booth #1825.

Press release:
< http://www.net-security.org/text/press/989316924,18917,.shtml >

----------------------------------------------------------------------------

STONEBRIDGE TECHNOLOGIES AND ISS PARTNER - [08.05.2001]

Stonebridge Technologies, an award-winning technology consulting firm, 
announced that the company is extending its infrastructure service offerings 
through a strategic alliance with Internet Security Systems (ISS), a leading 
provider of security management solutions for the Internet.

Press release:
< http://www.net-security.org/text/press/989317193,42924,.shtml >

----------------------------------------------------------------------------

ANTI-VIRUS INFORMATION EXCHANGE NETWORK GROWS - [08.05.2001]

The Anti-Virus Information Exchange Network and its associated Early Warning 
System continue to increase their growth at a fast pace. At the end of April, 
2001, with just 6 months of activity, AVIEN already includes antivirus specialists 
who support more than 2 million end users.

Press release:
< http://www.net-security.org/text/press/989336150,58744,.shtml >

----------------------------------------------------------------------------

WATCHGUARD: FIREBOX 2500 AND FIREBOX 4500 - [08.05.2001]

WatchGuard Technologies, Inc., a leader in Internet security solutions, introduced 
its next generation of award-winning Firebox Internet security appliances at the 
NetWorld + Interop Conference in Las Vegas. The Firebox III family, consisting of 
the Firebox 2500 and Firebox 4500, redefine price/performance by delivering 
industry-leading performance at prices that are affordable for larger distributed 
organizations and Internet data centers with the need to secure a large number 
of VPN connections.

Press release:
< http://www.net-security.org/text/press/989336211,66652,.shtml >

----------------------------------------------------------------------------

RAINBOW IVEA AWARDED AT N+I - [08.05.2001]

Rainbow iVEA, a Rainbow Technologies (Nasdaq: RNBO) company and a leading 
provider of high-performance security solutions for the Internet and eCommerce, 
announced that the CryptoSwift 600 eCommerce accelerator captured a Well 
Connected Award by Network Computing Magazine at the Spring 2001 Networld+
Interop Conference in Las Vegas. The CryptoSwift 600 defeated the nCipher 
nForce 300 and the Compaq AXL2000 Accelerator PCI Card for "Best SSL 
Acceleration Solution."

Press release:
< http://www.net-security.org/text/press/989350887,96012,.shtml >

----------------------------------------------------------------------------

F-SECURE ALERTS USERS ON VBSWG.X WORM - [09.05.2001]

F-Secure Corporation, a leading provider of centrally-managed, widely 
distributed security solutions is alerting computer users worldwide about 
a new, rapidly spreading e-mail worm named VBSWG.X, also known as 
Homepage, is an encrypted e-mail worm found in the wild on May 9th, 
2001.

Press release:
< http://www.net-security.org/text/press/989407841,43920,.shtml >

----------------------------------------------------------------------------

VISUALSOFT CRYPT WINS JOLT PRODUCTIVITY AWARD - [09.05.2001]

VisualSoft Technologies, a leading Software Products and Solutions development 
company, today announced that VisualSoft Crypt won Software Development 
magazine's Jolt Productivity Award in the category of "Libraries, Frameworks and 
Components". The Jolt Awards were announced by CMP's Software Development 
magazine on April 11th, 2001 at Software Development West Conference and 
Exposition at the San Jose Convention Center in San Jose, CA.

Press release:
< http://www.net-security.org/text/press/989407988,53034,.shtml >

----------------------------------------------------------------------------

INFOEXPRESS WINS NETWORK COMPUTING’S AWARD - [09.05.2001]

InfoExpress, a pioneer in enterprise remote access security solutions, 
announced that its CyberArmor Suite Enterprise Personal Firewall 1.1 has 
been named a winner of CMP Media LLC’s Network Computing for a 2001 
Well-Connected Award in the category of Desktop Firewall. CyberArmor 
was chosen for its innovative centralized security policy management 
capability to protect corporate assets from various malicious Internet 
attacks. CyberArmor also offers the industry’s only environmentally 
sensitive policy- based solution. It can select the active policy by 
differentiating between users on the corporate network, when a 
remote VPN session is active, or when they are surfing the Internet.

Press release:
< http://www.net-security.org/text/press/989431870,88278,.shtml >

----------------------------------------------------------------------------

MELCAM SURVEILLANCE APPLICATION FOR PC CAMERAS - [10.05.2001]

MelCam is easy to operate, keeps real-time tabs on vulnerable assets and 
increases security levels. Physical areas that are secured with a MelCam 
system benefit from Melioris' proprietary "Multi-Channel Security" - the 
ability to monitor and respond to incidents in a multiple number of ways, 
concurrently.

Press release:
< http://www.net-security.org/text/press/989494304,54252,.shtml >

----------------------------------------------------------------------------

NEW DEVICELOCK MILLENNIUM EDITION RELEASED - [10.05.2001]

SmartLine, Inc. announced the new release of DeviceLock Millennium Edition, a 
Windows service for restricting access to local devices running Windows 95/98/Me.
Preventing the introduction of inappropriate software and data is important when 
trying to protect and administer a company's computer network. The traditional 
solution has been a physical lock on the floppy drive. DeviceLock Me eliminates 
the need for physical locks and has a number of advantages. It is easy to install 
and administrators can have instant access from the remote computers when 
necessary. There are no physical keys to store and manage - DeviceLock Me 
is a software-only solution.

Press release:
< http://www.net-security.org/text/press/989519175,1325,.shtml >

----------------------------------------------------------------------------

SOPHOS DEFENDS IRISH SCHOOLS THROUGH ICL - [10.05.2001]

Sophos, a world leader in corporate anti-virus protection, announced that it is 
to protect IT systems in all of Northern Ireland's schools from virus attack. 
Sophos will defend the schools as part of a deal with eBusiness services company, 
ICL. Under the terms of the deal, all Northern Irish secondary schools will switch 
from their existing anti-virus protection (provided through CLASS - the 
Computerisation of Local Administration Systems in Schools) to that provided 
by Sophos. All of the region's primary school IT systems are already protected 
by Sophos Anti-Virus.

Press release:
< http://www.net-security.org/text/press/989519256,16494,.shtml >

----------------------------------------------------------------------------

SURFCONTROL SLAMS THE DOOR ON VBSWG.X - [11.05.2001]

SurfControl, the Internet Filtering Company, announced that SurfControl is part 
of the preventative measures that corporations are putting in place to protect 
themselves from email born viruses like the recent "homepage" attack. Given that 
SurfControl's SuperScout Email Filter sits between the email server and the virtual 
boarder, and works with a corporation's existing anti-virus software, the product 
can stop viruses at the door before they get to the email server.

Press release:
< http://www.net-security.org/text/press/989533926,93756,.shtml >

----------------------------------------------------------------------------

CHECKPOINT AND ISS CO-SPONSOR ENET - [11.05.2001]

Check Point Software Technologies Ltd. and Internet Security Systems (ISS), 
two Internet security leaders, today announced that they have been selected 
for the fourth consecutive year as network security co-sponsors of the Interop 
Net Event Network (eNet) at NetWorld+Interop in Las Vegas. Check Point and 
ISS have provided integrated Internet security technology, real-time monitoring 
and expertise for protecting the complex network. The eNet is an integral part 
of NetWorld+Interop, held May 7-11, 2001 at the Las Vegas Convention Center.

Press release:
< http://www.net-security.org/text/press/989533992,80558,.shtml >

----------------------------------------------------------------------------

SURFCONTROL ANNOUNCES GRANT OF US PATENT - [11.05.2001]

SurfControl, the Internet Filtering Company, is pleased to announce today 
that the US Patent Office has granted to SurfControl a patent on its core 
web filtering technology and processes. The US Patent 6,219,786, granted 
to SurfControl, Inc., describes the unique system for managing access 
control to resources of a distributed network, and more particularly to 
monitoring computer users' access to those resources from within and 
outside the network.

Press release:
< http://www.net-security.org/text/press/989534017,22824,.shtml >

----------------------------------------------------------------------------

ZEASOFT RELEASES TASK TERMINATOR - [11.05.2001]

ZeaSoft is proud to announce a new release of our free utility, Task Terminator 
(http://www.zeasoft.com/products/taskterm.htm). Task Terminator is a free 
utility from ZeaSoft which allows you to terminate any task or window running 
on your machine, even hidden programs and services which are invisible to the 
Windows Task Manager (that window that pops up when you hit Ctrl-Alt-Del). 
Task Terminator has the look and feel of the Windows Task Manager to make 
it instantly familiar to Windows users.

Press release:
< http://www.net-security.org/text/press/989583281,21227,.shtml >

----------------------------------------------------------------------------

EEYE DIGITAL SECURITY RELEASES SECUREIIS - [11.05.2001]

SecureIIS is the latest in proactive network security tools from eEye Digital 
Security. SecureIIS protects Microsoft IIS Web servers from known and 
unknown hacker attacks. SecureIIS wraps around IIS and works within it, 
verifying and analyzing incoming and outgoing Web server data for any 
possible security breaches. It prevents these breach attempts from 
penetrating the server, and alerts the network administrator when such 
attacks occur. SecureIIS combines the best features of Intrusion Detection 
Systems and Network Firewalls all into one, and it is custom tailored to your 
Web server.

Press release:
< http://www.net-security.org/text/press/989583781,34566,.shtml >

----------------------------------------------------------------------------

LEADING SECURITY COMPANIES COMBINE PRODUCTS - [11.05.2001]

At Networld + Interop today, networking, antivirus and Internet security leaders 
Linksys, TrendMicro Inc., and Zone Labs announced they will combine their 
products and technologies into one comprehensive, best-of-breed security 
solution for the small/medium business and home networking market. Linksys 
EtherFast Cable/DSL Router users will benefit from ironclad protection for their 
networks consisting of Zone Labs' ZoneAlarm Pro Internet security utility and 
Trend Micro's PC-cillin antivirus software as part of a complete hardware 
and software solution.

Press release:
< http://www.net-security.org/text/press/989583975,40156,.shtml >

----------------------------------------------------------------------------

TRIPWIRE HONORED AS UPSIDE MAGAZINE - [12.05.2001]

Tripwire Inc., the leading provider of data and network integrity (DNI) software, 
announced that it has been selected by UPSIDE Magazine as one of the 2001 
Hot 100 private companies. Tripwire was selected by the editors of UPSIDE and 
an advisory panel comprised of venture capitalists, financial analysts and market 
researchers. More than 800 companies were nominated for this year's UPSIDE 
Hot 100 Awards. Each company was judged on the basis of its technological 
achievements, customer acceptance of products or services, financial 
performance, industry partnerships, financial backing, and management 
experience.

Press release:
< http://www.net-security.org/text/press/989625999,42397,.shtml >

----------------------------------------------------------------------------

MCAFEE USERS UNAFFECTED BY HOMEPAGE WORM - [12.05.2001]

McAfee, a division of Network Associates, Inc. and recognized leader in anti
virus security solutions, today announced that its gateway anti-virus products 
and services protected leading businesses from the recently discovered 
Homepage worm. McAfee's advanced scanning technology detected and 
cleaned the Homepage worm at Major League Soccer, Loancity.com, Affinity 
Health System and other leading McAfee corporate businesses. Similar to the 
AnnaKournikova virus detected earlier this year, McAfee AVERT (Anti-Virus 
Emergency Response Team) worked closely with customers to provide up-to-
date diagnostics and information regarding the virus.

Press release:
< http://www.net-security.org/text/press/989659179,31194,.shtml >

----------------------------------------------------------------------------

PREPARATIONS FOR RSA CONFERENCE 2001 ASIA - [12.05.2001]

As e-commerce continues to gain a strong foothold in Asia, RSA Security Inc., 
the most trusted name in e-security, announced the program for RSA Conference 
2001, Asia, which will be held July 9 - 12, 2001 at the Singapore International 
Convention and Exhibition Center in Suntec City, Singapore. RSA Security's first 
annual e-security conference and exposition in the Asia-Pacific region is designed 
to address the critical e-security and privacy issues facing business, government 
and the public. RSA Conference 2001, Asia is modeled after the U.S.-based RSA 
Conference, the world's largest security event, which drew more than 10,000 
attendees last April in San Francisco, Calif.

Press release:
< http://www.net-security.org/text/press/989659469,10481,.shtml >

----------------------------------------------------------------------------

ALADDIN'S ESAFE PROTECTS OF HOMEPAGE WORM - [12.05.2001]

Aladdin Knowledge Systems, a global leader in the field of Internet content and 
software security, today announced its eSafe Internet content security solution 
successfully blocks the new medium-risk vandal named VBS.Homepage.

Press release:
< http://www.net-security.org/text/press/989659605,74425,.shtml >

----------------------------------------------------------------------------

BIOMETRIC SECURITY FOR NEW NASA FACILITY - [12.05.2001]

Bioscrypt Inc., a leading provider of biometric authentication solutions, announced 
that the Triana Science and Operations Center (TSOC), a NASA funded facility at 
the University of California in San Diego, is using Bioscrypt's advanced biometric 
technology to control physical access and provide security for their operations.

Press release:
< http://www.net-security.org/text/press/989659723,75766,.shtml >

----------------------------------------------------------------------------




Featured products
-------------------

The HNS Security Database is located at:
http://www.security-db.com

Submissions for the database can be sent to: staff@net-security.org


----------------------------------------------------------------------------

GENUITY SECURITY ADVANTAGE

Genuity Security Advantage service lets you outsource your security needs 
and gives you local access to security management services independent of 
any specific ISP, hardware platform, or operating system. Furthermore, the 
service uses IPsec-compliant hardware and software, enabling you to 
establish secure, site-to-site Virtual Private Networks (VPNs), thereby 
avoiding costly leased-line fees.

Read more:
< http://www.security-db.com/product.php?id=149 >

This is a product of Genuity, for more information:
< http://www.security-db.com/info.php?id=27 >

----------------------------------------------------------------------------

LT AUDITOR+

Blue Lance´s LT Auditor+ is a Windows-based intrusion detection/audit trail 
security software solution. LT Auditor+ is designed to protect organizational 
assets accessible through NT and/or Novell networks. LT Auditor+ provides 
around-the-clock monitoring of network activity across the enterprise. LT 
Auditor+ is used to secure corporate assets against unauthorized access, 
fraud and theft. Highly acclaimed by Netware Users International, Blue 
Lance's LT Auditor+ is in use by the world´s largest banks, government 
agencies and corporations.

Read more:
< http://www.security-db.com/product.php?id=436 >

This is a product of Blue Lance, for more information:
< http://www.security-db.com/info.php?id=97 >

----------------------------------------------------------------------------

LANGUARD NETWORK SCANNER

LANguard network scanner is a freeware security scanner to audit your network 
security. It scans entire networks and provides NETBIOS information for each 
computer such as hostname, shares, logged on user name. It does OS detection, 
password strength testing, detects registry issues and more. Reports are 
outputted in HTML. 

A security scanner that is always up to date 
Many commercial security scanning tools exist that claim to find all security holes 
in an OS. Fact is, because of the number of OS versions (service packs) & amount 
of security issues discovered daily, these database based products are almost 
immediately out of date.

Read more:
< http://www.security-db.com/product.php?id=640 >

This is a product of GFI Software Ltd., for more information:
< http://www.security-db.com/info.php?id=146 >

----------------------------------------------------------------------------




Security Software
-------------------

All programs are located at:
http://net-security.org/various/software

----------------------------------------------------------------------------

VISUALSOFT FILESECURE

VisualSoft FileSecure encrypts selected files and/or folders and produces a 
self-decryption archive. The encrypted file can be decrypted simply by double 
clicking the archive with the given passphrase. The user needs no installation 
of any application to decrypt the files. The user can also split the generated 
self-decryption archive by choosing appropriate settings. VisualSoft FileSecure 
uses Blowfish symmetric key for both encryption and de-cryptio. It can also 
provides file compression and secure file transfer using FTP.

Info/Download:
< http://www.net-security.org/various/software/989519664,9161,windows.shtml >

----------------------------------------------------------------------------

VISUALSOFT CRYPT V.3.0

VisualSoft Crypt provides strong cryptographic algorithms for secure enterprise 
application development. Information such as Passwords, Credit Card numbers, 
Email and other transaction data can be securely transferred on the untrusted 
networks like Internet etc., using this component. It encrypts and decrypts 
files using Advanced Encryption Standard (Rijndael) algorithm and Industry
standard Cryptography methodologies namely Serpent, Mars, DES, TDES, 
BlowFish, and IDEA. This component also supports MIME Format files. It is 
can also be used to store or transport information securely within a 
network environment.

Info/Download:
< http://www.net-security.org/various/software/989519782,27322,windows.shtml >

----------------------------------------------------------------------------

PORT SCAN ATTACK DETECTOR

Port Scan Attack Detector (psad) is a perl program that is designed to work 
with Linux firewalling code (iptables in the 2.4.x kernels, and ipchains in the 
2.2.x kernels) to detect port scans. It features a set of highly configurable 
danger thresholds (with sensible defaults provided), verbose alert messages 
that include the source, destination, scanned port range, begin and end times, 
TCP flags and corresponding nmap options (Linux 2.4.x kernels only), email 
alerting, and automatic blocking of offending IP addresses via dynamic 
configuration of ipchains/iptables firewall rulesets. In addition, for the 2.4.x 
kernels psad incorporates many of the TCP signatures included in Snort to 
detect highly suspect scans for various backdoor programs (e.g. EvilFTP, 
GirlFriend, SubSeven), DDoS tools (mstream, shaft), and advanced port 
scans (syn, fin, Xmas) which are easily leveraged against a machine 
via nmap.

Info/Download:
< http://www.net-security.org/various/software/989519878,70603,linux.shtml >

----------------------------------------------------------------------------

PC VIPER

PC Viper is the first product of its kind to provide strong firewall security to 
your home PC's as you surf the absolutely no protection against Internet 
Intrusion. The PC Viper Personal Edition solves this problem by providing an 
extremely strong firewall located on the user's machine. PC Viper sits between 
the operating system and the modem to monitor all traffic. Because it is resident 
on the same machine that it is protecting, Viper can monitor any PC applications 
that access the Internet to protect against Trojan Horse Viruses from transmitting 
user-sensitive information. PC Viper also features an adult-material filter built in 
which can be enabled to prevent adult content or pornography from reaching the 
protected machine.

Info/Download:
< http://www.net-security.org/various/software/989520145,24540,windows.shtml >

----------------------------------------------------------------------------




Defaced archives
------------------------

[07.05.2001]

Original: http://www.commerzbank.com.uy/
Defaced: http://defaced.alldas.de/mirror/2001/05/07/www.commerzbank.com.uy/
OS: Windows

Original: http://www.blizzard.com/
Defaced: http://defaced.alldas.de/mirror/2001/05/07/www.blizzard.com/
OS: Windows

Original: http://investor2.cnet.com/
Defaced: http://defaced.alldas.de/mirror/2001/05/07/investor2.cnet.com/
OS: Windows

Original: http://www.opel.dk/
Defaced: http://defaced.alldas.de/mirror/2001/05/07/www.opel.dk/
OS: Windows

Original: http://www.bmw.com.mx/
Defaced: http://defaced.alldas.de/mirror/2001/05/07/www.bmw.com.mx/
OS: Windows

Original: http://www.toyota.co.ug/
Defaced: http://defaced.alldas.de/mirror/2001/05/07/www.toyota.co.ug/
OS: Windows

Original: http://www.sanyo.com.mx/
Defaced: http://defaced.alldas.de/mirror/2001/05/07/www.sanyo.com.mx/
OS: Windows


[08.05.2001]

Original: http://www.mcdonalds.co.id/
Defaced: http://defaced.alldas.de/mirror/2001/05/08/www.mcdonalds.co.id/
OS: Windows

Original: http://www.fujifilm.co.kr/
Defaced: http://defaced.alldas.de/mirror/2001/05/08/www.fujifilm.co.kr/
OS: Windows

Original: http://www.honda.com.au/
Defaced: http://defaced.alldas.de/mirror/2001/05/08/www.honda.com.au/
OS: Windows

Original: http://www.puma.com/
Defaced: http://defaced.alldas.de/mirror/2001/05/08/www.puma.com/
OS: Windows

Original: http://www.dinersclub.com.ph/
Defaced: http://defaced.alldas.de/mirror/2001/05/08/www.dinersclub.com.ph/
OS: Windows

Original: http://www.toyota.kz/
Defaced: http://defaced.alldas.de/mirror/2001/05/08/www.toyota.kz/
OS: Windows

Original: http://www.unicef.no/
Defaced: http://defaced.alldas.de/mirror/2001/05/08/www.unicef.no/
OS: Windows

Original: http://streamer.microsoft.com/
Defaced: http://defaced.alldas.de/mirror/2001/05/08/streamer.microsoft.com/
OS: Windows


[09.05.2001]

Original: http://www.agfa.co.za/
Defaced: http://defaced.alldas.de/mirror/2001/05/09/www.agfa.co.za/
OS: Windows

Original: http://pc.microsoft.is/
Defaced: http://defaced.alldas.de/mirror/2001/05/09/pc.microsoft.is/
OS: Windows

Original: http://www.twbookmark.com/
Defaced: http://defaced.alldas.de/mirror/2001/05/09/www.twbookmark.com/
OS: Windows

Original: http://www.sanyo.com.mx/
Defaced: http://defaced.alldas.de/mirror/2001/05/09/www.sanyo.com.mx/
OS: Windows


[10.05.2001]

Original: http://webonair.worldonline.co.za/
Defaced: http://defaced.alldas.de/mirror/2001/05/10/webonair.worldonline.co.za/
OS: Windows

Original: http://www.quantum.it/
Defaced: http://defaced.alldas.de/mirror/2001/05/10/www.quantum.it/
OS: Windows

Original: http://www.compaq.co.jp/
Defaced: http://defaced.alldas.de/mirror/2001/05/10/www.compaq.co.jp/
OS: Windows

Original: http://www.wintek.be/
Defaced: http://defaced.alldas.de/mirror/2001/05/10/www.wintek.be/
OS: Windows


[11.05.2001]

Original: http://www.shipping.co.il/
Defaced: http://defaced.alldas.de/mirror/2001/05/11/www.shipping.co.il/
OS: Windows

Original: http://www.camelot.com/
Defaced: http://defaced.alldas.de/mirror/2001/05/11/www.camelot.com/
OS: Windows

Original: http://www.stockphotos.com.br/
Defaced: http://defaced.alldas.de/mirror/2001/05/11/www.stockphotos.com.br/
OS: Windows


[12.05.2001]

Original: http://www.datasun.com.hk/
Defaced: http://defaced.alldas.de/mirror/2001/05/12/www.datasun.com.hk/
OS: Windows

Original: http://www.chaintech.com.tw/
Defaced: http://defaced.alldas.de/mirror/2001/05/12/www.chaintech.com.tw/
OS: Windows

Original: http://www.exergy.net/
Defaced: http://defaced.alldas.de/mirror/2001/05/12/www.exergy.net/
OS: Windows

Original: http://www.twphillips.com/
Defaced: http://defaced.alldas.de/mirror/2001/05/12/www.twphillips.com/
OS: Windows

[13.05.2001]

Original: http://pmacrae.oracle.co.uk/
Defaced: http://defaced.alldas.de/mirror/2001/05/13/pmacrae.oracle.co.uk/
OS: Windows

Original: http://www.newport.com.hk/
Defaced: http://defaced.alldas.de/mirror/2001/05/13/www.newport.com.hk/
OS: Windows

----------------------------------------------------------------------------


========================================================
Advertisement - HNS Security Database
========================================================
HNS Security Database consists of a large database of security related 
companies, their products, professional services and solutions. HNS 
Security Database will provide a valuable asset to anyone interested in 
implementing security measures and systems to their companies' networks.
Visit us at http://www.security-db.com
========================================================


Questions, contributions, comments or ideas go to:
 
Help Net Security staff
 
staff@net-security.org
http://net-security.org
http://security-db.com