HNS Newsletter Issue 97 - 11.02.2002 http://net-security.org http://security-db.com This is a newsletter delivered to you by Help Net Security. It covers weekly roundups of security events that were in the news the past week. Visit Help Net Security for the latest security news - http://www.net-security.org. Subscribe to this weekly digest on: http://www.net-security.org/text/newsletter Archive of the newsletter in TXT and PDF format is available here: http://www.net-security.org/news/archive/newsletter Table of contents: 1) General security news 2) Security issues 3) Security world 4) Featured products 6) Security software ====================================================== Free Webshield e500 Info Kit ====================================================== Configure and forget with McAfee Webshield e500 appliance, scan all potential virus-carrying protocols, even POP3. McAfee's Webshield e500 makes gateway defense instant. ====================================================== Click for more: http://www.net-security.org/ad/nai ====================================================== General security news --------------------- ---------------------------------------------------------------------------- SECURITY NOT JUST A MICROSOFT PROBLEM Neil Holloway, MD of Microsoft (UK), has defended his company's reputation on security arguing that the whole IT industry needs to put its house in order. Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.silicon.com/a50973 HACKTIVISTS CLAIM COUP AGAINST GLOBAL LEADERS SITE Hacktivists have been blamed for cutting off access to the Web site of the World Economic Forum. The DoS attack against weforum.org began on the first day of the five-day conference in New York and continued during the course of the meeting, Reuters reports. Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.theregister.co.uk/content/55/23928.html CASTLES BUILT ON SAND: WHY SOFTWARE IS INSECURE Software developers spend endless hours developing sophisticated programs that will make users' lives easier and more productive. Unfortunately, the outcome is not always what the developers had in mind. Many software programs are plagued by programming flaws that may lead to security vulnerabilities. This article will offer a brief overview of some of the factors that may contribute to insecure software. Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.securityfocus.com/infocus/1541 BUSINESSES KEEP SPENDING ON SECURITY Although IT expenditures for other areas are either staying level or being slashed, more money continues to be directed toward the defense of company networks. Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.informationweek.com/story/IWK20020124S0004 BEEFING UP 802.11B SECURITY A fix for security flaws in the 802.11a and 802.11b wireless networking standards has moved closer to reality with the release of a draft for a specification that addresses the problem. Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.pcworld.com/news/article/0,aid,82563,00.asp USING ACTIVE FTP CLIENTS THROUGH AN OPENBSD 3.0 FIREWALL With release 3.0 the OpenBSD project replaced Darren Reed's ipf software with the more license friendly pf filtering software. While pf and ipf are very similar in overall design, there are many subtle differences bewteen the two. This paper will focus on one particular difference between the two, how to allow outbound active FTP access from clients protected by an OpenBSD 3.0 firewall. Link: http://www.deadly.org/article.php3?sid=20020130012631 PALM TO PREVIEW MORE ADVANCED, SECURE OS Palm plans to show developers a test version of a new Palm operating system designed to make handhelds more powerful and secure, as well as better able to connect to wireless and corporate networks. Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://news.zdnet.co.uk/story/0,,t269-s2103715,00.html STUDIES SHOW CONTINUED GROWTH FOR IT SECURITY INDUSTRY Two reports suggest that the IT security industry is going to see across- the-board growth in the next few years. In separate reports released by IDC and Dataquest, both lauded the growth potential for different sectors in the IT security market, including services and software. Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.computerworld.com/storyba/0,4125,NAV47_STO68006,00.html HEURISTIC TECHNIQUES IN AV SOLUTIONS: AN OVERVIEW Heuristic technologies can be found in nearly all current anti-virus solutions and also in other security-related areas like intrusion detection systems and attack analysis systems with correlating components. This article will offer a brief overview of generic heuristic approaches within AV solutions with a particular emphasis on heuristics for Visual Basic for Applications-based malware. Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.securityfocus.com/infocus/1542 ANALYZE THIS! Network forensics analysis tools (NFATs) reveal insecurities, turn sysadmins into systems detectives. Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.infosecuritymag.com/2002/feb/cover.shtml THE ENCRYPTED JIHAD We can't stop terrorists from using uncrackable codes. So we shouldn't even try. Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.salon.com/tech/feature/2002/02/04/terror_encryption/index.html UPGRADE YOUR MIRC The upgrade of the Internet Relay Chat (IRC) software, mIRC, plugs a security hole which could let someone take control of your computer. Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://news.bbc.co.uk/hi/english/sci/tech/newsid_1801000/1801015.stm NASA HACKER GETS 21 MONTHS Jason Allen Diekman, who admitted hacking into computers at NASA, Oregon State University and an Internet service provider has been sentenced to 21 months in federal prison and ordered to pay nearly $88,000 in restitution. Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.securityfocus.com/news/321 NETEGRITY EYES SECURE PORTALS Eyeing an emerging need for an administration layer spanning multiple portals and applications throughout the enterprise, Netegrity is combining its security and identity management tools with portal infrastructure to create a layer for managing and securing access to disparate resources and services. Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.infoworld.com/articles/hn/xml/02/02/05/020205hnnetegrityuse.xml SOLARIS 8 SECURITY BOOK REVIEW Anyone looking for a well-focused book on Solaris security should take a look at Solaris 8 Security. It’s an excellent starting point, and at fewer than 200 pages, it provides a really good introduction to Solaris security without wasting readers’ time, money, or trees. Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.unixreview.com/documents/uni1012929205339 GAO FINDS SECURITY RISKS AT TREASURY The General Accounting Office found significant risk of fraud, unauthorized disclosure and modification of sensitive data and applications, misuse or damage to computer resources, and disruption of critical operations, according to a GAO report. Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.informationweek.com/story/IWK20020205S0004 SMARTCARD USAGE INCREASING We have two obsessions that make the use of smartcard technology an easy solution - security and personalisation. Whatever we do, wherever we go, we want an easy mechanism that will authenticate us as who we say we are and then to deliver the solution exactly as we like it. Link: http://www.it-director.com/article.php?id=2576 LINUX SECURITY AUDITING TO GET A BOOST Funded by the Defense Advanced Research Project Agency, the Sardonix Audit Portal aims to be the one-stop portal for organizing the efforts of critical code reviewers everywhere and boost the frequency with which programmers critique the code of others. Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://news.com.com/2100-1001-830130.html OUTSIDE HACKERS VS. THE ENEMY WITHIN: WHO'S WORSE? The 2001 Computer Crime and Security Survey from the Federal Bureau of Investigation and the Computer Security Institute makes it clear that cybercrime is on the rise. But for the first time, according to survey respondents, incidents precipitated by outside hackers outnumbered those originated by internal threats. Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.newsfactor.com/perl/story/16157.html ORACLE SHAKY ON 9I SECURITY VOW A security researcher will detail a bevy of software flaws in Oracle's flagship database at the Black Hat Windows Security Briefings in New Orleans, busting up the company's promise that the program is "unbreakable." Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://news.com.com/2100-1001-831142.html INTRO TO CFENGINE FOR SYSTEM ADMINISTRATION Cfengine (configuration engine) is a UNIX administration tool that aims to make the easy administrative tasks automatic, and the hard tasks easier. Its goal is system convergence from any state towards an ideal state. In this article, Ted acquaints you with this unique system administration tool by demonstrating some simple uses of cfengine. Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www-106.ibm.com/developerworks/linux/library/l-cfe.html SECURITY REARS ITS UGLY HEAD For all the pro-Web services enthusiasm here at Forrester's conference, serious security- and trust-related concerns emerged as a common theme. Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.infoworld.com/articles/hn/xml/02/02/06/020206hnsecurity.xml THE PENGUIN BITES BACK AT WINDOWS Certain distros of Linux suffered more security vulnerabilities than Windows last year. But since all Linux distributions use the same kernel, figures cannot be aggregated for the open source OS. Confusion has resulted from the fact that Linux distros typically ship with bundles of applications, which may also be prone to vulnerabilities. Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.vnunet.com/News/1128950 2002 FIRST CONFERENCE REGISTRATION OPEN Roger Safian posted to ISN mailing list - "We are now ready to accept registrations for the 2002 FIRST conference. We are just finalizing the program, and should have it on the website in the next couple of weeks, but, since we had a record number of submissions, the conference is shaping up to be one of our best." Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.first.org/conference/2002 NEW YORK PRESSES "FREE-SPEECH" LAWSUIT AGAINST NAI The New York State attorney general has charged that Network Associates is violating consumers' First Amendment right to free speech because legal language pinned to most of the vendor's software diskettes demands that no benchmarking or public reviews be done without Network Associates' consent. Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.nwfusion.com/news/2002/0207nysnai.html HOUSE TO SPEND MORE ON COMPUTER SECURITY The House of Representatives voted on Thursday to dramatically boost federal spending on computer security, authorizing $880 million over five years for research, scholarships and other incentives. Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://zdnet.com.com/2100-1105-832240.html INDIAN IT FIRMS EYE E-SECURITY MARKET Indian software firms are looking at a $50 billion business opportunity to help global companies protect their data from terrorist or hacker attacks. Link: http://www.timesofindia.com/articleshow.asp?art_id=812798081 ENCRYPTION LEAVES DES BEHIND Nothing moves fast in the world of encryption, which may help explain why the U.S. is only now about to leave 56-bit DES behind for new encryption schemes. Link: http://www.net-security.org/cgi-bin/news.cgi?url=http://www.techweb.com/tech/security/20020206_security ---------------------------------------------------------------------------- ======================================================== Sponsored by GFI, the developers of a revolutionary new intrusion detection product - LANguard Security Event Log Monitor. Download your copy! http://www.net-security.org/cgi-bin/ads/ads.pl?banner=gfitxt ======================================================== Security issues --------------- All vulnerabilities are located at: http://net-security.org/text/bugs ---------------------------------------------------------------------------- VULNERABILITY IN ALL VERSIONS OF DCFORUM When a user requests a new password for his account, a new password is generated and sent to the requester (anyone that knows the username+ email information, which is usually available in "user profile"). The problem is that the password is simply the first 6 characters of the user's SessionID, which is, of course, known to anybody who knows how to see a value in a cookie. Hence every user in the world can come to the board, request a new password for someone, and then login with that username + 6 first characters of the SessionID from the cookie. Link: http://www.net-security.org/text/bugs/1012844000,79619,.shtml MRTG CGI SCRIPT "SHOW FILES" VULNERABILITY Problem lyes in incorrect validation of user submitted by browser information, that can show first string of any file of the system where script installed. Link: http://www.net-security.org/text/bugs/1012844058,59283,.shtml KICQ 2.0.0B1 CAN BE REMOTELY CRASHED KICQ can be remotely crashed in a very simple way. Just telnet the machine on wich KICQ is running on the port it's bound and feed some garbage. Link: http://www.net-security.org/text/bugs/1012844110,95181,.shtml SCREENOS 2.6 SUBJECT TO TRUST INTERFACE DOS The ScreenOS is the heart of the NetScreen products. This allows for the firewall configuration/management. Apparently all versions before ScreenOS 3.1 are affected. This vulnerability can only occur from within the "trusted" network, or from a machine connected to the "trust" interface. External attempts will not cause any problems/DoS. Link: http://www.net-security.org/text/bugs/1012844139,71361,.shtml USING MSN MESSENGER FOR OBTAINING PERSONAL INFO MSN Messenger (and Windows Messenger on XP) can be used to obtain personal information about a user from any website (in any domain). Using JavaScript a user's display name can be obtained from Messenger, as well as the display names of all their contacts. For users who have a sensible and accurate display name this should be considered a privacy issue. (Note: anyone who has not set a display name at all, will reveal their email address instead.) Link: http://www.net-security.org/text/bugs/1012911142,77540,.shtml BUFFER OVERRUN IN MIRC A security vulnerability has been found in the popular IRC client mIRC. The flaw allows a rogue/hacked IRC server to execute arbitary code on the victims machine. Allowing the attacker to gain full control of the victims computer. This bug affects all versions of mIRC upto and including version 5.91. Link: http://www.net-security.org/text/bugs/1012911376,98709,.shtml MRTG PATH DISCLOSURE VULNERABILITY If an attacker submits a web request containing unexpected arguments for script variables, an error message will be displayed containing the path to the webroot directory of the server running the Mrtg cgi script. Link: http://www.net-security.org/text/bugs/1012911442,1233,.shtml VULNERABILITY IN BLACK ICE DEFENDER The current version of BlackICE Defender (2.9.caq and 2.9.cap) running on a Windows 2000 machine can be remotely crashed using a very basic ping flood. Link: http://www.net-security.org/text/bugs/1012911597,7851,.shtml LOTUS DOMINO WEBSERVER DOS-DEVICE DOS The Domino Webserver does not handle URL request for DoS-Devices correctly. This vulnerability can be exploited by a malicious user to bring down the webserver. Link: http://www.net-security.org/text/bugs/1012911733,59264,.shtml ESHARE EXPRESSIONS SERVER ARBITARY FILE VIEWING There is a bug in Expressions server where you can view any file on the drive that the server is installed on by using simple ../../ Link: http://www.net-security.org/text/bugs/1012991957,69516,.shtml VULNERABILITIES IN ASTARO SECURITY LINUX 2.016 Astaro develops and distributes the firewall solution Astaro Security Linux. Astaro Security Linux offers extensive protection for local networks against hackers, viruses and other risks of connecting to the Internet. Astaro Security Linux is distributed by a worldwide network of partners who offer local support regarding installation and maintenance. Link: http://www.net-security.org/text/bugs/1012992814,80094,.shtml TEXIS(CGI) PATH DISCLOSURE VULNERABILITY The texis program executes files written in Texis Web Script (aka Vortex), an HTML-based, server-side scripting language developed by Thunderstone. It can be invoked from the command line, or as a CGI from the web server. Specifying an invalid path to a script causes texis to reveal the full path to the webroot. In some cases texis will reveal system specific information such as operating system and processor type. Link: http://www.net-security.org/text/bugs/1013086834,27175,.shtml REMOTE COMPROMISE IN ORACLE 9I DATABASE SERVER Attackers can execute any function in any library remotely on a system running Oracle's database server without a user ID or password. Link: http://www.net-security.org/text/bugs/1013087001,97566,.shtml MULTIPLE BUFFER OVERFLOWS IN ORACLE 9IAS There are multiple buffer overflows in the PL/SQL module for Oracle Application Server running on Apache web servers that allow the execution of arbitary code. A non-overflow DoS also exists. Link: http://www.net-security.org/text/bugs/1013087045,62534,.shtml JSP TRANSLATION FILE ACCESS UNDER ORACLE 9IAS The web service with Oracle 9iAS is powered by Apache and provides many application environments with which to offer services from the site. These include SOAP, PL/SQL, XSQL and JSP. A security issue exists in the OracleJSP environment where an attacker can get access to the source code of the of the translated JSP page. There is a second issue relates to an attacker gaining access to the globals.jsa contents. Link: http://www.net-security.org/text/bugs/1013087126,50994,.shtml WEB BROWSERS AND EXTENDED HTML FORM ATTACK A malicious user can create a form which is submitted by the victim (automatically using Active Scripting or manually using Social Engineering). This form can cause a non-HTTP service to echo back JavaScript commands which in turn allow the malicious user to steal the cookie for that domain. There are more uses for this attack, other than just stealing cookies. Link: http://www.net-security.org/text/bugs/1013168834,68612,.shtml WINDOWS BASED PHP LEAKS TRUE PATH PHP for Windows reveals the true path where the program was installed. This would be considered in most cases sensitive information. Link: http://www.net-security.org/text/bugs/1013169048,50454,.shtml ---------------------------------------------------------------------------- ======================================================== HNS Security Database ======================================================== HNS Security Database consists of a large database of security related companies, their products, professional services and solutions. HNS Security Database will provide a valuable asset to anyone interested in implementing security measures and systems to their companies' networks. Visit us at http://www.security-db.com ======================================================== Security world -------------- All press releases are located at: http://net-security.org/text/press ---------------------------------------------------------------------------- UTIMACO PARTNERS WITH OBERTHUR CARD SYSTEMS Utimaco Safeware and Oberthur Card Systems have signed a Technology Partnership agreement to enable close integration of Oberthur's smartcards into Utimaco's PKI enabled applications. Utimaco views this partnership as an important step forward in its strategy to combine its digital signature applications with first rate security devices and professional services for card production and personalization. Utimaco has been a pioneer of the use of smartcard technology in security applications, since the late eighties. Press release: < http://www.net-security.org/text/press/1012843122,59883,.shtml > ---------------------------------------------------------------------------- SAFEWEB RELEASES SEA TSUNAMI SafeWeb, Inc., a leading provider of Web-based security and privacy technologies, announced the release of its new enterprise product, the SEA Tsunami. The first of SafeWeb's Secure Extranet Appliances (SEA), the SEA Tsunami greatly simplifies the task of securing corporate network resources with a low-cost solution that builds on the strength and reliability of SafeWeb's proven core technology. Press release: < http://www.net-security.org/text/press/1012843411,45737,.shtml > ---------------------------------------------------------------------------- TWENTY-EIGHT PRODUCTS PASSED ICSA Q4 2001TESTS ICSA Labs, an independent division of TruSecure Corporation, the leader in information security assurance, announced that it has certified twenty-eight, IPSec, firewall, anti-virus and PC firewall products in Q4 2001 that meet the industry’s most stringent testing criteria. The ICSA Labs’ Certification Program provides assurance to the user community that Certified products meet industry-accepted product standards worldwide. Press release: < http://www.net-security.org/text/press/1012908219,74066,.shtml > ---------------------------------------------------------------------------- UTIMACO SAFEWARE HIGHLIGHTS AT CEBIT 2002 At CeBIT 2002, (13th to 20th March), Utimaco Safeware is presenting innovative technologies and solutions, providing professional IT security for companies and government bodies. Press release: < http://www.net-security.org/text/press/1012908310,1467,.shtml > ---------------------------------------------------------------------------- KASPERSKY LABS TOP LIST FOR JANUARY 2002 Kaspersky Labs presents the latest top-20 list of the most wide-spread malicious programs in January 2002. The numbers represent the percentage of infections caused by certain malicious programs in the overall number of virus incidents reported to Kaspersky Labs during January 2002. Press release: < http://www.net-security.org/text/press/1012908423,71077,.shtml > ---------------------------------------------------------------------------- TOP 10 VIRUSES REPORTED TO SOPHOS IN JANUARY 2002 This is the latest in a series of monthly charts counting down the ten most frequently occurring viruses as compiled by Sophos, a world leader in corporate anti-virus protection. Press release: < http://www.net-security.org/text/press/1012908562,64872,.shtml > ---------------------------------------------------------------------------- DATAKEY AND RAINBOW TEAM UP ON $1.2 MILLION ORDER Datakey Inc., the leading U.S.-based developer of smart card technology for securing e-business, and Rainbow eSecurity, a Rainbow Technologies, Inc. company and leading provider of digital content and transaction security solutions, announced a $1.2 million order for iKey USB authentication tokens and software for an international government agency. This order is expected to ship by the end of the first quarter of 2002. Government employees will use the iKey for secure e-mail applications. Press release: < http://www.net-security.org/text/press/1012991326,903,.shtml > ---------------------------------------------------------------------------- BORDERWARE FIREWALL SERVER V6.5 GETS EAL4 BorderWare Technologies Inc. (BTI) announced that the BorderWare Firewall Server V6.5 has successfully gained Common Criteria Certification at Evaluation Assurance Level 4 (EAL4). Press release: < http://www.net-security.org/text/press/1013086023,59794,.shtml > ---------------------------------------------------------------------------- GFI'S MAIL ESSENTIALS PROTECTS SCHUFF INTERNATIONAL Schuff International protects its "lifeline" email system using GFI's Mail essentials for Exchange to block email viruses, exploits, HTML scripts and potentially malicious attachments before they can affect its mail servers and users. This deployment is detailed in a newly issued Exchange Server 2000 Customer Solution report published by Microsoft Corp. Press release: < http://www.net-security.org/text/press/1013168612,38617,.shtml > ---------------------------------------------------------------------------- SOPHOS SELECTED BY DOMINO'S PIZZA GROUP Sophos, a world leader in corporate anti-virus protection, announced that it has been selected by Domino's Pizza Group, the UK and Irish master franchisee of the world's leading pizza delivery company, to defend almost 240 stores against malicious code. Press release: < http://www.net-security.org/text/press/1013168701,28471,.shtml > ---------------------------------------------------------------------------- ======================================================== Help Net Security T-Shirt available ======================================================== Thanks to our affiliate Jinx Hackwear we are offering you the opportunity to wear a nifty HNS shirt :) The image speaks for itself so follow the link and get yourself one. Get one here: http://207.21.213.175:8000/ss?click&jinx&3af04db0 ======================================================== Featured products ------------------- The HNS Security Database is located at: http://www.security-db.com Submissions for the database can be sent to: staff@net-security.org ---------------------------------------------------------------------------- HP IPSEC/9000 HP IPSec/9000 provides secure, private communication over the Internet and within the enterprise without having to modify a single application. Along with authentication, data integrity, and confidentiality, IPSec/9000 offers protection against replays, packet tampering, and spoofing - and it keeps others from intercepting critical data such as passwords and credit card numbers sent over the Internet. Whether or not a public key infrastructure (PKI) has been implemented, HP IPSec/9000 easily integrates into the existing enterprise infrastructure. It has the flexibility to create an authenticated tunnel, using either digital certificates from Entrust and Verisign or self-generated pre-shared keys. Read more: < http://www.security-db.com/product.php?id=707 > This is a product of HP Internet Security, for more information: < http://www.security-db.com/company.php?id=156 > ---------------------------------------------------------------------------- USIMERA USIMERA is a universal Java SIM card, giving mobile operators enormous flexibility today and a proven platform for the new generation of services. It supports traditional 2G Phase2+ SIM Tool Kit -based value added services is ready for CDMA and TDMA network roaming support. All designed to build loyalty and reduce churn while maximising revenues from the 2G subscriber base. Conformance to 3G standards and a powerful Java engine support the rapid development of next generation services. Read more: < http://www.security-db.com/product.php?id=442 > This is a product of Schlumberger Smart Cards & Terminals, for more information: < http://www.security-db.com/company.php?id=99 > ---------------------------------------------------------------------------- MITHRIL SECURE SERVER The Mithril Secure Server does not require the installation of any additional computers or servers. Tovaris installs it for each client as a complete solution that only requires administration of user information. Supported Servers - Any RFC/standards compliant SMTP, IMAP or POP3 server (SSL recommended) - IMAP/POP3 Servers - UNIX/Linux: UW-IMAP, Cyrus - Domino Mail Server - Exchange - SMTP Servers - Exchange - Qmail - Sendmail Supported Clients - Any RFC/standards compliant SMTP, IMAP or POP 3 client (SSL recommended) - Lotus Notes Client - Netscape Messenger (Windows, Macintosh, UNIX) - Outlook (Windows) - Outlook Express (Windows, Macintosh) PKI Components - SecureTier access - transparent public key look-ups and retrievals - message verification - public key management - 100 Digital IDs (additional blocks of Digital IDs available) Read more: < http://www.security-db.com/product.php?id=741 > This is a product of Tovaris, Inc., for more information: < http://www.security-db.com/company.php?id=168 > ---------------------------------------------------------------------------- NETWITNESS TECHNOLOGY The Forensics Explorers have leveraged their experience building analysis systems for the US Intelligence Community to build the most advanced and comprehensive Network Forensic analysis system in existence, NetWitness. By applying data warehousing and data mining to network heuristics gathered from existing and custom sensors, NetWitness is able to extract passive network information ignored by the most commercial network security systems. NetWitness is available through licensing to provide value added services and information to your security operations. Read more: < http://www.security-db.com/product.php?id=776 > This is a product of Forensics Explorers, for more information: < http://www.security-db.com/company.php?id=180 > ---------------------------------------------------------------------------- Security Software ------------------- All programs are located at: http://net-security.org/various/software ---------------------------------------------------------------------------- COMPLETE CLEANUP V4.4 This program is the complete solution. It will tell you file statistics and will give you a chance to delete cookie files, history files, cache files, ActiveX controls, java applets, url locations, locked index files, and various other unwanted files from your pc. It also cleans up various non-internet files, including your "recent documents" list, your temp files folder, excess index files, various registry entries, previous file "run history", previous file "find history" and more. Normal deletes using the browsers will leave files in a state where they can be recovered, as numerous recover utilities are available on the net, but the secure file wiping feature of Complete Cleanup will render the file unrecoverable and permanently deleted. Not only will this help protect your privacy, but it will also free up alot of your extra disk space, helping keep your system at peak performance. Info/Download: < http://www.net-security.org/various/software/1013428417,34463,windows.shtml > ---------------------------------------------------------------------------- PC SPY 2.32 Secretly monitor what is being viewed on your computer while you are away. This software allows you to capture and save screen images while you are away from your computer, showing you exactly what was being viewed on your computer at specific times. PC Spy runs completely hidden in the background, as it is not visible in the task list when pressing CTRL-ALT-DEL (95/98/ME), and all captured screens are not viewable with any normal viewer, but only with PC Spy. You simply select the start time, how many screens to save, and how often to capture the screens, and this is all done without any notice to the user. There is even a picture compression level to set which allows you to save disk space on captured screens. This software is stand alone and runs in memory, so it can be run from a diskette, leaving no trace of the software on the computer for anyone to get suspicious. Info/Download: < http://www.net-security.org/various/software/1013428658,21176,windows.shtml > ---------------------------------------------------------------------------- PROGRAM LOCK PRO V2.01 Lock and unlock any program on your pc so it cannot be used. You can also choose your own message to display if anyone attempts to run one of your locked programs. Includes password protection so only you can unlock the program when you are ready to use it. Allows the entire PC to remain active and running, and it only locks and prevents access to the programs that you specify. Info/Download: < http://www.net-security.org/various/software/1013428805,37306,windows.shtml > ---------------------------------------------------------------------------- PASSWORD KEEPER PRO Store and keep track of all your passwords securely on your pc or diskette with this advanced password manager. This also includes an option to store all your password data on diskette rather then your pc, which is the only guarantee that your password or personal data will be safe when surfing the internet. You can add, update, and delete from your password list, and click to go directly to the website to enter your password. An option for storing on a diskette is included, so even if your system is stolen, compromised, or hacked into over the internet or through your modem, your password data always remains safe since your personal data is not stored on your pc. Info/Download: < http://www.net-security.org/various/software/1013429057,83121,.shtml > ---------------------------------------------------------------------------- Questions, contributions, comments or ideas go to: Help Net Security staff staff@net-security.org http://net-security.org http://security-db.com