HNS Newsletter Issue 128 - 23.09.2002 http://net-security.org This is a newsletter delivered to you by Help Net Security. It covers weekly roundups of security events that were in the news the past week. Visit Help Net Security for the latest security news - http://net-security.org. ----------------------------------------------------------------- *** ALERT! *** ALL OF THE FOLLOWING APPLICATIONS ARE VULNERABLE TO ATTACK!: *** Oracle *** Microsoft SQL Server *** Sybase *** Lotus Domino QUESTION: How Vulnerable are Your Applications? ANSWER: Find out by downloading AppDetective from: ******* http://www.appsecinc.com/products/#pentest AppDetective will DISCOVER Rogue Installations; Perform Zero Knowledge PENETRATION TESTS without Administrative Rights; and Perform In-Depth SECURITY AUDITS from the Inside-Out without Agents. DOWNLOAD YOUR FREE EVALUATION VERSION TODAY FROM: http://www.appsecinc.com/products/#pentest ----------------------------------------------------------------- Table of contents: 1) Security news 2) Vulnerabilities 3) Advisories 4) Articles 5) Security world 6) Security software 7) Virus news [ General security news ] ---------------------------------------------------------------- HOW NIMDA CHANGED COMPUTER SECURITY One year ago this week, the prolific worm started spreading - and IT managers are still struggling to stop it. >> http://www.net-security.org/news.php?id=1026 LINUX WORM HITS THE NETWORK "Slapper," a Linux server worm whose goal is to create a P2P attack network, is on the loose and has infected thousands of machines. >> http://www.net-security.org/news.php?id=1027 SPAMSHIELD: A PERL-BASED SPAM FILTER FOR SENDMAIL As system administrators work to build sophisticated roadblocks, spammers continue to find ways to knock them down. This article will focus on one viable solution, SpamShield version 1.40. >> http://www.net-security.org/news.php?id=1028 PARANOID PENGUIN: STEALTHFUL SNIFFING, INTRUSION DETECTION AND LOGGING Attackers can't rewrite your log files if they can't connect to the log server. Learn the ways of stealth. >> http://www.net-security.org/news.php?id=1029 THE COMING VIRUS ARMAGEDDON In addition to being stealthy, experts said, the ultimate computer virus would be polymorphic - able to change its code, message and form to avoid detection. >> http://www.net-security.org/news.php?id=1030 JOEL CARTER, CYBER-WARRIOR In a fortified lab in the heart of the British Columbia Institute of Technology's Burnaby campus, 21-year-old Joel Carter stands on guard in the new fight against high-tech terrorism. >> http://www.net-security.org/news.php?id=1031 PRIVACY LOSSES AROUND THE WORLD One year after September 11, personal privacy is an international casualty in the war on terror. >> http://www.net-security.org/news.php?id=1032 IDLE SCANNING AND RELATED IPID GAMES There's an Idlescan implementation in recent versions of Nmap. This paper describes the technique in detail and offers defenses that can be used to mitigate the vulnerability. >> http://www.net-security.org/news.php?id=1033 WHITE HOUSE SLOWS CYBERSECURITY PLANNING The Bush administration will not unveil the final version of a national cybersecurity plan this Wednesday, saying it wants to gather more input from the technology industry. >> http://www.net-security.org/news.php?id=1036 INSTALLING NAGIOS Nagios is a system and network monitoring application. It watches hosts and services that you specify, alerting you when things go bad and when they get better. >> http://www.net-security.org/news.php?id=1037 THE INTERNET AFTER 9/11: LEAVE IT OPEN The Internet is but one avenue to information. As with all others, putting up roadblocks and barriers to accessing it is equivalent to burning books, and about as useful. >> http://www.net-security.org/news.php?id=1038 PROBE INTO WIRELESS NETWORK HACKING SUSPENDED Harris County Attorney Mike Stafford has suspended his investigation into a security gap discovered earlier this year in a county-run wireless computer network. >> http://www.net-security.org/news.php?id=1039 DON'T YOU KNOW WHO I AM? There are many aspects to the whole area of security - but one where the technology just gets better and better is the issue of identity. >> http://www.net-security.org/news.php?id=1040 FEDS CONSIDERING TERRORISM LIABILITY PROTECTIONS FOR VENDORS Congress is moving closer to limiting the liability of IT vendors that sell to federal, state and local governments by allowing Uncle Sam to insure systems that fail to stop terrorists from causing havoc. >> http://www.net-security.org/news.php?id=1041 NEW AES CRYPTO STANDARD BROKEN ALREADY? Theoretical attacks against AES (Advanced Encryption Standard) winner Rijndael and runner-up Serpent have been published. They might work in the practical world; they might not. >> http://www.net-security.org/news.php?id=1042 SECURITY EXPERTS DIVIDED ON SLAPPER'S THREAT Experts are divided on how big a threat Slapper poses to the Internet infrastructure as a whole. >> http://www.net-security.org/news.php?id=1043 PRIVACY LEAK REPORTED IN MOZILLA-BASED BROWSERS A "serious" privacy leak in Mozilla and other browsers based on the open-source technology, such as Netscape and Galeon, discloses users' Web surfing information. >> http://www.net-security.org/news.php?id=1044 SQL YUKON A MAJOR SECURITY CONCERN Users should hold off deploying Microsoft's next version of SQL Server until the first service pack because of major security concerns, analysts have warned. >> http://www.net-security.org/news.php?id=1046 CA INTEGRATES ETRUST TOOLS Computer Associates International Inc. announced a new security console designed to integrate its various eTrust technologies and support the company's new "holistic" security strategy. >> http://www.net-security.org/news.php?id=1047 AN INTRODUCTION TO ON-ACCESS VIRUS SCANNING, PART TWO This article will explore some of the strategies that virus writers have adopted to circumvent on-access scanners and the ways that anti-virus developers are in turn reacting to those changes. >> http://www.net-security.org/news.php?id=1048 CYBERSECURITY PLAN TO OFFER TIPS, NOT RULES A White House panel studying ways to protect America's high-tech backbone has dropped several security ideas and turned others into topics for discussion rather than government mandates. >> http://www.net-security.org/news.php?id=1049 STATE-LEVEL SECURITY Scott McPherson started to think about cyberterrorism and possible security breaches long before the terrorist attacks last year. >> http://www.net-security.org/news.php?id=1051 AIRPORT WLANS LACK SAFEGUARDS While U.S. airlines and airports have beefed up physical security during the past year, wireless LANs continue to be potential IT security problems for some airports, according to an informal audit. >> http://www.net-security.org/news.php?id=1052 SECURING LINUX FROM DOS ATTACKS Linux has a great firewall that allows you to secure in some way from DoS attacks. >> http://www.net-security.org/news.php?id=1053 SCALABLE JAVA SECURITY WITH JAAS AS, the Java Authentication and Authorization Service API, provides flexible and scalable mechanisms for securing your client- and server-side Java applications. >> http://www.net-security.org/news.php?id=1054 IBM STEPS UP WEB SERVICES SECURITY IBM plans to add to its products new software that should make Web services applications more secure. >> http://www.net-security.org/news.php?id=1056 USER ACCESS CHAOS NEEDS LIFE CYCLE MANAGEMENT Interest in the user management market is growing rapidly, but Global 2000 organizations are struggling to define the space. >> http://www.net-security.org/news.php?id=1057 A GATHERING OF BIG CRYPTO BRAINS Every year, a select group of digital security and cryptography experts convene for a meeting of the minds. Canned presentations are abandoned - and then the fun begins. >> http://www.net-security.org/news.php?id=1058 HOME LANS RISK ACCIDENTAL HACKS Small businesses and home networkers are at risk from hackers - but some intrusions into a wireless network may be unintended. >> http://www.net-security.org/news.php?id=1059 FALUN GONG 'TV HACKERS' ON TRIAL Members of the Falun Gong spiritual movement have gone on trial in China, charged with hacking into a cable television network and broadcasting pro-Falun Gong messages. >> http://www.net-security.org/news.php?id=1060 DETECTING AND REMOVING TROJANS AND MALICIOUS CODE FROM WIN2K The purpose of this article is to recommend steps that an administrator can use to determine whether or not a Win2K system has been infected with malicious code or "malware" and, if so, to remove it. >> http://www.net-security.org/news.php?id=1061 IDENTITY THEFT: FACT AND FICTION Filching someone else's good name through identity theft can significantly enrich the criminal and impoverish the victim. >> http://www.net-security.org/news.php?id=1062 WINDOWS 2000 ADVANCED SERVER SYSTEM COMPROMISE REPORT This is a comprehensive compromise report written by Curt R. Wilson - Netw3 Security Research. >> http://www.net-security.org/news.php?id=1063 WARCHALKING IS THEFT, SAYS NOKIA Warchalking, the technique of highlighting areas where wireless networks can be accessed freely, has been blasted as theft. >> http://www.net-security.org/news.php?id=1064 LINUX ROOTKIT HACKER SUSPECT ARRESTED IN UK A 21-year old from Surbiton, Surrey has been arrested on suspicion of writing and distributing the T0rn rootkit, which dumbs down the process of hacking Linux servers. >> http://www.net-security.org/news.php?id=1066 LINUXCERTIFIED ANNOUNCES ITS NETWORK SERVICES BOOTCAMP LinuxCertified, Inc., will offer its next Linux Network Services Bootcamp, on October 5th - 6th, 2002 in San Francisco bay area (south bay). All students get a free Linux laptop! >> http://www.net-security.org/news.php?id=1067 OPEN-SOURCE GROUP GETS SUN SECURITY GIFT Sun Microsystems has donated new cryptography technology to OpenSSL, an open-source project at the heart of many secure transactions on the Internet. >> http://www.net-security.org/news.php?id=1068 SLAPPED SILLY In this article, Jon Lasser writes about the lessons he learned from falling prey to the latest Linux virus... >> http://www.net-security.org/news.php?id=1069 SECURITY SPENDING SURVEY While most security dollars go to technology, CIOs in this survey say investments in staff - and education efforts to guide them - must back up that robust firewall. >> http://www.net-security.org/news.php?id=1070 SECURITY CONTROLS TruSecure has come up with a risk assessment philosophy that it says focuses on real-world threats. >> http://www.net-security.org/news.php?id=1071 US .GOV INFO RESTRICTED OVER ATTACKER FEARS VeriSign has stopped providing access to information about the .gov internet domain, which is restricted to US government bodies, over concerns the data could be used in planning internet attacks. >> http://www.net-security.org/news.php?id=1073 BUSINESS BREACHES TRIGGER SECURITY ALARM Two-thirds of companies suffered an IT security breach in the last year - but less than half reported it to the police. >> http://www.net-security.org/news.php?id=1074 HOW WAS RIAA WEB SITE HACKED? The Register carried on a story from the popular defacement mirror Zone-H, which lets us know how RIAA web site got hacked. >> http://www.net-security.org/news.php?id=1076 ---------------------------------------------------------------- ----------------------------------------------------------------- RSA CONFERENCE 2002, PARIS, 7 - 10 OCTOBER ----------------------------------------------------------------- Join over 1,000 security minded professionals at Europe's premiere e-security conference. If you are involved in information security as a developer, engineer, IT professional, or government official, this event is designed for you. http://www.rsaconference.net/paris/ ----------------------------------------------------------------- [ Vulnerabilities ] All vulnerabilities are located here: http://www.net-security.org/archive_vuln.php ---------------------------------------------------------------- IBM Websphere Large Header Denial of Service Vulnerability >> http://www.net-security.org/vuln.php?id=2059 Microsoft Windows XP Remote Desktop Denial of Service Vulnerability >> http://www.net-security.org/vuln.php?id=2058 Microsoft Windows Remote Desktop Protocol Checksum and Keystroke Vulnerabilities >> http://www.net-security.org/vuln.php?id=2057 DB4Web TCP-Connection Risk >> http://www.net-security.org/vuln.php?id=2056 OSF1/Tru64 3.x Multiple Security Vulnerabilities >> http://www.net-security.org/vuln.php?id=2055 Firewall-1 HTTP Security Server Proxy Vulnerability >> http://www.net-security.org/vuln.php?id=2054 Cisco VPN 5000 Client Multiple Vulnerabilities >> http://www.net-security.org/vuln.php?id=2053 DB4Web File Disclosure Vulnerability >> http://www.net-security.org/vuln.php?id=2052 FreeBSD Ports libkvm Security Vulnerabilities >> http://www.net-security.org/vuln.php?id=2051 Opera v6.01 build 175 for Linux and Konqueror v2.1.1 Vulnerabilities >> http://www.net-security.org/vuln.php?id=2050 Lycos HTMLGear Guestbook Script Injection Vulnerability >> http://www.net-security.org/vuln.php?id=2049 Planet Web Software Buffer Overflow Vulnerability >> http://www.net-security.org/vuln.php?id=2048 Sygate Personal Firewall IP Spoofing Vulnerability >> http://www.net-security.org/vuln.php?id=2047 Savant Web Server Multiple Vulnerabilities >> http://www.net-security.org/vuln.php?id=2046 Enterasys SSR8000 Denial of Service Vulnerability >> http://www.net-security.org/vuln.php?id=2045 BRU Workstation 17.0 Race Condition >> http://www.net-security.org/vuln.php?id=2044 ht://Check Cross Site Scripting >> http://www.net-security.org/vuln.php?id=2043 ---------------------------------------------------------------- [ Advisories ] All advisories are located at: http://www.net-security.org/archive_advi.php ---------------------------------------------------------------- Conectiva Linux Security Advisory - postgresql >> http://www.net-security.org/advisory.php?id=1062 SuSE Security Announcement - openssl/Slapper worm >> http://www.net-security.org/advisory.php?id=1061 Microsoft Security Bulletin MS02-052 - Flaw in Java VM JDBC Classes Could Allow Code Execution >> http://www.net-security.org/advisory.php?id=1060 Microsoft Security Bulletin MS02-051 - Cryptographic Flaw in RDP Protocol can Lead to Information Disclosure >> http://www.net-security.org/advisory.php?id=1059 SGI Security Advisory - IRIX default root umask and coredumps >> http://www.net-security.org/advisory.php?id=1058 SGI Security Advisory - IGMP multicast report Denial of Service vulnerability >> http://www.net-security.org/advisory.php?id=1057 Cisco Security Advisory - Microsoft Windows SMB Denial of Service Vulnerabilities in Cisco Products >> http://www.net-security.org/advisory.php?id=1056 Cisco Security Advisory - Cisco VPN 5000 Client Multiple Vulnerabilities >> http://www.net-security.org/advisory.php?id=1055 Debian Security Advisory - New PHP packages fix several vulnerabilities >> http://www.net-security.org/advisory.php?id=1054 SuSE Security Announcement - xf86 >> http://www.net-security.org/advisory.php?id=1053 Debian Security Advisory - Multiple OpenSSL problems (update 2) >> http://www.net-security.org/advisory.php?id=1052 FreeBSD Security Advisory - Applications using libkvm may leak sensitive descriptors >> http://www.net-security.org/advisory.php?id=1051 NetBSD Security Advisory - Multiple security isses with kfd daemon >> http://www.net-security.org/advisory.php?id=1050 NetBSD Security Advisory - shutdown(s, SHUT_RD) on TCP socket does not work as intended >> http://www.net-security.org/advisory.php?id=1049 NetBSD Security Advisory - fd_set overrun in mbone tools and pppd >> http://www.net-security.org/advisory.php?id=1048 NetBSD Security Advisory - Bug in NFS server code allows remote denial of service >> http://www.net-security.org/advisory.php?id=1047 NetBSD Security Advisory - buffer overrun in setlocale >> http://www.net-security.org/advisory.php?id=1046 NetBSD Security Advisory - Sun RPC XDR decoder contains buffer overflow >> http://www.net-security.org/advisory.php?id=1045 NetBSD Security Advisory - symlink race in pppd >> http://www.net-security.org/advisory.php?id=1044 NetBSD Security Advisory - Multiple vulnerabilities in OpenSSL code (update) >> http://www.net-security.org/advisory.php?id=1043 NetBSD Security Advisory - Repeated TIOCSCTTY ioctl can corrupt session hold counts >> http://www.net-security.org/advisory.php?id=1042 NetBSD Security Advisory - buffer overrun in libc/libresolv DNS resolver >> http://www.net-security.org/advisory.php?id=1041 CERT Advisory CA-2002-27 - Apache/mod_ssl Worm >> http://www.net-security.org/advisory.php?id=1040 Debian Security Advisory - New kdelibs fix cross site scripting bug >> http://www.net-security.org/advisory.php?id=1035 Debian Security Advisory - Multiple OpenSSL problems (update) >> http://www.net-security.org/advisory.php?id=1034 Debian Security Advisory - New purity packages fix potential buffer overflows >> http://www.net-security.org/advisory.php?id=1033 ---------------------------------------------------------------- [ Featured articles ] All articles are located at: http://www.net-security.org/articles_main.php Articles can be contributed to staff@net-security.org ---------------------------------------------------------------- MANAGED VULNERABILITY ASSESSMENT This white paper explains the value of the various approaches to network security. It focuses on the unique role of vulnerability assessment, and MVA in particular. The paper concludes with a description of the QualysGuard MVA solution. >> http://www.net-security.org/article.php?id=178 SECURING AN INTERNET NAME SERVER The goal of this document is to discuss general name server security. However, in order to provide useful examples we have chosen to focus on BIND since it is the most commonly used software for DNS servers. >> http://www.net-security.org/article.php?id=179 CROSS-SITE SCRIPTING VULNERABILITIES Have you ever mistyped the address of a web site and received a message like "Error - page name could not be found" or "The page you requested: page name does not exist"? Certainly you have, and odds are you never gave it a second thought; you simply corrected the address or went to a different site altogether. When you encounter an error message like the two listed above, you are actually witnessing a potential security breach - not necessarily against the site, but rather against you directly. >> http://www.net-security.org/article.php?id=180 NETBSD RELEASES A BATCH OF SECURITY ADVISORIES With the release of NetBSD 1.6, the NetBSD project published a batch of Security Advisories (some of which are updates). >> http://www.net-security.org/article.php?id=181 HNS COVERAGE FROM RSA CONFERENCE 2002 EUROPE The Help Net Security staff will attend the conference and all the appropriate exhibitions and classes. Be sure to expect all the scoops, photos and interviews from the conference. >> http://www.net-security.org/article.php?id=182 AMERICA'S NATIONAL CYBERSECURITY STRATEGY: SAME STUFF, DIFFERENT ADMINISTRATION Today the White House releases its long-awaited "National Strategy To Secure Cyberspace." This high-level blueprint document, in-development for over a year by Richard Clarke's Cybersecurity team, is the latest US government plan to address the many issues associated with the Information Age. >> http://www.net-security.org/article.php?id=183 THE TRIVIAL CISCO IP PHONES COMPROMISE The following paper lists several severe vulnerabilities with Cisco systems’ SIP-based IP Phone 7960 and its supporting environment. >> http://www.net-security.org/article.php?id=184 THREE INTERVIEWS Multitool Linux authors Jeremy Anderson, Steven Murphy and Michael Schwarz talk about their first steps in Linux, the writing of the book, future plans and more. Interview with Michael Schwarz http://www.net-security.org/article.php?id=187 Interview with Jeremy Anderson http://www.net-security.org/article.php?id=186 Interview with Steven Murphy http://www.net-security.org/article.php?id=185 ---------------------------------------------------------------- [ Security world ] All press releases are located at: http://www.net-security.org/press_main.php ---------------------------------------------------------------- GEOBRIDGE and Bull Evidian Team up to Deliver Advanced Security Solutions >> http://www.net-security.org/press.php?id=1013 Trend Micro Announces Award of $4.6 Million Contract for Antivirus Solutions for Defense Department and Coast Guard >> http://www.net-security.org/press.php?id=1012 Viruses and Hackers and Bugs got you Scared? Laptop Says Panda Antivirus Titanium is The Best Protection Program on The Market >> http://www.net-security.org/press.php?id=1011 Check Point Positioned as Leader in Firewall and VPN Markets by Major Research Firm >> http://www.net-security.org/press.php?id=1010 First Comprehensive Intelligence Solution to Combat Cyber Attacks Delivered by Check Point and SANS Institute >> http://www.net-security.org/press.php?id=1009 Activcard Launches VAR-Based "Smart VPN" Campaign >> http://www.net-security.org/press.php?id=1008 Rainbow Technologies Publishes the "eBook on Authentication Technologies" >> http://www.net-security.org/press.php?id=1007 Trend Micro Ships Next Generation Enterprise Scale Web Virus Protection Solution >> http://www.net-security.org/press.php?id=1006 Infoexpress VPN Software VTCP/Secure Chosen Windows & .Net Magazine Readers' Choice Award Winner >> http://www.net-security.org/press.php?id=1005 Information Security Survey Benchmarks IT Security Trends And Practices By Company Size >> http://www.net-security.org/press.php?id=1004 SSH Communications Security Corp Partners With Netegrity To Provide Advanced E-Business Website Access Management >> http://www.net-security.org/press.php?id=1003 Sandbox – Better Protection Against Known And Unknown Viruses >> http://www.net-security.org/press.php?id=1002 Rainbow Technologies Makes Business 2.0's "100 Fastest Growing Tech Companies" List >> http://www.net-security.org/press.php?id=1001 Corio Chooses ArcSight For Security Monitoring And Management >> http://www.net-security.org/press.php?id=1000 Three Panda Antivirus Products Chosen As Windows & .Net Magazine Readers' Choice Award Winners >> http://www.net-security.org/press.php?id=999 RSA Security Receives Broad Industry Recognition From Leading Technology Publications >> http://www.net-security.org/press.php?id=998 Former Assistant Secretary of Defense Arthur Money Elected to Rainbow Technologies' Board of Directors >> http://www.net-security.org/press.php?id=997 nCipher Announces New Payshield Product Line To Help Combat Online Payment Card Fraud >> http://www.net-security.org/press.php?id=996 Slapper Teaches Users Value of Safe Hex, Says Sophos Anti-Virus >> http://www.net-security.org/press.php?id=995 Cyota and nCipher Strengthen Relationship to Deliver e-Payments Security Solutions >> http://www.net-security.org/press.php?id=994 ---------------------------------------------------------------- [ Security Software ] Windows software is located at: http://net-security.org/software_main.php?cat=1 Linux software is located at: http://net-security.org/software_main.php?cat=2 ---------------------------------------------------------------- IP-TOOLS 2.08 IP-Tools offers many TCP/IP utilities in one program. The program includes: Local Info, Connections Monitor, NetBIOS Scanner, Shared resources Scanner, HostName Scanner, Ports Scanner, Ping Scanner, Trace, LookUp, Finger, WhoIs, Get Time from Time Servers, Telnet client, IP-Monitor and Hosts Monitor. >> http://www.net-security.org/software.php?id=275 OUTPOST PERSONAL FIREWALL 1.0.1817 The Outpost Personal Firewall combines power and advanced features with a easy-to-use interface. It is the first personal firewall that supports plug-ins. Developers can implement this revolutionary technology to easily expand Outpost's capabilities. >> http://www.net-security.org/software.php?id=276 SPYWARE/ADWARE REMOVER 2.4 BPS Spyware/Adware Remover Is a multi Adware, SpyWare, Trackware, Thiefware & Big Brotherware removal utility with multi-language support. It scans your memory (for active memory ad components, which are not stored on your hard drive and last only as long as the computer is powered up), registry and hard drives for known SpyWare parasites and scum-ware components and lets you remove them safely even ad component DLLs. >> http://www.net-security.org/software.php?id=277 TAUSCAN 1.6 Tauscan is a powerful, easy-to-use trojan horse detection and removal system that protects your computer from trojans. It's not enough to make your system virus-free. You also need to detect, block, and remove the trojans and other backdoor threats to your privacy. >> http://www.net-security.org/software.php?id=278 NAGIOS 1.0B6 Nagios is a host and service monitor designed to inform you of network problems before your clients, end-users or managers do. >> http://www.net-security.org/software.php?id=279 PPE/WEB 3.5 PPE/Web is a Password Policy Enforcer add-on that allows users to change their Windows NT and Windows 2000 passwords using a web browser. >> http://www.net-security.org/software.php?id=280 UNUSED ACCOUNT FERRET 2.1 UAF displays a list of unused accounts based on the parameters supplied by the administrator. The administrator can then disable or delete the unused accounts manually, or let UAF do it automatically. UAF can also delete a user's Microsoft Exchange mailbox and home folder if desired. >> http://www.net-security.org/software.php?id=281 ARIRANG 1.6 Arirang is a powerful webserver security scanner. arirang can help network administrators find security vulnerabilities, auditing and patch in their webservers. >> http://www.net-security.org/software.php?id=282 COMMVIEW 3.4 CommView is a program for monitoring Internet and Local Area Network (LAN) activity capable of capturing and analyzing network packets. It gathers information about data passing through your dial-up connection or Ethernet card and decodes the analyzed data. >> http://www.net-security.org/software.php?id=283 ANTI-KEYLOGGER 2.1 Anti-keylogger is a program designed to combat against various types of intrusion and monitoring programs. Unlike the typical approach, it does not rely on pattern-matching, so it may work on new or unknown types of monitoring programs. >> http://www.net-security.org/software.php?id=284 ---------------------------------------------------------------- [ Virus News ] All virus news are located at: http://www.net-security.org/viruses.php ---------------------------------------------------------------- T0rn Virus Writer Suspect Arrested in UK >> http://www.net-security.org/virus_news.php?id=78 Klez.I Preys on the Unwary >> http://www.net-security.org/virus_news.php?id=77 Reverse Engineered Slapper Worm >> http://www.net-security.org/virus_news.php?id=76 F-Secure Warns About a New Linux Worm >> http://www.net-security.org/virus_news.php?id=75 ---------------------------------------------------------------- Questions, contributions, comments or ideas go to: Help Net Security staff staff@net-security.org http://net-security.org ---------------------- Subscribe to this weekly digest on: http://www.net-security.org/subscribe.php Unsubscribe by sending your e-mail address to: info@net-security.org with UNSUBSCRIBE in the message body. The archive of the newsletter in TXT and PDF format is available http://www.net-security.org/newsletter_archive.php