HNS Newsletter
Issue 145 - 20.01.2003.
http://net-security.org

This is a newsletter delivered to you by Help Net Security. It 
covers weekly roundups of security events that were in the 
news the past week. Visit Help Net Security for the latest 
security news - http://net-security.org.


-----------------------------------------------------------------
SECURITY INCIDENT ALERT
-----------------------------------------------------------------
Check your Web servers, FTP servers, Mail servers , DNS servers,
firewalls, IDS systems, switchers and routers for over 900 up to 
date vulnerabilities. Secure your critical assets today!

FREE System Security Test and Detailed Report
http://www.net-security.org/lm/ads/ads.pl?banner=scannerx1
-----------------------------------------------------------------


Table of contents:
 
1) Security news
2) Vulnerabilities
3) Advisories
4) Articles
5) Featured reviews
6) Security world
7) Security software
8) Virus news


[ General security news ]

 
----------------------------------------------------------------

FEDS SEEK PUBLIC INPUT ON HACKER SENTENCING
Should computer intruders and virus writers spend more time in 
prison, or less? Should a hacker's motives be considered? The 
U.S. commission that decides federal sentences wants your opinion.
>> http://www.net-security.org/news.php?id=1791


INTELLIGENCE GATHERING: WATCHING A HONEYPOT AT WORK
The purpose of this article is share with the security community 
the data the author collected from his honeypot.
>> http://www.net-security.org/news.php?id=1792


THE TWO FACES OF LINUX
While Linux continues to make inroads among corporate accounts, 
it is also is taking on one of the burdens typically assumed by 
archrival Microsoft, as it becomes a more attractive target for 
hackers.
>> http://www.net-security.org/news.php?id=1793


STRIKEBACK, PART DEUX
Why I should have the right to kill a malicious process on 
your machine.
>> http://www.net-security.org/news.php?id=1794


REVIEW: CANIT SPAM TRAP
CanIt is a product that tries to identify spam, and claims to 
"never discard a valid email message".
>> http://www.net-security.org/news.php?id=1795


INTRODUCTION TO NGREP
Here's an introduction to ngrep, a packet sniffing tool that can 
use regular expressions to search for specific patterns inside 
packets.
>> http://www.net-security.org/news.php?id=1796


TRANSMETA TO EMBED SECURITY FEATURES IN PROCESSOR
Transmeta will offer a processor with embedded security features 
as the semiconductor design company races against its much
larger rival Intel in the market for chips custom-made for 
mobile computing.
>> http://www.net-security.org/news.php?id=1802


MICROSOFT ADDS CATEGORY TO SECURITY RATING SYSTEM
After customers complained that they couldn't identify the most 
serious security vulnerabilities, Microsoft has added a fourth 
category to its vulnerability rating system.
>> http://www.net-security.org/news.php?id=1803


DIGITAL RIGHTS REACH BEYOND TECH
Thirty years ago, electronics geeks figured out a way to make free 
phone calls. Today's battle between entertainment moguls and 
consumers over digital content shows that not much has changed.
>> http://www.net-security.org/news.php?id=1804


THE ENTERPRISE AUTHENTICATION GAME
Yankee Group analyst Eric Ogren estimated that the majority of 
large enterprises now use a token-password combination, 
representing a quantum leap forward for network security.
>> http://www.net-security.org/news.php?id=1805


E-GOVERNMENT: FIRST FIGHT THE HACKERS
The government should make doubly sure of the security of its 
e-government and e-procurement networks from hackers before 
promoting them heavily.
>> http://www.net-security.org/news.php?id=1812


EVEN SURFING CAN MEAN JAIL
Even so much as clicking on a Web site featuring child pornography 
could result in a jail sentence of up to five years in the United 
Kingdom.
>> http://www.net-security.org/news.php?id=1813


RIAA CALLS HACKING CLAIM A HOAX
A warning about a widespread vulnerability in music playing 
software has turned out to be a joke - at least partly.
>> http://www.net-security.org/news.php?id=1814


SPAM CONFAB: HACKERS TO RESCUE?
They built the Internet, they invented e-mail -- and now it may 
be up to them to save both from crumbling under the weight of 
spam. Hackers head to MIT on Friday for the first conference 
on junk e-mail filtering.
>> http://www.net-security.org/news.php?id=1815


MORE COMPUTER VIRUSES THIS YEAR
Computer users should brace for a new onslaught of viruses this 
year, especially worms deployed into instant messaging systems 
that allow users to chat quickly and cheaply across the Web.
>> http://www.net-security.org/news.php?id=1816


BBC IN IRONIC VIRUS INFECTION
The BBC fell victim to the latest variant of the ExploreZip worm, 
and a certain amount of hubris, last week.
>> http://www.net-security.org/news.php?id=1822


FEDS SPENT MORE THAN $2.9B ON SECURITY-RELATED IT IN 2002
Despite warnings of loose management of IT investments, the U.S. 
government spent at least $2.9 billion on IT related to domestic 
security in fiscal 2002 and will spend at least that much in fiscal 
2003.
>> http://www.net-security.org/news.php?id=1823


DISCARDED COMPUTER HARD DRIVES PROVE A TROVE OF PERSONAL INFO
So, you think you cleaned all your personal files from that old 
computer you got rid of?
>> http://www.net-security.org/news.php?id=1824


PASSWORD PROBLEMS SWAMP HELP DESKS
Internal help desks are being prevented from delivering their full 
potential because up to 80 per cent of calls come from users who 
have forgotten their passwords.
>> http://www.net-security.org/news.php?id=1825


SPAMMER EXPOSES CUSTOMER DATA
A notorious spammer who pitches pirated software from Symantec's 
Norton product line over the Internet has left vast amounts of 
customer data exposed for the world to see.
>> http://www.net-security.org/news.php?id=1826


SECURITY FLAW MAY THREATEN CELL PHONES
Microsoft and U.K. carrier Orange are investigating whether hackers 
are sending rogue software to cell phones using Microsoft's 
Smartphone 2002 operating system.
>> http://www.net-security.org/news.php?id=1827


REFORMED HACKERS WANT TO LEND A HAND WITH YOUR IT SECURITY STRATEGY
Does it take a thief to stop a thief? That's the question many 
businesses are weighing as they consider hiring reformed hackers 
to lock down their IT systems.
>> http://www.net-security.org/news.php?id=1828


DECRYPTING THE SECRET TO STRONG SECURITY
Whitfield Diffie writes: "Is open-source software better for security 
than proprietary software?"
>> http://www.net-security.org/news.php?id=1832


PENTAGON DATABASE PLAN HITS SNAG
A Pentagon antiterrorism plan that would link credit card, health 
insurance and other databases is encountering growing opposition.
>> http://www.net-security.org/news.php?id=1833


IRAQI COMPUTER ATTACKS FEARED
Intelligence officials are concerned that a recent rise in electronic 
attacks against government and military computer networks in the 
United States may be the work of pro-Iraqi hackers.
>> http://www.net-security.org/news.php?id=1834


N.M. PREPS ID MANAGEMENT SYSTEM
New Mexico soon will implement a centralized, enterprise identity 
management platform so that citizens and employees can access 
Web applications more securely.
>> http://www.net-security.org/news.php?id=1835


RUMSFELD ORDERS .MIL WEB LOCKDOWN
The defense secretary cites an al Qaeda training manual in ordering 
the armed services to strip official Web sites of information that 
could aid the enemy.
>> http://www.net-security.org/news.php?id=1836


SECURITY PREDICTIONS FOR 2003
As we ring in the new year, it's in with the new and out with the 
old. Or is it? Our fearless forecaster thinks not.
>> http://www.net-security.org/news.php?id=1837

----------------------------------------------------------------




[ Vulnerabilities ]


All vulnerabilities are located here:
http://www.net-security.org/archive_vuln.php


----------------------------------------------------------------

PHP Topsites Multiple Remote Vulnerabilities
>> http://www.net-security.org/vuln.php?id=2375


D-Link DWL-900AP+ Upgrade Vulnerability
>> http://www.net-security.org/vuln.php?id=2374


middleman 1.2 and prior Versions off-by-one Vulnerability
>> http://www.net-security.org/vuln.php?id=2373


Tanne Remote Format String Vulnerability
>> http://www.net-security.org/vuln.php?id=2372


E-theni Multiple Vulnerabilities
>> http://www.net-security.org/vuln.php?id=2371


PEEL Include File Vulnerability
>> http://www.net-security.org/vuln.php?id=2370


PHPNuke 6.0 Path Disclosure Vulnerability
>> http://www.net-security.org/vuln.php?id=2369


Polycom Video Conference System Management Server 
Authentication Bypass Vulnerability
>> http://www.net-security.org/vuln.php?id=2368


SPGPartenaires SQL Injection Vulnerability
>> http://www.net-security.org/vuln.php?id=2367


BitKeeper Remote Shell Command Execution Local Vulnerability
>> http://www.net-security.org/vuln.php?id=2366


w-agora v.4.15 Arbitary File Disclosure Vulnerability
>> http://www.net-security.org/vuln.php?id=2365


SunOS 5.8 uucp Buffer Overflow Vulnerability
>> http://www.net-security.org/vuln.php?id=2364


WebCollection Plus Arbitary File Disclosure Vulnerability
>> http://www.net-security.org/vuln.php?id=2363


MyPHPNuke Multiple Vulnerabilities
>> http://www.net-security.org/vuln.php?id=2362


HTTP Fetcher Library Buffer Overflow Vulnerability
>> http://www.net-security.org/vuln.php?id=2361


Cyboards Remote Code Execution Vulnerability
>> http://www.net-security.org/vuln.php?id=2360


Mambo Site Server Remote Code Execution Vulnerability
>> http://www.net-security.org/vuln.php?id=2359


HLTV Remote Denial of Service Vulnerability
>> http://www.net-security.org/vuln.php?id=2358


BRS WebWeaver FTP Server Multiple Vulnerabilities
>> http://www.net-security.org/vuln.php?id=2357


Efficient Networks 5861 DSL Router Denial of Service Vulnerability
>> http://www.net-security.org/vuln.php?id=2356


WebIntelligence Session Hijacking Vulnerability
>> http://www.net-security.org/vuln.php?id=2355


IMP 2.x SQL Injection Vulnerabilities
>> http://www.net-security.org/vuln.php?id=2354


a.shopKart Web Shopping Cart Insuficient Input 
Checking Vulnerability
>> http://www.net-security.org/vuln.php?id=2353


Bookmar4U and Active PHP Bookmarks Vulnerabilities
>> http://www.net-security.org/vuln.php?id=2352


Directory Traversal Vulnerability in Communigate Pro 4.0b to 4.0.2
>> http://www.net-security.org/vuln.php?id=2351


Longshine WLAN Access-Point LCS-883R Vulnerability
>> http://www.net-security.org/vuln.php?id=2350


S8Forum Remote Command Execution Vulnerability
>> http://www.net-security.org/vuln.php?id=2349


OpenTopic Cross Site Scripting Vulnerability
>> http://www.net-security.org/vuln.php?id=2348


Nettelephone Dialer Security Vulnerability
>> http://www.net-security.org/vuln.php?id=2347


Bypassing Integrity Protection Driver
>> http://www.net-security.org/vuln.php?id=2346


Solaris 2.x /usr/sbin/wall Vulnerability
>> http://www.net-security.org/vuln.php?id=2345

----------------------------------------------------------------




[ Advisories ]


All advisories are located at:
http://www.net-security.org/archive_advi.php


----------------------------------------------------------------

Mandrake Linux Security Advisory - openldap
>> http://www.net-security.org/advisory.php?id=1501


Mandrake Linux Security Advisory - xpdf
>> http://www.net-security.org/advisory.php?id=1500


OpenPKG Security Advisory - png
>> http://www.net-security.org/advisory.php?id=1499


Gentoo Linux Security Announcement - dhcp
>> http://www.net-security.org/advisory.php?id=1498


Gentoo Linux Security Announcement - fnord
>> http://www.net-security.org/advisory.php?id=1497


SCO Security Advisory - Linux: wget directory traversal 
and buffer overrun vulnerabilities
>> http://www.net-security.org/advisory.php?id=1496


Debian Security Advisory - New bugzilla packages fix 
unauthorized data modification
>> http://www.net-security.org/advisory.php?id=1495


SuSE Security Announcement - libpng
>> http://www.net-security.org/advisory.php?id=1494


Mandrake Linux Security Advisory - leafnode
>> http://www.net-security.org/advisory.php?id=1493


Mandrake Linux Security Advisory - kde
>> http://www.net-security.org/advisory.php?id=1492


Red Hat Security Advisory - Updated vim packages fix 
modeline vulnerability
>> http://www.net-security.org/advisory.php?id=1491


Red Hat Security Advisory - Updated dhcp packages fix 
security vulnerabilities
>> http://www.net-security.org/advisory.php?id=1490


CERT Advisory CA-2003-01 - Buffer Overflows in 
ISC DHCPD Minires Library
>> http://www.net-security.org/advisory.php?id=1489


SCO Security Advisory - UnixWare 7.1.1: multiple 
vulnerabilities in BIND (CERT CA-2002-31)
>> http://www.net-security.org/advisory.php?id=1488


Red Hat Security Advisory - Updated MySQL packages 
fix various security issues
>> http://www.net-security.org/advisory.php?id=1487


Debian Security Advisory - New IMP packages fix SQL 
injection and typo
>> http://www.net-security.org/advisory.php?id=1486


Debian Security Advisory - New IMP packages fix SQL injection
>> http://www.net-security.org/advisory.php?id=1485


Red Hat Security Advisory - Updated PostgreSQL 
packages fix buffer overrun
>> http://www.net-security.org/advisory.php?id=1484


Red Hat Security Advisory - Updated PostgreSQL 
packages fix security issues and bugs
>> http://www.net-security.org/advisory.php?id=1483


Debian Security Advisory - New libmcrypt packages fix 
buffer overflows and memory leak
>> http://www.net-security.org/advisory.php?id=1482


SuSE Security Announcement - libpng
>> http://www.net-security.org/advisory.php?id=1481


Red Hat Security Advisory - Updated CUPS packages 
fix various vulnerabilities
>> http://www.net-security.org/advisory.php?id=1480


Red Hat Security Advisory - Updated libpng packages 
fix buffer overflow
>> http://www.net-security.org/advisory.php?id=1479


Debian Security Advisory - New openldap packages fix 
buffer overflows and remote exploit
>> http://www.net-security.org/advisory.php?id=1478


Gentoo Linux Security Announcement - mod_php php
>> http://www.net-security.org/advisory.php?id=1477


SCO Security Advisory - UnixWare 7.1.1 Open UNIX 8.0.0: 
command line argument buffer overflow in ps
>> http://www.net-security.org/advisory.php?id=1476


SCO Security Advisory - Linux: Webmin Cross-site 
Scripting and Session ID Spoofing Vulnerabilities
>> http://www.net-security.org/advisory.php?id=1475


Debian Security Advisory - New xpdf-i packages fix 
arbitrary command execution
>> http://www.net-security.org/advisory.php?id=1474


Mandrake Linux Security Advisory - dhcpcd
>> http://www.net-security.org/advisory.php?id=1473


Mandrake Linux Security Advisory - cups
>> http://www.net-security.org/advisory.php?id=1472


FreeBSD Security Advisory - file descriptor leak in fpathconf
>> http://www.net-security.org/advisory.php?id=1471

----------------------------------------------------------------




[ Featured articles ]


All articles are located at:
http://www.net-security.org/articles_main.php

Articles can be contributed to staff@net-security.org


----------------------------------------------------------------

IDENTIX PERFORMS STRONG IN BIOMETRIC GROUP COMPARATIVE STUDY
Identix Incorporated demonstrated strong performance in 
Round Four of International Biometric Group's Comparative 
Biometric Testing.
>> http://www.net-security.org/article.php?id=341


NEW VERSION OF NORMAN INTERNET CONTROL RELEASED
The latest release introduces many improvements to simplify the 
installation and continued ease of use to make the program a 
solution that is available to users at all levels.
>> http://www.net-security.org/article.php?id=342


INFOEXPRESS CEO ON ENTERPRISE SECURITY
We talked with Stacey Lum, president and CEO of InfoExpress, about 
the company and his take on security of enterprise systems.
>> http://www.net-security.org/article.php?id=343


NEW SHARP DATA SECURITY KITS ACHIEVE COMMON CRITERIA CERTIFICATION
The newest version of Sharp's Data Security Kit specifically 
addresses security concerns relative to networked office products.
>> http://www.net-security.org/article.php?id=344


MCAFEE SECURITY RECEIVES 'BEST BUY' AWARD FROM SC MAGAZINE
McAfee Active Virus Defense Small Business Edition, a product of 
McAfee Security, won a five-star ranking and is the only vendor 
to receive the "Best Buy" award from SC Magazine.
>> http://www.net-security.org/article.php?id=345


OPEN-SOURCE GROUP NAMES 10 MOST DANGEROUS WEB VULNERABILITIES
This list was created to focus government and industry on the most 
serious of these vulnerabilities.
>> http://www.net-security.org/article.php?id=346


MICROSOFT ANNOUNCES GOVERNMENT SECURITY PROGRAM
Microsoft announced a global initiative that provides national 
governments with controlled access to Windows source code 
and other technical information.
>> http://www.net-security.org/article.php?id=347


TREND MICRO EXPANDS ENTERPRISE PROTECTION STRATEGY
Trend Micro announced the expansion of their Enterprise Protection 
Strategy with the delivery of a range of new products, services and 
architectural enhancements.
>> http://www.net-security.org/article.php?id=348


ERIK KANGAS, PRESIDENT OF LUX SCIENTIAE ON SECURE MESSAGING
In the interview, Mr. Kangas talks about his company, email security 
services and the state of secure messaging.
>> http://www.net-security.org/article.php?id=349


THE WORLD�S FASTEST XML WEB SERVICES SECURITY GATEWAY
DataPower Technology announced the availability of the DataPower 
XS40 XML Security Gateway, a first-of-its-kind network device 
purpose-built to secure XML-based applications at wirespeed 
with ease.
>> http://www.net-security.org/article.php?id=350


NETSCREEN ENHANCES SOLUTION FOR MOBILE NETWORK OPERATORS
NetScreen Technologies Inc. announced enhancements to the 
NetScreen-500 GPRS security system, enabling mobile network 
operators to strengthen security of their networks.
>> http://www.net-security.org/article.php?id=351


CASE STUDY ON LINUX FIREWALL AND STANFORD UNIVERSITY
An all-purpose security appliance, based on Astaro Security Linux, 
keeps intruders from invading the remote workstations of hundreds 
of researchers at Stanford University.
>> http://www.net-security.org/article.php?id=352


NEW SECURITY ASSESSMENT AND RISK MANAGEMENT SERVICE
This service by Dimension Data assesses a company's entire IT 
environment and delivers a remediation roadmap to ensure that 
everything is in place to provide adequate asset protection.
>> http://www.net-security.org/article.php?id=355


AVOID WIRELESS LAN SECURITY PITFALLS
WLAN security is generally breached the same way as any other 
system - an attacker discovers a weakness and devise a mode 
of attack that is then shared and used by the hacker community 
at large.
>> http://www.net-security.org/article.php?id=354

----------------------------------------------------------------




[ Featured Reviews ]


All reviews are located at: 
http://www.net-security.org/reviews.php 


----------------------------------------------------------------

HALTING THE HACKER: A PRACTICAL GUIDE TO COMPUTER SECURITY, 2/E
Aside it's pure technical value as a practical guide to computer 
security, I just love the sociological part about hacking. It will 
bring you a bit closer to the hacker's mind and maybe explain 
how it functions, therefore allowing yourself to prepare better 
for possible attacks and countermeasures.
>> http://www.net-security.org/review.php?id=21


LIUTILITIES WINBACKUP
WinBackup developers bundled all the needed back up functions in 
this small and easy to use product. If you want to secure your 
backups with 128 or 256 bit AES encrpytion, you'll find this 
product very useful.
>> http://www.net-security.org/review.php?id=22


APACHE ADMINISTRATOR'S HANDBOOK
There are lot of online texts covering Apache administration and 
Apache security, but from my perspective a book laying on your 
shelf gives a better and easily accessible reference. Written by 
Apache experts, this is a valuable book for Apache administrators 
and for people that want to go in-depth with knowledge about 
this powerful web server.
>> http://www.net-security.org/review.php?id=23


ADHAERO DOC 1.1.8
What makes this product stand out from other security applications 
is it's ease of use. This is the way to protect your valuable 
information - easy, efficient and secure.
>> http://www.net-security.org/review.php?id=24

----------------------------------------------------------------




[ Security world ]


All press releases are located at:
http://www.net-security.org/press_main.php


----------------------------------------------------------------

Security Company-PivX Releases Multiple Vendor dDoS 
Game Server Vulnerability
>> http://www.net-security.org/press.php?id=1200


Neoteris Earns Entrepreneurial Company Of The Year 
Award From Frost & Sullivan
>> http://www.net-security.org/press.php?id=1199


NetScreen Enhances Solution for Mobile Network Operators
>> http://www.net-security.org/press.php?id=1198


Neoteris Secures 150 Enterprise Customers; Instant 
Virtual Extranet Product Category Accelerates Rapidly
>> http://www.net-security.org/press.php?id=1197


Bluesocket Signs Partnerships with Airpath Wireless, GRIC 
Communications and iPass to Make Public Internet 
Access Simple, Secure
>> http://www.net-security.org/press.php?id=1196


Panda Software Teams up with NetIQ MailMarshal to 
Protect SMTP Traffic from Viruses
>> http://www.net-security.org/press.php?id=1195


$39 Software Stops $6 Billion Email Scams
>> http://www.net-security.org/press.php?id=1194


Trend Micro Expands Enterprise Protection Strategy
>> http://www.net-security.org/press.php?id=1193


Protegrity Secure.Data F3 With nCipher Fips 140 Validated 
Hardware Now Available For Microsoft SQL Server 2000
>> http://www.net-security.org/press.php?id=1192


Neoteris Delivers Cost-Effective Secure Access To 
Financial Services Industry
>> http://www.net-security.org/press.php?id=1191


TruSecure Expands Strategic Advisory Board
>> http://www.net-security.org/press.php?id=1190

----------------------------------------------------------------




[ Security Software ]


Windows software is located at:
http://net-security.org/software_main.php?cat=1

Linux software is located at:
http://net-security.org/software_main.php?cat=2


----------------------------------------------------------------

SYMANTEC LIRVA REMOVAL TOOL
This tool removes the W32.Lirva worm.
>> http://www.net-security.org/software.php?id=429


MAILWASHER 2.0.21 BETA
MailWasher is a powerful email checker with effective spam 
elimination. Discover the safe way to stop unwanted viruses 
and e-mails before they get to your computer.
>> http://www.net-security.org/software.php?id=430


SSHTERM 0.0.2 ALPHA
Our GPL licensed SSH terminal client application started out as a 
sample application to demonstrate the power and flexibility of the 
Java SSH API. It has now spawned its own applications project 
and development is well underway to provide an outstanding 
client application with all the standard features you expect from 
your SSH client with more advanced features planned for later 
releases.
>> http://www.net-security.org/software.php?id=431


BITDEFENDER ANTI SOBIG
Protect yourself from the Sobig worm.
>> http://www.net-security.org/software.php?id=432


BITDEFENDER ANTI LIRVA
Protect yourself from the Lirva worm.
>> http://www.net-security.org/software.php?id=433

----------------------------------------------------------------




[ Virus News ] 


All virus news are located at: 
http://www.net-security.org/viruses.php 


----------------------------------------------------------------

RAV AntiVirus at LinuxWorld Conference & Expo 2003
>> http://www.net-security.org/virus_news.php?id=162


BSDI MTAs are Protected by RAV AntiVirus
>> http://www.net-security.org/virus_news.php?id=161


BitDefender Releases Lirva and Sobig Worm Removal Tools
>> http://www.net-security.org/virus_news.php?id=160


Viruses in 2003: The Shape of Things to Come
>> http://www.net-security.org/virus_news.php?id=159


Weekly Virus Report - Six Worms, a trojan and an MS-DOS Virus
>> http://www.net-security.org/virus_news.php?id=158

----------------------------------------------------------------

Questions, contributions, comments or ideas go to:
 
Help Net Security staff
staff@net-security.org
http://net-security.org

----------------------

Subscribe to this weekly digest on:
http://www.net-security.org/subscribe.php

Unsubscribe by sending your e-mail address to:
info@net-security.org with UNSUBSCRIBE in the message body.

The archive of the newsletter in TXT and PDF format is available 
http://www.net-security.org/newsletter_archive.php


-----------------------------------------------------------------
SECURITY INCIDENT ALERT
-----------------------------------------------------------------
Check your Web servers, FTP servers, Mail servers , DNS servers,
firewalls, IDS systems, switchers and routers for over 900 up to 
date vulnerabilities. Secure your critical assets today!

FREE System Security Test and Detailed Report
http://www.net-security.org/lm/ads/ads.pl?banner=scannerx1
-----------------------------------------------------------------