Author: Benjamin D. Thomas
This week, advisories were
released for mc, openssl, ethereal, libxml2, emil, Linux kernel, apache, UUDeview,
courier, oftpd, fetchmail, squid, OpenLDAP, mplayer, Mozilla, and apache. The
distributors include Conectiva, Debian, FreeBSD, Gentoo, Mandrake, Red Hat,
Trustix, and Turbolinux.
Ape about EtherApe
It
is always the same scene in Hollywood films. The networks are penetrated; cryptic
images and characters are scrolling across the screen. We’re being hacked! Did
you ever wish you could keep a closer eye on your network? Sure we have sniffers
and other tools, but did you ever want something graphical?
I’ve always been a huge
fan of ntop, but feel that it lacks on graphical end. My curiosity drives the
question, what is happening on my network? Another interesting program that
I enjoy using is EtherApe. It is a network monitor that displays traffic graphically.
It supports a wide range of protocols and network types. The display is color-coded
allowing users to quickly understand the type of traffic on a network.
The project is several
years old, originally being based on etherman. It is licensed under the GPL
and is currently packaged for many different Linux distributions. The hardware
requirements are minimal, however it does require you to use X and have libcap
installed.
With EtherApe you’ll find
the network monitoring has never been this fun. On an active network, one can
easily be drawn to just watching the activity. It can be a very useful tool,
but the entertainment value should not be discounted.
One of the most useful
features of EtherApe is the dynamic graphic images it creates. These can be
used to further explain concepts or attacks methodologies to business decision
makers who wouldn’t normally understand the output of tcpdump.
More information about
EtherApe can be found at the project website:
http://etherape.sourceforge.net/
Also, for those of you
who are just curious, severals screenshots are also available:
http://etherape.sourceforge.net/images/
Until next time, cheers!
Benjamin D. Thomas
LinuxSecurity
Feature Extras:
Interview
with Siem Korteweg: System Configuration Collector
– In this interview we learn how the System Configuration Collector (SCC)
project began, how the software works, why Siem chose to make it open source,
and information on future developments.Security:
MySQL and PHP
– This is the second installation of a 3 part article on LAMP (Linux Apache
MySQL PHP). In order to safeguard a MySQL server to the basic level, one has
to abide by the following guidelines.Configure
Web/DNS/Mail Securely in 5 Minutes with EnGarde – Web, DNS, and
Mail are the building block services of the Internet. In this article, I show
how to setup a Web, DNS, and Mail server with a few clicks of the mouse using
EnGarde Secure Linux.[ Linux
Advisory Watch ] – [ Linux
Security Week ] – [ PacketStorm
Archive ] – [ Linux Security
Documentation ]
Linux Advisory Watch
is a comprehensive newsletter that outlines the security vulnerabilities that
have been announced throughout the week. It includes pointers to updated packages
and descriptions of each vulnerability.
[ Subscribe
]
| Distribution: | Conectiva | ||
| 3/31/2004 | mc | ||
| Buffer overflow vulnerability Flaw allows the execution of arbitrary code. |
|||
| 3/31/2004 | OpenSSL | ||
| Denial of service vulnerabilities This update fixes three denial of service vulnerabilities that affect OpenSSL |
|||
| 3/31/2004 | ethereal | ||
| Multiple vulnerabilities This patch fixes a large number of vulnerabilities, some remotely exploitable. |
|||
| 3/31/2004 | libxml2 | ||
| Buffer overflow vulnerability An attacker can exploit this vulnerability to execute arbitrary code with |
|||
| Distribution: | Debian | ||
| 3/26/2004 | emil | ||
| Multiple vulnerabilities Ulf Harnhammar discovered a number of vulnerabilities in emil, both various |
|||
| 3/29/2004 | pam-pgsql Unchecked input vulnerability |
||
| Multiple vulnerabilities An attacker could exploit this bug to insert SQL statements. |
|||
| Distribution: | FreeBSD | ||
| 3/29/2004 | kernel | ||
| Input validation error Flaw with IPv6 validation may result in memory locations being accessed |
|||
| Distribution: | Gentoo | ||
| 3/26/2004 | apache | ||
| 2.x Multiple vulnerabilities Vulnerabilities include code execution and denial of service. |
|||
| 3/29/2004 | UUDeview | ||
| Buffer overflow vulnerability By decoding a MIME archive with excessively long strings for various parameters, |
|||
| 3/29/2004 | Courier | ||
| Multiple buffer overflows Explotation of overflows may result in execution of arbitrary code. |
|||
| 3/29/2004 | etherial | ||
| Multiple buffer overflows Explotation of these bugs may result in denial of service or remote execution |
|||
| 3/29/2004 | oftpd | ||
| Denial of service vulnerability A port command with a number above 255, even unauthenticated, can crash |
|||
| 3/31/2004 | fetchmail | ||
| Denial of service vulnerability Fetchmail 6.2.5 fixes a remote DoS. |
|||
| 3/31/2004 | squid | ||
| Access control escape vulnerability A URL can be specially crafted to automatically bypass the squid Access |
|||
| 3/31/2004 | mc | ||
| Buffer overflow vulnerability A remotely-exploitable buffer overflow in Midnight Commander allows arbitrary |
|||
| 3/31/2004 | OpenLDAP | ||
| Denial of service vulnerability A failed password operation can cause the OpenLDAP slapd server, if it is |
|||
| 3/31/2004 | mplayer | ||
| Buffer overflow vulnerability MPlayer contains a remotely exploitable buffer overflow in the HTTP parser |
|||
| 3/31/2004 | Monit | ||
| Multiple vulnerabilities A denial of service and a buffer overflow vulnerability have been found |
|||
| Distribution: | Mandrake | ||
| 3/31/2004 | ethereal | ||
| Multiple vulnerabilities This update patches quite a few ethereal issues, with threats ranging from |
|||
| 3/31/2004 | squid | ||
| Access control escape vulnerability It is possible for a remote attacker to create URLs that would not be properly |
|||
| Distribution: | Red Hat |
||
| 3/29/2004 | squid | ||
| ACL escape vulnerability If a Squid configuration uses Access Control Lists (ACLs), a remote attacker |
|||
| 3/29/2004 | Mozilla | ||
| Denial of service vulnerability The parsing of unexpected ASN.1 constructs within S/MIME data could cause |
|||
| 3/30/2004 | etherial | ||
| Multiple vulnerabilities Updated Ethereal packages that fix various security vulnerabilities are |
|||
| Distribution: | Trustix | ||
| 3/30/2004 | fcron,crontabs,stunnel,kernel,ntp Multiple vulnerabilities |
||
| Multiple vulnerabilities Patches now available for these packages. |
|||
| 3/30/2004 | xinetd,dev,filesystem Multiple vulnerabilities |
||
| Multiple vulnerabilities Patches now available for these packages also. |
|||
| 3/30/2004 | tcpdump,libpcap Multiple vulnerabilities |
||
| Multiple vulnerabilities The new upstream version of tcpdump fixes several bugs, some security related. |
|||
| 3/30/2004 | apache | ||
| Multiple vulnerabilities The new upstream version of apache addresses several security issues. |
|||
| Distribution: | Turbolinux | ||
| 3/30/2004 | wu-ftpd/OpenSSL Multiple vulnerabilities |
||
| Multiple vulnerabilities New patches fix multiple vulnerabilities in both packages. |
|||
