News Register Control Panel Private Messages Members List Team Search News Posts About Us 		 


Security Archives
1
 
Trojan FAQ
Trojans are the programs that seems to do nothing or something constructive .. but actually your machine is being possessed by someone else. Trojans are disguised as a good piece of software ... we will see the various methods of delivering Trojans later in this tutorial. As soon as you execute the Trojan infected file. The Trojan installs itself, without your knowledge, in some hidden place usually say %system root%.
 
How Secure Is Secure Shell?
The conventional wisdom for several years has been that if you were using SSH to connect to a server from a remote client, rather than Telnet or another unsecure protocol, you were safe. However, a few vulnerabilities have been revealed recently in versions of SSH, leading some IT administrators to wonder just how secure this vital standard really is.
 
PHP-Nuke mail CRLF Injection vulnerabilities
PHP-Nuke is published under the terms of the GNU General Public License. It is a very popular program with lots and lots of installations. It is included as one of the packages in Debian GNU/Linux and one of FreeBSD's ports. Despite all this, the program has a bad reputation regarding security matters.
 
Back Channeling using Xterm
The main aim of an attacker is to gain command line or interactive shell access on the target server. You might feel yourself secure as you have a fire wall installed and blocked incoming connections on the ports of the interactive services such as telnet, ssh, rlogin etc. But, the truth is that you are insecure even if you have disabled those services or turned them off.
 
Sending a fake mail
Want to fool your friend and have fun with him by sending him a fake mail from his girlfriend's address? So lets send him a fake mail using SMTP manually.
 
HTTP authentication with .htaccess protection
These days many sites are using HTTP authentication for protecting their members or restricted documents and directories. Such type of authentication can be used by .htaccess protection. Here we will assume that we are using Apache on a server running on a UNIX platform. And ServerRoot is �/etc/httpd� and DocumentRoot is �/var/www/html�.
 
1
 
 

 Channels
  Encryption
  Hardware
  History
  Linux
  Miscellaneous
  Networking
  Programming
  Security

 Recent Advisories
 Acroread 5.0.7 buffer overflow
 NetMeeting Directory Traversal Vulnerability
 Windows Media Services Remote Command Execution #2
 BRS WebWeaver Error Page Cross-Site Scripting Vulnerability
 Symantec Security Check ActiveX Buffer Overflow
 Authentication Vulnerability in NetScreen ScreenOS
 Multiple vulnerabilities in Tutos
 pMachine (PHP) : Include() Security Hole
 Bug found in: Polymorph 0.4.0
 Nessus NASL scripting engine security issues

 Current Discussions
Yet another SCO thread.
Trinity Rescue Kit
SCO vs Linux continued.
Please Help
stuck with mysql!
Fine, Remedies For Microsoft
Kill Process in Linux
Post's since last visit.
Forum Upgrade: Any broken link?
Startup Scripts in Linux

 Affiliates
  Arson Network
  Astalavista Security
  Astalavista.Net
  BSRF
  eBCVG
  Eye On Security
  H4ckerx
  HNS
  MuscleMag.com
  Netstat



� Copyright Linux Advisory 2003. All rights reserved.
We are not responsible for the comment and story contributed by users.