| Date: | 9 Feb 2005 17:59:25 -0000 |
From: | "Peter Laborge" <plaborge@securityfocus.com>
| To: | linux-secnews@securityfocus.com |
Subject: | SecurityFocus Linux Newsletter #222 |
SecurityFocus Linux Newsletter #222
------------------------------------
Need to know what's happening on YOUR network? Symantec DeepSight
Analyzer
is a free service that gives you the ability to track and manage
attacks.
Analyzer automatically correlates attacks from various Firewall and
network
based Intrusion Detection Systems, giving you a comprehensive view of
your
computer or general network. Sign up today!
http://www.securityfocus.com/sponsor/Symantec_sf-news_041130
------------------------------------------------------------------------
I. FRONT AND CENTER
1. Penetration Testing IPsec VPNs
2. Linux Kernel Security is Lacking
3. Apache 2 with SSL/TLS: Step-by-Step, Part 2
4. Of Dog Sniffs and Packet Sniffs
II. LINUX VULNERABILITY SUMMARY
1. NCPFS Multiple Remote Vulnerabilities
2. CitrusDB Credit Card Data Remote Information Disclosure Vuln...
3. Xoops Incontent Module Directory Traversal Vulnerability
4. Clam Anti-Virus ClamAV ZIP File Parsing Remote Denial Of Ser...
5. RealNetworks RealPlayer Drag And Drop Zone Bypass Vulnerabil...
6. PostgreSQL LOAD Extension Local Privilege Escalation Vulnera...
7. Squid Proxy Oversize HTTP Headers Unspecified Remote Vulnera...
8. SquirrelMail URL Remote Code Execution Vulnerability
9. Newsfetch SScanf Remote Buffer Overflow Vulnerability
10. PostgreSQL Multiple Remote Vulnerabilities
11. Newspost Remote Buffer Overflow Vulnerability
12. Perl SuidPerl Multiple Local Vulnerabilities
13. Squid Proxy squid_ldap_auth Authentication Bypass
Vulnerabil...
14. Squid Proxy WCCP recvfrom() Buffer Overflow Vulnerability
15. Squid Proxy Malformed HTTP Header Parsing Cache Poisoning
Vu...
16. D-BUS Session Bus Local Privilege Escalation Vulnerability
17. Python SimpleXMLRPCServer Library Module Unauthorized
Access...
18. SunShop Shopping Cart Cross-Site Scripting Vulnerability
19. Linux Kernel IPV6_Setsockopt IPV6_PKTOPTIONS Integer
Overflo...
20. ht://Dig Unspecified Cross-Site Scripting Vulnerability
21. Postfix IPv6 Unauthorized Mail Relay Vulnerability
22. PowerDNS Unspecified Remote Denial of Service Vulnerability
23. Netgear DG834 ADSL Firewall Router Insecure Configuration
Vu...
III. LINUX FOCUS LIST SUMMARY
NO NEW POSTS FOR THE WEEK 2005-02-01 to 2005-02-08.
IV. NEW PRODUCTS FOR LINUX PLATFORMS
1. CoreGuard Core Security System
2. EnCase Forensic Edition
3. KeyGhost SX
4. SafeKit
5. Astaro Linux Firewall
6. CAT Cellular Authentication Token and eAuthentication Servic...
V. NEW TOOLS FOR LINUX PLATFORMS
1. DigSig 1.3.2
2. Firestarter 1.0.0
3. Network Equipment Performance Monitor 2.2
4. BitDefender for qmail v1.5.5-2
5. Bilbo 0.11
6. Ipanto Secure 2.0
VI. UNSUBSCRIBE INSTRUCTIONS
VII. SPONSOR INFORMATION
I. FRONT AND CENTER
-------------------
1. Penetration Testing IPsec VPNs
By Rohyt Belani and K.K. Mookhey
This article discusses a methodology to assess the security posture of
an
organization's IPsec based VPN architecture.
http://www.securityfocus.com/infocus/1821
2. Linux Kernel Security is Lacking
By Jason Miller
Recent events have shown that the way security in the Linux kernel is
handled is broken, and it needs to be fixed right now.
http://www.securityfocus.com/columnists/296
3. Apache 2 with SSL/TLS: Step-by-Step, Part 2
By Artur Maj
This article is part two of a three part series dedicated to
configuring
Apache 2.0 with SSL/TLS support, for maxiumum security and optimal
performance. This article offers mod_ssl recommendations and then
discusses
three different ways to sign a certificate, including setting up a
local
Certificate Authority using OpenSSL.
http://www.securityfocus.com/infocus/1820
4. Of Dog Sniffs and Packet Sniffs
By Mark Rasch
Why a Supreme Court decision on canine-assisted roadside searches opens
the
door to a new regime of Internet surveillance.
http://www.securityfocus.com/columnists/297
II. LINUX VULNERABILITY SUMMARY
-------------------------------
1. NCPFS Multiple Remote Vulnerabilities
BugTraq ID: 12400
Remote: Yes
Date Published: Jan 31 2005
Relevant URL: http://www.securityfocus.com/bid/12400
Summary:
Multiple remote vulnerabilities affect ncpfs. These issues are due to
a failure to manage access privileges securely and a failure to
validate the length of user-supplied strings prior to copying them into finite
process buffers.
The first issue is a remote buffer overflow vulnerability. The second
issue is an access validation issue due to the setuid privileges of
ncpfs utilities.
An attacker may leverage these issues to execute arbitrary code with
the privileges of the affected application and to access arbitrary files
with the escalated privileges.
2. CitrusDB Credit Card Data Remote Information Disclosure Vuln...
BugTraq ID: 12402
Remote: Yes
Date Published: Jan 31 2005
Relevant URL: http://www.securityfocus.com/bid/12402
Summary:
A remote information disclosure issue affects CitrusDB. This issue is
due to a design problem that grants unauthorized users the ability to
export sensitive data.
An attacker may leverage this issue to gain access to sensitive
information including credit card data.
3. Xoops Incontent Module Directory Traversal Vulnerability
BugTraq ID: 12406
Remote: Yes
Date Published: Jan 28 2005
Relevant URL: http://www.securityfocus.com/bid/12406
Summary:
Xoops Incontent module is reported prone to a directory traversal
vulnerability. This issue is due to a failure of the application to
properly sanitize user-supplied input.
A malicious user could issue a request containing directory traversal
strings such as '../' to possibly view files outside the server root
directory.
Incontent version 3.0 is reported to be susceptible to this
vulnerability. Other versions may also be affected.
4. Clam Anti-Virus ClamAV ZIP File Parsing Remote Denial Of Ser...
BugTraq ID: 12408
Remote: Yes
Date Published: Jan 31 2005
Relevant URL: http://www.securityfocus.com/bid/12408
Summary:
A remote denial of service vulnerability affects ClamAV. This issue is
due to a failure of the application to properly handle malicious file
content.
An attacker may leverage this issue to crash the Clam Anti-Virus
daemon, potentially leaving an affected computer open to infection by
malicious code.
5. RealNetworks RealPlayer Drag And Drop Zone Bypass Vulnerabil...
BugTraq ID: 12410
Remote: Yes
Date Published: Feb 01 2005
Relevant URL: http://www.securityfocus.com/bid/12410
Summary:
RealNetworks RealPlayer is reported susceptible to a security zone
bypass vulnerability. This issue is due to a failure of the application to
properly enforce security zones, potentially allowing remote attackers
to execute HTML or script code in the Local Zone of affected client
computers.
The embedded Internet Explorer engine in RealPlayer reportedly loads
attacker-supplied files in the Local Zone, allowing attackers to execute
malicious HTML and script code with potentially elevated privileges.
This issue may be a variant, or be related to BIDs 10973, or 11466.
It is unclear at this time if a further vulnerability has been
discovered by this disclosure. This BID will be updated as further analysis is
completed.
6. PostgreSQL LOAD Extension Local Privilege Escalation Vulnera...
BugTraq ID: 12411
Remote: No
Date Published: Feb 01 2005
Relevant URL: http://www.securityfocus.com/bid/12411
Summary:
A local privilege escalation vulnerability affects PostgreSQL. This
issue is due to a failure of the application to restrict critical
functionality to privileged users.
An attacker may leverage this issue to execute arbitrary code with the
privileges of the affected database, potentially facilitating privilege
escalation.
7. Squid Proxy Oversize HTTP Headers Unspecified Remote Vulnera...
BugTraq ID: 12412
Remote: Yes
Date Published: Feb 01 2005
Relevant URL: http://www.securityfocus.com/bid/12412
Summary:
A remote unspecified vulnerability reportedly affects Squid Proxy.
This issue is due to a failure of the application to properly handle
malformed HTTP headers.
The impact of this issue is currently unknown. This BID will be
updated when more information becomes available.
8. SquirrelMail URL Remote Code Execution Vulnerability
BugTraq ID: 12413
Remote: Yes
Date Published: Feb 01 2005
Relevant URL: http://www.securityfocus.com/bid/12413
Summary:
A remote code execution vulnerability affects SquirrelMail. Although
unconfirmed, it is likely that this issue is due to a failure of the
application to properly sanitize user-supplied input prior to including it
in functionality designed to carry out critical actions.
An attacker may leverage this issue to execute arbitrary code with the
privileges of the 'www-data' user; this may facilitate privilege
escalation and system compromise.
9. Newsfetch SScanf Remote Buffer Overflow Vulnerability
BugTraq ID: 12414
Remote: Yes
Date Published: Feb 01 2005
Relevant URL: http://www.securityfocus.com/bid/12414
Summary:
Newsfetch makes several insecure sscanf calls that could potentially
result in a buffer overflow. This is a result of insufficient bounds
checking when sscanf stores data in an internal buffer.
10. PostgreSQL Multiple Remote Vulnerabilities
BugTraq ID: 12417
Remote: Yes
Date Published: Feb 01 2005
Relevant URL: http://www.securityfocus.com/bid/12417
Summary:
Multiple remote vulnerabilities affect PostgreSQL. These issues are
due to design errors, buffer mismanagement errors, and issues that are
currently unspecified.
The first issue is a failure of the application to ensure function
permissions are enforced. The second issue is a buffer overflow triggered
when cursor declaration occurs. The final vulnerability is an
unspecified security issue that exists in 'contrib/intagg'. The information
currently available is not sufficient to provide a more in-depth technical
description. This BID will be updated with the release of further
details.
An attacker may leverage these issues to execute arbitrary code with
the privileges of the vulnerable database process and to execute
functions without requiring permission. Other attacks are also possible.
11. Newspost Remote Buffer Overflow Vulnerability
BugTraq ID: 12418
Remote: Yes
Date Published: Feb 01 2005
Relevant URL: http://www.securityfocus.com/bid/12418
Summary:
Newspost is prone to a remote buffer overflow vulnerability due to an
unbounded memory copy operation.
The problem occurs in the 'socket_getline()' function of 'socket.c'
when the vulnerable client handles NNTP server responses.
Successful exploitation of this issue could potentially lead to
arbitrary code execution.
This issue was reported to affect Newspost 2.1.1 and prior, however,
other versions may be vulnerable.
12. Perl SuidPerl Multiple Local Vulnerabilities
BugTraq ID: 12426
Remote: No
Date Published: Feb 02 2005
Relevant URL: http://www.securityfocus.com/bid/12426
Summary:
SuidPerl is reported prone to multiple vulnerabilities. The following
individual issues are reported:
It is reported that the 'PERLIO_DEBUG' SuidPerl environment variable
may be employed to corrupt arbitrary files.
A local unprivileged attacker may exploit this vulnerability to corrupt
arbitrary files with superuser privileges. This may ultimately lead to
a denial of service for legitimate users or privilege escalation.
SuidPerl is reported prone to a local buffer overflow vulnerability as
well. This buffer overflow vulnerability may be exploited by a local
attacker to gain superuser privileges. This issue is also exploited
through the 'PERLIO_DEBUG' variable.
13. Squid Proxy squid_ldap_auth Authentication Bypass Vulnerabil...
BugTraq ID: 12431
Remote: Yes
Date Published: Feb 02 2005
Relevant URL: http://www.securityfocus.com/bid/12431
Summary:
Squid Proxy is reported prone to an authentication bypass
vulnerability. This issue seems to result of insufficient input validation.
It is reported that the 'squid_ldap_auth' module is affected by this
issue. A remote attacker may gain unauthorized access or gain elevated
privileges from bypassing access controls.
Squid versions 2.5 and earlier are reported prone to this
vulnerability.
14. Squid Proxy WCCP recvfrom() Buffer Overflow Vulnerability
BugTraq ID: 12432
Remote: Yes
Date Published: Feb 02 2005
Relevant URL: http://www.securityfocus.com/bid/12432
Summary:
The Squid proxy server is vulnerable to a remotely exploitable buffer
overflow vulnerability. The vulnerability is in its implementation of
WCCP (web cache communication protocol), a UDP based web cache
management protocol. The condition is triggered when it reads a packet from the
network that is larger than the size of the buffer allocated to store
it. This can occur because recvfrom() is passed an incorrect value for
its "len" argument.
15. Squid Proxy Malformed HTTP Header Parsing Cache Poisoning Vu...
BugTraq ID: 12433
Remote: Yes
Date Published: Feb 02 2005
Relevant URL: http://www.securityfocus.com/bid/12433
Summary:
Squid Proxy is reported prone to a cache poisoning vulnerability when
processing malformed HTTP requests and responses. This issue results
from insufficient sanitzation of user-supplied data.
Squid versions 2.5 and earlier are reported prone to this issue.
16. D-BUS Session Bus Local Privilege Escalation Vulnerability
BugTraq ID: 12435
Remote: No
Date Published: Feb 03 2005
Relevant URL: http://www.securityfocus.com/bid/12435
Summary:
A local privilege escalation vulnerability affects D-BUS. This issue is
due to a failure of the application to properly secure message bus
sessions.
An attacker may leverage this issue to send messages to the message bus
of an unsuspecting user. This may facilitate command execution with the
privileges of the unsuspecting user, ultimately leading to privilege
escalation.
17. Python SimpleXMLRPCServer Library Module Unauthorized Access...
BugTraq ID: 12437
Remote: Yes
Date Published: Feb 03 2005
Relevant URL: http://www.securityfocus.com/bid/12437
Summary:
A remote unauthorized access vulnerability affects Python. This issue
is due to a failure of the API to properly secure access to sensitive
internal data or functionality of registered objects and modules.
A remote attacker may leverage this issue to gain unauthorized access
to an affected computer. Other attacks are also possible.
18. SunShop Shopping Cart Cross-Site Scripting Vulnerability
BugTraq ID: 12438
Remote: Yes
Date Published: Feb 03 2005
Relevant URL: http://www.securityfocus.com/bid/12438
Summary:
SunShop Shopping Cart is reportedly affected by a cross-site scripting
vulnerability. This issue is due to the application failing to
properly sanitize user-supplied input.
This issue is reported to affect SunShop Shopping Cart version 3.4RC1;
earlier versions may also be affected.
19. Linux Kernel IPV6_Setsockopt IPV6_PKTOPTIONS Integer Overflo...
BugTraq ID: 12441
Remote: No
Date Published: Feb 03 2005
Relevant URL: http://www.securityfocus.com/bid/12441
Summary:
An integer overflow vulnerability is reported in the Linux kernel
'ipv6_setsockopt()' system call. This issue is related to the code for
handling the IPV6_PKTOPTIONS socket option, which is used to provide the
kernel with IPv6 options for a designation socket.
This issue may be exploited by a local user to compromise the system.
Exploitation could also result in a denial of service. It should be
noted that this type of vulnerability might provide a generic means of
privilege escalation across Linux distributions once a remote attacker has
gained unauthorized access as a lower privileged user.
**Update: Conflicting reports suggest that this issue is not in fact a
vulnerability. It is reported that the 'optlen' value is sanitized in
'linux/net/socket.c' before reaching the code that is reported
vulnerable.
20. ht://Dig Unspecified Cross-Site Scripting Vulnerability
BugTraq ID: 12442
Remote: Yes
Date Published: Feb 03 2005
Relevant URL: http://www.securityfocus.com/bid/12442
Summary:
ht://Dig is reported prone to an unspecified cross-site scripting
vulnerability. This issue is due to a failure of the application to
properly sanitize user-supplied URI data prior to including it in dynamically
generated Web page content.
All versions of ht://Dig are considered vulnerable at the moment.
This BID will be updated when more information becomes available.
21. Postfix IPv6 Unauthorized Mail Relay Vulnerability
BugTraq ID: 12445
Remote: Yes
Date Published: Feb 04 2005
Relevant URL: http://www.securityfocus.com/bid/12445
Summary:
Postfix is prone to a vulnerability that allows the application to be
abused as a mail relay.
Arbitrary mail may be sent to any MX host with an IPv6 address. This
could be exploited by spammers or other malicious parties.
Postfix 2.1.3 is reported prone to this issue. It is possible that
other versions are affected as well.
22. PowerDNS Unspecified Remote Denial of Service Vulnerability
BugTraq ID: 12446
Remote: Yes
Date Published: Feb 04 2005
Relevant URL: http://www.securityfocus.com/bid/12446
Summary:
PowerDNS is reported prone to an unspecified remote denial of service
vulnerability. It is conjectured that this issue likely results from
the failure of the application to handle exceptional conditions.
PowerDNS versions prior to 2.9.17 are reported vulnerable to this
issue.
23. Netgear DG834 ADSL Firewall Router Insecure Configuration Vu...
BugTraq ID: 12447
Remote: Yes
Date Published: Feb 04 2005
Relevant URL: http://www.securityfocus.com/bid/12447
Summary:
The Netgear DG834 ADSL Firewall Router is reported prone to a firewall
insecure configuration vulnerability. It is reported that when the
affected appliance is configured so that NAT (Network Address Translation)
is disabled the firewall becomes ineffective.
This vulnerability will result in a false sense of security where a
user may believe that their network and appliance is protected when it is
not.
III. LINUX FOCUS LIST SUMMARY
-----------------------------
NO NEW POSTS FOR THE WEEK 2005-02-01 to 2005-02-08.
IV. NEW PRODUCTS FOR LINUX PLATFORMS
------------------------------------
1. CoreGuard Core Security System
By: Vormetric
Platforms: AIX, Linux, Solaris, Windows 2000, Windows XP
Relevant URL: http://www.vormetric.com/products/#overview
Summary:
CoreGuard System profile
The CoreGuard System is the industry's first solution that enforces
acceptable use policy for sensitive digital information assets and
protects personal data privacy across an enterprise IT environment.
CoreGuard's innovative architecture and completeness of technology
provide a comprehensive, extensible solution that tightly integrates
all
the elements required to protect information across a widespread,
heterogeneous enterprise network, while enforcing separation of duties
between security and IT administration. At the same time, CoreGuard is
transparent to users, applications and storage infrastructures for ease
of deployment and system management.
CoreGuard enables customers to:
* Protect customer personal data privacy and digital information assets
* Protect data at rest from unauthorized viewing by external attackers
and unauthorized insiders
* Enforce segregation of duties between IT administrators and security
administration
* Ensure host & application integrity * Block malicious code, including
zero-day exploits
2. EnCase Forensic Edition
By: Guidance Software Inc.
Platforms: DOS, FreeBSD, Linux, MacOS, NetBSD, OpenBSD, PalmOS,
Solaris, UNIX, Windows 2000, Windows 95/98, Windows NT, Windows XP
Relevant URL:
http://www.guidancesoftware.com/products/EnCaseForensic/index.shtm
Summary:
EnCase Forensic Edition Version 4 delivers the most advanced features
for computer forensics and investigations. With an intuitive GUI and
superior performance, EnCase Version 4 provides investigators with the
tools to conduct large-scale and complex investigations with accuracy and
efficiency. Guidance Software?s award winning solution yields
completely non-invasive computer forensic investigations while allowing
examiners to easily manage large volumes of computer evidence and view all
relevant files, including "deleted" files, file slack and unallocated
space.
The integrated functionality of EnCase allows the examiner to perform
all functions of the computer forensic investigation process. EnCase's
EnScript, a powerful macro-programming language and API included within
EnCase, allows investigators to build customized and reusable forensic
scripts.
3. KeyGhost SX
By: KeyGhost Ltd
Platforms: BeOS, DOS, Linux, OS/2, Solaris, SunOS, Windows 2000,
Windows 95/98, Windows NT, Windows XP
Relevant URL: http://www.keyghost.com/SX/
Summary:
KeyGhost SX discreetly captures and records all keystrokes typed,
including chat conversations, email, word processor, or even activity within
an accounting or specialist system. It is completely undetectable by
software scanners and provides you with one of the most powerful stealth
surveillance applications offered anywhere.
Because KeyGhost uses STRONG 128-Bit encryption to store the recorded
data in it?s own internal memory (not on the hard drive), it is
impossible for a network intruder to gain access to any sensitive data stored
within the device.
4. SafeKit
By: Evidian Inc.
Platforms: AIX, HP-UX, Linux, Solaris, Windows 2000
Relevant URL: http://www.evidian.com/safekit/index.htm
Summary:
Evidian's SafeKit technology makes it possible to render any
application available 24 hours per day. With no extra hardware: just use your
existing servers and install this software-only solution.
This provides ultimate scalability. As your needs grow, all you need to
do is add more standard servers into the cluster. With the load
balancing features of SafeKit, you can distribute applications over multiple
servers. If one system fails completely, the others will continue to
serve your users.
5. Astaro Linux Firewall
By: Astaro
Platforms: Linux
Relevant URL: http://www.astaro.com/php/statics.php?action=asl&lang=gb
Summary:
Astaro Linux Firewall: All-in-one firewall, virus protection, content
filtering and spam protection internet security software package for
Linux.
Free download for home users.
6. CAT Cellular Authentication Token and eAuthentication Servic...
By: Mega AS Consulting Ltd
Platforms: Java, Linux, OpenBSD, Os Independent, SecureBSD, Solaris,
UNIX, Windows 2000, Windows NT
Relevant URL: http://www.megaas.co.nz
Summary:
Low cost, easy to use Two Factor Authentication One Time Password token
using the Cellular. Does not use SMS or communication, manages multiple
OTP accounts - new technology. For any business that want a safer
access to its Internet Services. More information at our site.
We also provide eAuthentication service for businesses that will not
buy an Authentication product but would prefer to pay a monthly charge
for authentication services from our our CAT Server.
V. NEW TOOLS FOR LINUX PLATFORMS
--------------------------------
1. DigSig 1.3.2
By:
Relevant URL: http://sourceforge.net/projects/disec/
Platforms: Linux
Summary:
DigSig Linux kernel load module checks the signature of a binary before
running it. It inserts digital signatures inside the ELF binary and
verify this signature before loading the binary. Therefore, it improves
the security of the system by avoiding a wide range of malicious
binaries like viruses, worms, Torjan programs and backdoors from running on
the system.
2. Firestarter 1.0.0
By: Tomas Junnonen
Relevant URL: http://www.fs-security.com/
Platforms: Linux
Summary:
Firestarter is graphical firewall tool for Linux. The program aims to
combine
ease of use with powerful features, serving both desktop users and
administrators.
3. Network Equipment Performance Monitor 2.2
By: Nova Software, Inc.
Relevant URL: http://www.nepm.net/
Platforms: AIX, FreeBSD, HP-UX, Linux, Solaris, True64 UNIX, UNIX,
Windows 2000, Windows NT, Windows XP
Summary:
NEPM is a very general, highly configurable, two part software system
that monitors any type of logged data from IP networked equipment and
reports it via E-mail and web pages. Current conditions and history from
systems based on Windows NT/2000 and UNIX can be tracked and reported.
Most major server, switch and router systems can be monitored, without
running agents on the target systems.
4. BitDefender for qmail v1.5.5-2
By: SOFTWIN <mmitu@bitdefender.com>
Relevant URL: http://www.bitdefender.com/bd/site/products.php?p_id=10
Platforms: Linux
Summary:
BitDefender for qmail is a powerful antivirus software for Linux mail
servers, which provides proactive protection of message traffic at the
email server level, eliminating the risk to the entire network that
could be caused by a negligent user. All messages, both sent and received,
are scanned in real time, avoiding the possible infections and
preventing anyone from sending an infected message. BitDefender claims 100%
detection rate for all viruses in the wild (ITW) through its powerful
scanning engines certified by the most prestigious testing labs (ICSA in
February 2003, Virus Bulletin 100% in June 2003 and CheckMark in August
2003).
5. Bilbo 0.11
By: Bart Somers
Relevant URL: http://doornenburg.homelinux.net/scripts/bilbo/
Platforms: FreeBSD, Linux
Summary:
Bilbo is an automated, multithreaded nmap-scanner and reporter, capable
of header fetching and matching the results against a database from
previous scans.
6. Ipanto Secure 2.0
By: Ipanto
Relevant URL: http://www.ipanto.com/secure
Platforms: HP-UX, Linux, Solaris, UNIX
Summary:
Ipanto Secure allows ISC based DHCP servers (UNIX, Linux) to send
signed dynamic DNS updates to a Microsoft DNS, using the GSS-TSIG protocol.
VII. SPONSOR INFORMATION
-----------------------
Need to know what's happening on YOUR network? Symantec DeepSight
Analyzer
is a free service that gives you the ability to track and manage
attacks.
Analyzer automatically correlates attacks from various Firewall and
network
based Intrusion Detection Systems, giving you a comprehensive view of
your
computer or general network. Sign up today!
http://www.securityfocus.com/sponsor/Symantec_sf-news_041130
------------------------------------------------------------------------