1. IT-Security >
  2. IT Security Tools


ArabicEnglishFrenchGermanGreekItalianJapaneseKoreanPersianPolishPortugueseRussianSpanishTurkishVietnamese
Anzeige

IT Security Tools


Suchen

MyBB OUGC Awards 1.8.3 Cross Site Scripting

IT Security Tools vom 07.01.2019 um 21:49 Uhr | Quelle packetstormsecurity.com
MyBB OUGC Awards plugin version 1.8.3 suffers from a cross site scripting vulnerability.
Newsbewertung

Weiterlesen

Mailcleaner Remote Code Execution

IT Security Tools vom 07.01.2019 um 21:43 Uhr | Quelle packetstormsecurity.com
This Metasploit module exploits the command injection vulnerability of MailCleaner Community Edition product. An authenticated user can execute an operating system command under the context of the web server user which is root. /admin/managetracing/search/search endpoint takes several user inputs and then pass them to the internal service which is responsible for executing operating system command. One of the user input is being passed to the service without proper validation. That cause a command injection vulnerability.
Newsbewertung

Weiterlesen

Samhain File Integrity Checker 4.3.2

IT Security Tools vom 07.01.2019 um 19:54 Uhr | Quelle packetstormsecurity.com
Samhain is a file system integrity checker that can be used as a client/server application for centralized monitoring of networked hosts. Databases and configuration files can be stored on the server. Databases, logs, and config files can be signed for tamper resistance. In addition to forwarding reports to the log server via authenticated TCP/IP connections, several other logging facilities (e-mail, console, and syslog) are available. Tested on Linux, AIX, HP-UX, Unixware, Sun and Solaris.
Newsbewertung

Weiterlesen

Red Hat Security Advisory 2019-0022-01

IT Security Tools vom 04.01.2019 um 00:01 Uhr | Quelle packetstormsecurity.com
Red Hat Security Advisory 2019-0022-01 - The keepalived utility provides simple and robust facilities for load balancing and high availability. The load balancing framework relies on the well-known and widely used IP Virtual Server kernel module providing layer-4 load balancing. Keepalived implements a set of checkers to dynamically and adaptively maintain and manage a load balanced server pool according to the health of the servers. Keepalived also implements the Virtual Router Redundancy Protocol to achieve high availability with director failover. Issues addressed include buffer overflow, code execution, and denial of service vulnerabilities.
Newsbewertung

Weiterlesen

Red Hat Security Advisory 2019-0019-01

IT Security Tools vom 04.01.2019 um 00:01 Uhr | Quelle packetstormsecurity.com
Red Hat Security Advisory 2019-0019-01 - The grafana package provides the Grafana metrics dashboard and graph editor. Issues addressed include a bypass vulnerability.
Newsbewertung

Weiterlesen

Apache CouchDB 2.3.0 Cross Site Request Forgery

IT Security Tools vom 03.01.2019 um 23:59 Uhr | Quelle packetstormsecurity.com
Apache CouchDB version 2.3.0 suffers from cross site request forgery vulnerabilities providing there's a loose CORs policy.
Newsbewertung

Weiterlesen

Family Connections 3.7.0 Cross Site Scripting

IT Security Tools vom 03.01.2019 um 17:29 Uhr | Quelle packetstormsecurity.com
Family Connections version 3.7.0 suffers from multiple cross site scripting vulnerabilities.
Newsbewertung

Weiterlesen

Family Connections 3.7.0 Cross Site Scripting

IT Security Tools vom 03.01.2019 um 17:29 Uhr | Quelle packetstormsecurity.com
Family Connections version 3.7.0 suffers from multiple cross site scripting vulnerabilities.
Newsbewertung

Weiterlesen

GeniXCMS 1.1.5 Cross Site Scripting

IT Security Tools vom 03.01.2019 um 17:27 Uhr | Quelle packetstormsecurity.com
GeniXCMS version 1.1.5 suffers from multiple cross site scripting vulnerabilities.
Newsbewertung

Weiterlesen

GeniXCMS 1.1.5 Cross Site Scripting

IT Security Tools vom 03.01.2019 um 17:27 Uhr | Quelle packetstormsecurity.com
GeniXCMS version 1.1.5 suffers from multiple cross site scripting vulnerabilities.
Newsbewertung

Weiterlesen

Microweber 1.0.8 Cross Site Scripting

IT Security Tools vom 03.01.2019 um 17:17 Uhr | Quelle packetstormsecurity.com
Microweber version 1.0.8 suffers from reflected cross site scripting vulnerabilities.
Newsbewertung

Weiterlesen

Microweber 1.0.8 Cross Site Scripting

IT Security Tools vom 03.01.2019 um 17:17 Uhr | Quelle packetstormsecurity.com
Microweber version 1.0.8 suffers from reflected cross site scripting vulnerabilities.
Newsbewertung

Weiterlesen

unCaptcha2 - Google ReCaptcha Proof Of Concept

IT Security Tools vom 03.01.2019 um 17:13 Uhr | Quelle packetstormsecurity.com
unCaptcha2 is a proof of concept that defeats the latest version of ReCaptcha with 91% accuracy as of January, 2019.
Newsbewertung

Weiterlesen

unCaptcha2 - Google ReCaptcha Proof Of Concept

IT Security Tools vom 03.01.2019 um 17:13 Uhr | Quelle packetstormsecurity.com
unCaptcha2 is a proof of concept that defeats the latest version of ReCaptcha with 91% accuracy as of January, 2019.
Newsbewertung

Weiterlesen

Ansvif 1.11

IT Security Tools vom 03.01.2019 um 04:00 Uhr | Quelle packetstormsecurity.com
Ansvif is "A Not So Very Intelligent Fuzzer". It feeds garbage arguments and data into programs trying to induce a fault.
Newsbewertung

Weiterlesen

Red Hat Security Advisory 2019-0010-01

IT Security Tools vom 03.01.2019 um 03:57 Uhr | Quelle packetstormsecurity.com
Red Hat Security Advisory 2019-0010-01 - Perl is a high-level programming language that is commonly used for system administration utilities and web programming. Issues addressed include a buffer overflow vulnerability.
Newsbewertung

Weiterlesen

Red Hat Security Advisory 2019-0001-01

IT Security Tools vom 03.01.2019 um 03:57 Uhr | Quelle packetstormsecurity.com
Red Hat Security Advisory 2019-0001-01 - Perl is a high-level programming language that is commonly used for system administration utilities and web programming. Issues addressed include a buffer overflow vulnerability.
Newsbewertung

Weiterlesen

Marvell Avastar Wi-Fi Remote Code Execution

IT Security Tools vom 03.01.2019 um 03:22 Uhr | Quelle packetstormsecurity.com
Marvell Avastar Wi-Fi chips used in Playstation, Xbox, Surfaces, and more suffer from an unauthenticated remote code execution vulnerability.
Newsbewertung

Weiterlesen

Marvell Avastar Wi-Fi Remote Code Execution

IT Security Tools vom 03.01.2019 um 03:22 Uhr | Quelle packetstormsecurity.com
Marvell Avastar Wi-Fi chips used in Playstation, Xbox, Surfaces, and more suffer from an unauthenticated remote code execution vulnerability.
Newsbewertung

Weiterlesen

Zurmo 2.3.4 Cross Site Scripting

IT Security Tools vom 03.01.2019 um 00:22 Uhr | Quelle packetstormsecurity.com
Zurmo version 2.3.4 suffers from multiple cross site scripting vulnerabilities.
Newsbewertung

Weiterlesen

Shorewall - A Gateway/Firewall Configuration Tool for GNU/Linux

IT Security Tools vom 02.01.2019 um 13:55 Uhr | Quelle blog.hackersonlineclub.com

Shorewall - A Gateway/Firewall Configuration Tool for GNU/Linux.

What is Shorewall?

The Shoreline Firewall, more commonly known as “Shorewall”, is high-level tool for configuring Netfilter. You describe your firewall/gateway requirements using entries in a set of configuration files.

Shorewall reads those configuration files and with the help of the iptables, iptables-restore, ip and tc utilities, Shorewall configures Netfilter and the Linux networking subsystem to match your requirements.

Shorewall can be used on a dedicated firewall system, a multi-function gateway/router/server or on a standalone GNU/Linux system. Shorewall does not use Netfilter's ipchains compatibility mode and can thus take advantage of Netfilter's connection state tracking capabilities.

Shorewall is not a daemon. Once Shorewall has configured the Linux networking subsystem, its job is complete and there is no “Shorewall process” left running in your system. The /sbin/shorewall program can be used at any time to monitor the Netfilter firewall.

Shorewall is not the easiest to use of the available iptables configuration tools but I believe that it is the most flexible and powerful. So if you are looking for a simple point-and-click set-and-forget Linux firewall solution that requires a minimum of networking knowledge, I would encourage you to check out the following alternatives:

  • UFW (Uncomplicated Firewall)
  • IPCop

If you are looking for a Linux firewall solution that can handle complex and fast changing network environments then Shorewall is a logical choice.

Glossary


  • Netfilter - the packet filter facility built into the 2.4 and later Linux kernels.
  • ipchains - the packet filter facility built into the 2.2 Linux kernels. Also the name of the utility program used to configure and control that facility. Netfilter can be used in ipchains compatibility mode.
  • iptables - the utility program used to configure and control Netfilter. The term “iptables” is often used to refer to the combination of iptables+Netfilter (with Netfilter not in ipchains compatibility mode).
  • iptables-restore - a program included with iptables that allows for atomic installation of a set of Netfilter rules. This is a much more efficient way to install a rule set than running the iptables utility once for each rule in the rule set.
  • ifconfig - An obsolete program included in the net-utils package. ifconfig was used to configure network interfaces.
  • route - An obsolete program included in the net-utils package. route was used to configure routing.
  • ip - A program included in the iproute2 package. ip replaces ifconfig and route in modern Linux systems.
  • tc - A program included in the iproute2 package. tc is used to configure QOS/Traffic Shaping on Linux systems.

Shorewall Concepts

The configuration files for Shorewall are contained in the directory /etc/shorewall -- for simple setups, you will only need to deal with a few of them.

Shorewall views the network where it is running as being composed of a set of zones. Zones are declared and given a type in the /etc/shorewall/zones file.

Note that Shorewall recognizes the firewall system as its own zone. The name of the zone designating the firewall itself (usually 'fw' as shown in the above file) is stored in the shell variable $FW which may be used throughout the Shorewall configuration to refer to the firewall zone.

The simplest way to define the hosts in a zone is to associate the zone with a network interface using the /etc/shorewall/interfaces file. In the three-interface sample, the three zones are defined using that file as follows:

#ZONE      INTERFACE     BROADCAST       OPTIONS
net                      eth0                 detect               dhcp,routefilter
loc                      eth1                 detect
dmz                    eth2                 detect

The above file defines the net zone as all IPv4 hosts interfacing to the firewall through eth0, the loc zone as all IPv4 hosts interfacing through eth1 and the dmz as all IPv4 hosts interfacing through eth2. It is important to note that the composition of a zone is defined in terms of a combination of addresses and interfaces.

When using the /etc/shorewall/interfaces file to define a zone, all addresses are included; when you want to define a zone that contains a limited subset of the IPv4 address space, you use the /etc/shorewall/hosts file or you may use the nets= option in /etc/shorewall/interfaces:

#ZONE      INTERFACE     BROADCAST         OPTIONS
net                       eth0                    detect           dhcp,routefilter,nets=(!192.168.0.0/23)
loc                       eth1                    detect           nets=(192.168.0.0/24)
dmz                     eth2                    detect           nets=(192.168.1.0/24)

The above file defines the net zone as all IPv4 hosts interfacing to the firewall through eth0 except for 192.168.0.0/23, the loc zone as IPv4 hosts 192.168.0.0/24 interfacing through eth1 and the dmz as IPv4 hosts 192.168.1.0/24 interfacing through eth2 (Note that 192.168.0.0/24 together with 192.168.1.0/24 comprises 192.168.0.0/23).

Rules about what traffic to allow and what traffic to deny are expressed in terms of zones.

  • You express your default policy for connections from one zone to another zone in the /etc/shorewall/policy file. The basic choices for policy are:


  1. ACCEPT - Accept the connection.
  2. DROP - Ignore the connection request.
  3. REJECT - Return an appropriate error to the connection request.


Connection request logging may be specified as part of a policy and it is conventional (and highly recommended) to log DROP and REJECT policies.


  • You define exceptions to these default policies in the /etc/shorewall/rules file.



  • You only need concern yourself with connection requests. You don't need to define rules for handling traffic that is part of an established connection and in most cases you don't have to worry about how related connections are handled (ICMP error packets and related TCP connection requests such as used by FTP).


For each connection request entering the firewall, the request is first checked against the /etc/shorewall/rules file. If no rule in that file matches the connection request then the first policy in /etc/shorewall/policy that matches the request is applied.

If there is a default action defined for the policy in /etc/shorewall/shorewall.conf then that action is invoked before the policy is enforced. In the standard Shorewall distribution, the DROP policy has a default action called Drop and the REJECT policy has a default action called Reject.

Default actions are used primarily to discard certain packets silently so that they don't clutter up your log.

The /etc/shorewall/policy file included with the three-interface sample has the following policies:

#SOURCE    DEST        POLICY      LOGLEVEL    LIMIT
        loc           net          ACCEPT
       net            all            DROP            info
       all            all            REJECT         info

In the three-interface sample, the line below is included but commented out. If you want your firewall system to have full access to servers on the Internet, uncomment that line.

#SOURCE    DEST        POLICY      LOGLEVEL    LIMIT
     $FW           net          ACCEPT

The above policies will:

  • Allow all connection requests from your local network to the Internet
  • Drop (ignore) all connection requests from the Internet to your firewall or local networks; these ignored connection requests will be logged using the info syslog priority (log level).
  • Optionally accept all connection requests from the firewall to the Internet (if you uncomment the additional policy)
  • reject all other connection requests; these rejected connection requests will be logged using the info syslog priority (log level).


A word about Shorewall logging is in order. Shorewall does not have direct control over where its messages are logged; that is determined by the configuration of the logging daemon (syslog, rsyslog, syslog-ng, ulogd, etc.).

The LOGFILE setting in /etc/shorewall/shorewall.conf tells Shorewall where to find the log; it doesn't determine where messages are logged. See the Shorewall logging article for more information.

To illustrate how rules provide exceptions to policies, suppose that you have the polices listed above but you want to be able to connect to your firewall from the Internet using Secure Shell (SSH). Recall that SSH connects using TCP port 22. You would add the following rule to /etc/shorewall/rules:

#ACTION    SOURCE        DEST      PROTO      DPORT
  ACCEPT        net               $FW          tcp               22

So although you have a policy of ignoring all connection attempts from the net zone (from the Internet), the above exception to that policy allows you to connect to the SSH server running on your firewall.

Because Shorewall makes no assumptions about what traffic you want accepted, there are certain rules (exceptions) that need to be added to almost any configuration.

The QuickStart guides point to pre-populated files for use in common setups and the Shorewall Setup Guide shows you examples for use with other more complex setups.

Again, to keep your firewall log from filling up with useless noise, Shorewall provides common actions that silently discard or reject such noise before it can be logged. As with everything in Shorewall, you can alter the behavior of these common actions (or do away with them entirely) as you see fit.

Shorewall Packages

Shorewall 4.5 and later consists of six packages.

1. Shorewall-core. All of the other packages depend on this one.

2. Shorewall. This package must be installed on at least one system in your network. It contains everything needed to create an IPv4 firewall.

3. Shorewall6. This package requires the Shorewall package and adds those components needed to create an IPv6 firewall.

4. Shorewall-lite. Shorewall allows for central administration of multiple IPv4 firewalls through use of Shorewall lite. The full Shorewall product is installed on a central administrative system where compiled Shorewall scripts are generated. These scripts are copied to the firewall systems where they run under the control of Shorewall-lite.

5. Shorewall6-lite. Shorewall allows for central administration of multiple IPv6 firewalls through use of Shorewall6 lite. The full Shorewall and Shorewall6 products are installed on a central administrative system where compiled Shorewall scripts are generated. These scripts are copied to the firewall systems where they run under the control of Shorewall6-lite.

6. Shorewall-init. May be installed with any of the other firewall packages. Allows the firewall to be closed prior to bringing up network interfaces. It can also react to interface up/down events.

Download Shorewall


Newsbewertung

Weiterlesen

ImpressCMS 1.3.10 Cross Site Scripting

IT Security Tools vom 02.01.2019 um 06:22 Uhr | Quelle packetstormsecurity.com
ImpressCMS version 1.3.10 suffers from multiple cross site scripting vulnerabilities.
Newsbewertung

Weiterlesen

Vtiger CRM 7.1.0 Remote Code Execution

IT Security Tools vom 02.01.2019 um 06:22 Uhr | Quelle packetstormsecurity.com
Vtiger CRM version 7.1.0 suffers from a remote code execution vulnerability.
Newsbewertung

Weiterlesen

EZ CD Audio Converter 8.0.7 Denial Of Service

IT Security Tools vom 02.01.2019 um 05:02 Uhr | Quelle packetstormsecurity.com
EZ CD Audio Converter version 8.0.7 suffers from a denial of service vulnerability.
Newsbewertung

Weiterlesen

WordPress Adicon Server 1.2 SQL Injection

IT Security Tools vom 02.01.2019 um 04:44 Uhr | Quelle packetstormsecurity.com
WordPress Adicon Server version 1.2 suffers from a remote SQL injection vulnerability.
Newsbewertung

Weiterlesen

NetworkSleuth 3.0.0.0 Denial Of Service

IT Security Tools vom 02.01.2019 um 04:22 Uhr | Quelle packetstormsecurity.com
NetworkSleuth version 3.0.0.0 suffers from a denial of service vulnerability.
Newsbewertung

Weiterlesen

NBMonitor Network Bandwidth Monitor 1.6.5.0 Denial Of Service

IT Security Tools vom 02.01.2019 um 04:02 Uhr | Quelle packetstormsecurity.com
NBMonitor Network Bandwidth Monitor version 1.6.5.0 suffers from a denial of service vulnerability.
Newsbewertung

Weiterlesen

Ayukov NFTP FTP Client 2.0 Buffer Overflow

IT Security Tools vom 02.01.2019 um 04:02 Uhr | Quelle packetstormsecurity.com
Ayukov NFTP FTP Client version 2.0 suffers from a buffer overflow vulnerability.
Newsbewertung

Weiterlesen

Typo3 CMS Site Crawler 6.1.2 Database Disclosure

IT Security Tools vom 02.01.2019 um 04:02 Uhr | Quelle packetstormsecurity.com
Typo3 CMS Site Crawler extension version 6.1.2 suffers from a database disclosure vulnerability.
Newsbewertung

Weiterlesen

Typo3 CMS YAG Themepack jQuery 1.3.2 Database Disclosure

IT Security Tools vom 02.01.2019 um 03:22 Uhr | Quelle packetstormsecurity.com
Typo3 CMS YAG Themepack jQuery extension version 1.3.2 suffers from a database disclosure vulnerability.
Newsbewertung

Weiterlesen

Typo3 CMS twwc_pages 8.7.x Database Disclosure

IT Security Tools vom 02.01.2019 um 03:03 Uhr | Quelle packetstormsecurity.com
Typo3 CMS twwc_pages extension version 8.7.x suffers from a database disclosure vulnerability.
Newsbewertung

Weiterlesen

aria2 1.33.1 Password Disclosure

IT Security Tools vom 02.01.2019 um 02:32 Uhr | Quelle packetstormsecurity.com
aria2 version 1.33.1 suffers from a password disclosure vulnerability when logging URLs with secrets in them.
Newsbewertung

Weiterlesen

Typo3 CMS Static Info Tables 6.7.3 Database Disclosure

IT Security Tools vom 02.01.2019 um 02:11 Uhr | Quelle packetstormsecurity.com
Typo3 CMS Static Info Tables extension version 6.7.3 suffers from a database disclosure vulnerability.
Newsbewertung

Weiterlesen

Typo3 CMS pw_highslide_gallery 0.3.1 Database Disclosure

IT Security Tools vom 02.01.2019 um 02:03 Uhr | Quelle packetstormsecurity.com
Typo3 CMS pw_highslide_gallery extension version 0.3.1 suffers from a database disclosure vulnerability.
Newsbewertung

Weiterlesen

SugarCRM Web Logic Hooks Module Path Traversal

IT Security Tools vom 02.01.2019 um 00:55 Uhr | Quelle packetstormsecurity.com
SugarCRM versions prior to 7.9.5.0, 8.0.2, and 8.2.0 suffer from a path traversal vulnerability. User input passed through the "webhook_target_module" parameter is not properly sanitized before being used to save PHP code into the hooks file through the Web Logic Hooks module. This can be exploited to carry out path traversal attacks and e.g. create arbitrary directories. Successful exploitation of this vulnerability requires admin privileges.
Newsbewertung

Weiterlesen

Seitennavigation

Seite 7 von 187 Seiten (Bei Beitrag 210 - 245)
6.536x Beiträge in dieser Kategorie

Auf Seite 6 zurück | Nächste 8 Seite | Letzte Seite
[ 2 ] [ 3 ] [ 4 ] [ 5 ] [ 6 ] [7] [ 8 ] [ 9 ] [ 10 ] [ 11 ] [ 12 ] [ 13 ] [ 14 ] [ 15 ] [ 16 ] [ 17 ]