Date: 26 Oct 2004 17:00:36 -0000
From:"Peter Laborge" <plaborge@securityfocus.com>
To:linux-secnews@securityfocus.com
Subject: SecurityFocus Linux Newsletter #207
SecurityFocus Linux Newsletter #207
------------------------------------

This Issue is Sponsored By: SecurityFocus

Stay up to date.  All the latest news, columns, jobs and more in a
convenient html newsletter - Even a glimpse of upcoming columns and 
feature
articles!  Sign up today!

http://www.securityfocus.com/htmlnewsletter/subscribe

------------------------------------------------------------------------
I. FRONT AND CENTER
     1. Issues Discovering Compromised Machines
     2. The Latest Tool in Competition: Hacking
     3. Security, 1994-2004: Then And Now
II. LINUX VULNERABILITY SUMMARY
     1. H+BEDV AntiVir MS-DOS Name Scan Evasion Vulnerability
     2. cPanel Remote Backup Information Disclosure Vulnerability
     3. cPanel Front Page Extension Installation File Ownership Vuln...
     4. cPanel Front Page Extension Installation Information Disclos...
     5. BMON Local Privilege Escalation Vulnerability
     6. MPG123 Remote URL Open Buffer Overflow Vulnerability
     7. Mozilla Browser Cross-Domain Tab Window Form Field Focus Vul...
     8. Opera Web Browser Cross-Domain Dialog Box Spoofing Vulnerabi...
     9. LibPNG Graphics Library Image Height Integer Overflow Vulner...
     10. Gaim MSN SLP Remote Buffer Overflow Vulnerability
     11. Gaim MSN Remote File Transfer Denial Of Service 
Vulnerabilit...
     12. Gaim MSN Remote SLP Denial Of Service Vulnerability
     13. Ecartis Remote Undisclosed Privilege Escalation 
Vulnerabilit...
     14. Linux Kernel IPTables Logging Rules Integer Underflow 
Vulner...
     15. SuSE Linux IBM S/390 Kernel Local Privilege Escalation 
Vulne...
     16. Zinf/Freeamp Unspecified Insecure Temporary File Creation 
Vu...
     17. Linux Kernel TIOCSETD Terminal Subsystem Race Condition 
Vuln...
     18. Linux Kernel Terminal Locking Race Condition Vulnerability
     19. Altiris Deployment Server Remote Command Execution 
Vulnerabi...
     20. Xpdf PDFTOPS Multiple Integer Overflow Vulnerabilities
     21. LibTIFF OJPEG Heap Buffer Overflow Vulnerability
     22. HP ServiceGuard Undisclosed Remote Vulnerability
III. LINUX FOCUS LIST SUMMARY
     NO NEW POSTS FOR THE WEEK 2004-10-19 to 2004-10-26.
IV. NEW PRODUCTS FOR LINUX PLATFORMS
     1. Cyber-Ark  Inter-Business Vault
     2. EnCase Forensic Edition
     3. KeyGhost SX
     4. SafeKit
     5. Astaro Linux Firewall
     6. CAT Cellular Authentication Token and eAuthentication Servic...
V. NEW TOOLS FOR LINUX PLATFORMS
     1. PIKT - Problem Informant/Killer Tool v1.17.0
     2. ID-Synch 3.1
     3. Nmap v3.70
     4. THC-Hydra v4.3
     5. Pads 1.1
     6. cenfw 0.3b
VI. UNSUBSCRIBE INSTRUCTIONS
VII. SPONSOR INFORMATION

I. FRONT AND CENTER
-------------------
1. Issues Discovering Compromised Machines
By Anton Chuvakin

This article discusses the discovery of compromised machines in large
enterprise environments, and offers some suggestions on correlating 
NIDS
and HIPS logs to avoid false positives. 

http://www.securityfocus.com/infocus/1808


2. The Latest Tool in Competition: Hacking
By Mark Rasch

A new federal case illustrates the role computer intrusion is taking in 
the
high-stakes world of niche Internet commerce. 

http://www.securityfocus.com/columnists/273


3. Security, 1994-2004: Then And Now
By Daniel Hanson

Comparing the state of security in 1994 versus 2004, has anything 
really
changed over the course of ten years?

http://www.securityfocus.com/columnists/272

II. LINUX VULNERABILITY SUMMARY
-------------------------------
1. H+BEDV AntiVir MS-DOS Name Scan Evasion Vulnerability
BugTraq ID: 11444
Remote: Yes
Date Published: Oct 18 2004
Relevant URL: http://www.securityfocus.com/bid/11444
Summary:
AntiVir is affected by a scan evasion vulnerability when handling files 
with MS-DOS reserved device names. This issue is due to a design error 
that allows the files to avoid being scanned.

Apparently it is possible for an attacker to name a standard file after 
a reserved MS-DOS device name. The attacker may deliver the file to a 
user through various delivery mechanisms.  If successful, the attacker 
may leverage this issue to bypass the scanner protection provided by the 
vulnerable antivirus scanner, giving users a false sense of security.

A similar vulnerability affecting Symantec Norton AntiVirus was 
reported in BID 11328 (Symantec Norton AntiVirus MS-DOS Name Scan Evasion 
Vulnerability).  The researcher responsible for discovering this issue has 
stated that this vulnerability is identical to the issue described in 
BID 11328.  Therefore, it is conjectured that this issue does not 
present a risk factor when a file is sent through email and only arises once 
the file is already present on a vulnerable computer. 

This BID will be updated as more information becomes available.

2. cPanel Remote Backup Information Disclosure Vulnerability
BugTraq ID: 11449
Remote: Yes
Date Published: Oct 18 2004
Relevant URL: http://www.securityfocus.com/bid/11449
Summary:
It is reported that cPanel is susceptible to an information disclosure 
vulnerability in its remote backup function.

Attackers can reportedly exploit this vulnerability to retrieve the 
contents of potentially sensitive files located in the same slice as their 
home directory. This may aid them in further attacks.

Version 9.4.1-RELEASE-64 of cPanel was reported vulnerable. Other 
versions may also be affected.

3. cPanel Front Page Extension Installation File Ownership Vuln...
BugTraq ID: 11455
Remote: Yes
Date Published: Oct 18 2004
Relevant URL: http://www.securityfocus.com/bid/11455
Summary:
It is reported that cPanel is susceptible to a file ownership 
vulnerability in its function to enable Front Page extensions.

This vulnerability allows malicious users to gain full access to 
potentially sensitive files. Depending on the layout of the hard drive 
slices, it may be possible for attackers to exploit this vulnerability to 
gain elevated privileges.

Version 9.4.1-RELEASE-64 of cPanel was reported vulnerable. Other 
versions may also be affected.

4. cPanel Front Page Extension Installation Information Disclos...
BugTraq ID: 11456
Remote: Yes
Date Published: Oct 18 2004
Relevant URL: http://www.securityfocus.com/bid/11456
Summary:
It is reported that cPanel is susceptible to an information disclosure 
vulnerability in its function to enable Front Page extensions.

This vulnerability reportedly allows attackers to gain access to the 
contents of arbitrary, potentially sensitive files. This may aid them in 
further attacks.

Version 9.9.1-RELEASE-3 of cPanel was reported vulnerable. Other 
versions may also be affected.

5. BMON Local Privilege Escalation Vulnerability
BugTraq ID: 11457
Remote: No
Date Published: Oct 18 2004
Relevant URL: http://www.securityfocus.com/bid/11457
Summary:
It is reported that bmon is susceptible to a privilege escalation 
vulnerability if installed with setuid permissions.

This vulnerability allows local attackers to execute arbitrary code 
with the privileges of the bmon package. It is reported that the FreeBSD 
port system installs bmon with setuid superuser privileges, allowing 
local attackers to execute arbitrary code with superuser privileges.

This vulnerability is reported to exist in bmon version 1.2.1 on any 
platform that installs it with setuid privileges. Other versions may also 
be affected.

For FreeBSD, versions prior to 1.2.1_2 are reported susceptible. Other 
platforms that install bmon with setuid privileges are unknown at this 
time.

6. MPG123 Remote URL Open Buffer Overflow Vulnerability
BugTraq ID: 11468
Remote: Yes
Date Published: Oct 20 2004
Relevant URL: http://www.securityfocus.com/bid/11468
Summary:
Reportedly mpg123 is affected by a remote buffer overflow 
vulnerability.  This issue is due to insufficient bounds checking when copying 
user-supplied strings into finite process buffers.

An attacker may leverage this issue to execute arbitrary machine code 
on an affected computer with the privileges of an unsuspecting user that 
activated the vulnerable application.

7. Mozilla Browser Cross-Domain Tab Window Form Field Focus Vul...
BugTraq ID: 11474
Remote: Yes
Date Published: Oct 20 2004
Relevant URL: http://www.securityfocus.com/bid/11474
Summary:
A cross-domain tab window form field focus vulnerability reportedly 
affects Mozilla browser and all browsers derived from it.  This issue is 
due to an access validation error that allows a web page to gain access 
to form fields in other web pages rendered in different tabs of the 
same browser window.

This issue may be leveraged to facilitate convincing phishing style 
attacks designed to reveal sensitive information such as passwords and 
financial details.

8. Opera Web Browser Cross-Domain Dialog Box Spoofing Vulnerabi...
BugTraq ID: 11475
Remote: Yes
Date Published: Oct 20 2004
Relevant URL: http://www.securityfocus.com/bid/11475
Summary:
Opera is reported prone to a cross-domain dialog box spoofing 
vulnerability.  This issue may allow a remote attacker to carry out phishing 
style attacks as an attacker may exploit this vulnerability to spoof an 
interface of a trusted web site.

Opera version 7.54 is reported susceptible to this issue, but other 
versions may also be affected.

9. LibPNG Graphics Library Image Height Integer Overflow Vulner...
BugTraq ID: 11481
Remote: Yes
Date Published: Oct 20 2004
Relevant URL: http://www.securityfocus.com/bid/11481
Summary:
LibPNG is the official Portable Network Graphics (PNG) reference 
library.

LibPNG is reported susceptible to an image height integer overflow 
vulnerability.

A specially crafted PNG image could reportedly overflow an integer 
value, and possibly result in overwriting of critical memory regions 
allowing for the alteration of proper program execution. This vulnerability 
may be exploited to execute attacker-supplied code in the context of an 
application that utilized the affected library.

10. Gaim MSN SLP Remote Buffer Overflow Vulnerability
BugTraq ID: 11482
Remote: Yes
Date Published: Oct 20 2004
Relevant URL: http://www.securityfocus.com/bid/11482
Summary:
Gaim is reportedly affected by a remote buffer overflow vulnerability 
in its MSN SLP message functionality of gaim.  This issue is due to a 
failure of the application to verify buffer bounds when copying 
user-supplied input.

An attacker can leverage this issue to execute arbitrary code on an 
affected computer with the privileges of the user that executed the 
vulnerable application.

11. Gaim MSN Remote File Transfer Denial Of Service Vulnerabilit...
BugTraq ID: 11483
Remote: Yes
Date Published: Oct 20 2004
Relevant URL: http://www.securityfocus.com/bid/11483
Summary:
Gaim is affected by a remote MSN file transfer denial of service 
vulnerability.  This issue is due to a failure of the application to properly 
handle exceptional conditions.

An attacker may leverage this issue to cause an affected client to 
crash, denying service to legitimate users.

12. Gaim MSN Remote SLP Denial Of Service Vulnerability
BugTraq ID: 11484
Remote: Yes
Date Published: Oct 20 2004
Relevant URL: http://www.securityfocus.com/bid/11484
Summary:
Gaim is affected by a remote MSN SLP denial of service vulnerability.  
This issue is due to a failure of the application to properly handle 
exceptional conditions.

An attacker may leverage this issue to cause an affected client to 
crash, denying service to legitimate users.

13. Ecartis Remote Undisclosed Privilege Escalation Vulnerabilit...
BugTraq ID: 11487
Remote: Yes
Date Published: Oct 21 2004
Relevant URL: http://www.securityfocus.com/bid/11487
Summary:
Ecartis is reported prone to a remote undisclosed privilege escalation 
vulnerability. A remote attacker may exploit this issue to gain 
administrative access to the ecartis list.

14. Linux Kernel IPTables Logging Rules Integer Underflow Vulner...
BugTraq ID: 11488
Remote: Yes
Date Published: Oct 21 2004
Relevant URL: http://www.securityfocus.com/bid/11488
Summary:
It is reported that an integer underflow vulnerability is present in 
the iptables logging rules of the Linux kernel 2.6 branch.

A remote attacker may exploit this vulnerability to crash a computer 
that is running the affected kernel.

The 2.6 Linux kernel is reported prone to this vulnerability, the 2.4 
kernel is not reported to be vulnerable.

15. SuSE Linux IBM S/390 Kernel Local Privilege Escalation Vulne...
BugTraq ID: 11489
Remote: No
Date Published: Oct 21 2004
Relevant URL: http://www.securityfocus.com/bid/11489
Summary:
SuSE Linux is reported prone to a local privilege escalation 
vulnerability. It is reported that this vulnerability only affects SuSE Linux 
Enterprise Server 9 when it is installed on the IBM S/390 platform.

A local attacker may exploit this vulnerability to escalate privileges.

16. Zinf/Freeamp Unspecified Insecure Temporary File Creation Vu...
BugTraq ID: 11490
Remote: No
Date Published: Oct 21 2004
Relevant URL: http://www.securityfocus.com/bid/11490
Summary:
Zinf/Freeamp are affected by an unspecified insecure temporary file 
creation vulnerability.  This issue is likely due to a design error that 
causes the application to fail to verify the existence of a file before 
writing to it.

An attacker may leverage this issue to overwrite arbitrary files with 
the privileges of an unsuspecting user that activates the vulnerable 
application.

17. Linux Kernel TIOCSETD Terminal Subsystem Race Condition Vuln...
BugTraq ID: 11491
Remote: No
Date Published: Oct 21 2004
Relevant URL: http://www.securityfocus.com/bid/11491
Summary:
The Linux Kernel is prone to a local vulnerability in the terminal 
subsystem.  Reportedly, this issue can be triggered by issuing a TIOCSETD 
ioctl to a terminal interface at the moment a read or write operation is 
being performed by another thread.  This could result in a denial of 
service or allow kernel memory to be read.

18. Linux Kernel Terminal Locking Race Condition Vulnerability
BugTraq ID: 11492
Remote: Yes
Date Published: Oct 21 2004
Relevant URL: http://www.securityfocus.com/bid/11492
Summary:
A race condition vulnerability exists in the Linux Kernel terminal 
subsystem.  This issue is related to terminal locking and is exposed when a 
remote user connects to the computer through a PPP dialup port.  

Reportedly, when the remote user issues the switch from console to PPP, 
there is a small window of opportunity to send data that will trigger 
the vulnerability.  The report indicates that this may cause a denial of 
service.  It is unknown if there are other impacts for this 
vulnerability.

19. Altiris Deployment Server Remote Command Execution Vulnerabi...
BugTraq ID: 11498
Remote: Yes
Date Published: Oct 21 2004
Relevant URL: http://www.securityfocus.com/bid/11498
Summary:
Altiris Deployment Server is reported vulnerable to a remote command 
execution vulnerability in the client portion of the software. This is 
due to a failure of the application to properly authenticate that 
commands originate from an authorized server.

This vulnerability allows attackers with local access to a network to 
impersonate a valid deployment server and issue arbitrary commands to 
the client computers.

20. Xpdf PDFTOPS Multiple Integer Overflow Vulnerabilities
BugTraq ID: 11501
Remote: Yes
Date Published: Oct 21 2004
Relevant URL: http://www.securityfocus.com/bid/11501
Summary:
It is reported that pdftops is susceptible to multiple integer overflow 
vulnerabilities. This issue is due to a failure of the application to 
properly ensure that user-supplied input does not result in the 
overflowing of integer values.  This may result in data being copied past the 
end of a memory buffer.

These overflows cause smaller than expected memory regions to be 
allocated by the application. Subsequent operations are likely to overwrite 
memory regions past the end of the allocated buffer, allowing attackers 
to overwrite critical memory control structures. This may allow 
attackers to control the flow of execution, and potentially execute 
attacker-supplied code in the context of the affected application.

Applications using embedded xpdf code may be vulnerable to these issues 
as well.

21. LibTIFF OJPEG Heap Buffer Overflow Vulnerability
BugTraq ID: 11506
Remote: Yes
Date Published: Oct 22 2004
Relevant URL: http://www.securityfocus.com/bid/11506
Summary:
LibTIFF is affected by a heap buffer overflow vulnerability. This issue 
is due to a failure of the application to properly perform boundary 
checks prior to copying user-supplied strings into finite process buffers.

An attacker may leverage this issue to execute arbitrary code on a 
vulnerable computer with the privileges of the user running the vulnerable 
application, facilitating unauthorized access.  This issue may also be 
leveraged to cause an affected application to crash.

22. HP ServiceGuard Undisclosed Remote Vulnerability
BugTraq ID: 11507
Remote: Yes
Date Published: Oct 22 2004
Relevant URL: http://www.securityfocus.com/bid/11507
Summary:
HP ServiceGuard is reported prone to an undisclosed remote 
vulnerability.

The exact details of this vulnerability are unclear, but it is reported 
that an attacker may exploit this vulnerability to gain elevated 
privileges.

This BID will be updated as soon as further information regarding this 
vulnerability is made available.

III. LINUX FOCUS LIST SUMMARY
-----------------------------
NO NEW POSTS FOR THE WEEK 2004-10-19 to 2004-10-26.

IV. NEW PRODUCTS FOR LINUX PLATFORMS
------------------------------------
1. Cyber-Ark  Inter-Business Vault
By: Cyber-Ark
Platforms: Linux, Windows 2000, Windows NT, Windows XP
Relevant URL: 
http://www.cyber-ark.com/datasecuritysoftware/inter-business_vault.htm
Summary: 

Based on Cyber-Ark Software's Vaulting Technology, the Inter-Business 
Vault, an information security solution that enables organizations to 
safely overcome traditional network boundaries in order to securely share 
business information among customers, business partners, and remote 
branches. It provides a seamless, LAN-like experience over the Internet 
that includes all the security, performance, accessibility, and ease of 
administration required to allow organizations to share everyday 
information worldwide. To learn more about these core attributes of the 
Inter-Business Vault click on the relevant link below:

2. EnCase Forensic Edition
By: Guidance Software Inc.
Platforms: DOS, FreeBSD, Linux, MacOS, NetBSD, OpenBSD, PalmOS, 
Solaris, UNIX, Windows 2000, Windows 95/98, Windows NT, Windows XP
Relevant URL: 
http://www.guidancesoftware.com/products/EnCaseForensic/index.shtm
Summary: 

EnCase Forensic Edition Version 4 delivers the most advanced features 
for computer forensics and investigations. With an intuitive GUI and 
superior performance, EnCase Version 4 provides investigators with the 
tools to conduct large-scale and complex investigations with accuracy and 
efficiency. Guidance Software?s award winning solution yields 
completely non-invasive computer forensic investigations while allowing 
examiners to easily manage large volumes of computer evidence and view all 
relevant files, including "deleted" files, file slack and unallocated 
space. 

The integrated functionality of EnCase allows the examiner to perform 
all functions of the computer forensic investigation process. EnCase's 
EnScript, a powerful macro-programming language and API included within 
EnCase, allows investigators to build customized and reusable forensic 
scripts.

3. KeyGhost SX
By: KeyGhost Ltd
Platforms: BeOS, DOS, Linux, OS/2, Solaris, SunOS, Windows 2000, 
Windows 95/98, Windows NT, Windows XP
Relevant URL: http://www.keyghost.com/SX/
Summary: 

KeyGhost SX discreetly captures and records all keystrokes typed, 
including chat conversations, email, word processor, or even activity within 
an accounting or specialist system. It is completely undetectable by 
software scanners and provides you with one of the most powerful stealth 
surveillance applications offered anywhere. 

Because KeyGhost uses STRONG 128-Bit encryption to store the recorded 
data in it?s own internal memory (not on the hard drive), it is 
impossible for a network intruder to gain access to any sensitive data stored 
within the device.

4. SafeKit
By: Evidian Inc.
Platforms: AIX, HP-UX, Linux, Solaris, Windows 2000
Relevant URL: http://www.evidian.com/safekit/index.htm
Summary: 

Evidian's SafeKit technology makes it possible to render any 
application available 24 hours per day. With no extra hardware: just use your 
existing servers and install this software-only solution.

This provides ultimate scalability. As your needs grow, all you need to 
do is add more standard servers into the cluster. With the load 
balancing features of SafeKit, you can distribute applications over multiple 
servers. If one system fails completely, the others will continue to 
serve your users.

5. Astaro Linux Firewall
By: Astaro
Platforms: Linux
Relevant URL: http://www.astaro.com/php/statics.php?action=asl&lang=gb
Summary: 

Astaro Linux Firewall: All-in-one firewall, virus protection, content 
filtering and spam protection internet security software package for 
Linux. 
Free download for home users.

6. CAT Cellular Authentication Token and eAuthentication Servic...
By: Mega AS Consulting Ltd
Platforms: Java, Linux, OpenBSD, Os Independent, SecureBSD, Solaris, 
UNIX, Windows 2000, Windows NT
Relevant URL: http://www.megaas.co.nz
Summary: 

Low cost, easy to use Two Factor Authentication One Time Password token 
using the Cellular. Does not use SMS or communication, manages multiple 
OTP accounts - new technology. For any business that want a safer 
access to its Internet Services. More information at our site.
 
We also provide eAuthentication service for businesses that will not 
buy an Authentication product but would prefer to pay a monthly charge 
for authentication services from our our CAT Server.

V. NEW TOOLS FOR LINUX PLATFORMS
--------------------------------
1. PIKT - Problem Informant/Killer Tool v1.17.0
By: Robert Osterlund, robert.osterlund@gsb.uchicago.edu
Relevant URL: http://pikt.org
Platforms: AIX, FreeBSD, HP-UX, IRIX, Linux, Solaris, SunOS
Summary: 

PIKT is a cross-categorical, multi-purpose toolkit to monitor and 
configure computer systems, organize system security, format documents, 
assist command-line work, and perform other common systems administration 
tasks.

PIKT's primary purpose is to report and fix problems, but its 
flexibility and extendibility evoke many other uses limited only by your 
imagination.

2. ID-Synch 3.1
By: M-Tech Information Technology, Inc.
Relevant URL: http://idsynch.com/
Platforms: AIX, AS/400, DG-UX, Digital UNIX/Alpha, HP-UX, IRIX, Linux, 
MacOS, MPE/iX, Netware, OpenBSD, OpenVMS, OS/2, OS/390, RACF, Solaris, 
SunOS, True64 UNIX, Ultrix, VM, VMS, VSE, Windows 2000, Windows NT
Summary: 

ID-Synch is enterprise user provisioning software. It reduces the cost 
of user administration, helps new and reassigned users get to work more 
quickly, and ensures prompt and reliable access termination. This is 
accomplished through automatic propagation of changes to user profiles 
from systems of record to managed systems, with self service workflow for 
security change requests, through consolidated and delegated user 
administration, and with federation.

3. Nmap v3.70
By: Fyodor
Relevant URL: http://www.insecure.org/nmap/
Platforms: AIX, BSDI, FreeBSD, HP-UX, IRIX, Linux, NetBSD, OpenBSD, 
Solaris, SunOS, UNIX
Summary: 

Nmap is a utility for port scanning large networks, although it works 
fine for single hosts. Sometimes you need speed, other times you may 
need stealth. In some cases, bypassing firewalls may be required. Not to 
mention the fact that you may want to scan different protocols (UDP, 
TCP, ICMP, etc.). Nmap supports Vanilla TCP connect() scanning, TCP SYN 
(half open) scanning, TCP FIN, Xmas, or NULL (stealth) scanning, TCP ftp 
proxy (bounce attack) scanning, SYN/FIN scanning using IP frag

4. THC-Hydra v4.3
By: THC
Relevant URL: http://www.thc.org/releases/hydra-4.3-src.tar.gz
Platforms: AIX, FreeBSD, HP-UX, IRIX, Linux, NetBSD, OpenBSD, Solaris, 
UNIX
Summary: 

THC-Hydra - parallized login hacker is available: for Samba, FTP, POP3, 
IMAP, Telnet, HTTP Auth, LDAP, NNTP, MySQL, VNC, ICQ, Socks5, PCNFS, 
Cisco and more. Includes SSL support and is part of Nessus. Visit the 
project web site to download Win32, Palm and ARM binaries. Changes: 
important bugfix!

5. Pads 1.1
By: Matt Shelton
Relevant URL: 
http://freshmeat.net/projects/pads/?branch_id=52504&release_id=169973
Platforms: Linux
Summary: 

Pads (Passive Asset Detection System) is a signature-based detection 
engine used to passively detect network assets. It is designed to 
complement IDS technology by providing context to IDS alerts.

6. cenfw 0.3b
By: Peter Robinson
Relevant URL: http://www.securegateway.org
Platforms: Linux, Windows 2000, Windows NT, Windows XP
Summary: 

The Centron IPTables Firewall Gui is an object oriented, database 
driven, windows interface to linux IPtables firewall rules.

VI. UNSUBSCRIBE INSTRUCTIONS
----------------------------
To unsubscribe send an e-mail message to 
linux-secnews-unsubscribe@securityfocus.com from the subscribed 
address. The contents of the subject or message body do not matter. You will 
receive a confirmation request message to which you will have to answer. 
Alternatively you can also visit 
http://www.securityfocus.com/newsletters and unsubscribe via the 
website. 

If your email address has changed email listadmin@securityfocus.com and 
ask to be manually removed. 
    
VII. SPONSOR INFORMATION
-----------------------

This Issue is Sponsored By: SecurityFocus

Stay up to date.  All the latest news, columns, jobs and more in a
convenient html newsletter - Even a glimpse of upcoming columns and 
feature
articles!  Sign up today!

http://www.securityfocus.com/htmlnewsletter/subscribe

------------------------------------------------------------------------