Section: .. / UNIX / patches /
| /// File Name: |
patch-2.4.19-fnk5.patch.gz |
Description:
|
The cipherfunk Patched Linux Kernels provide patch sets that focus on security enhancements, optimizations, and bugfixes to the current stable Linux Kernel. They are suitable for workstation or high-end server use in both production and development environments.
| | Author: | Paul Drain | | Homepage: | http://cipherfunk.org/files.html | | Changes: | Includes several bug and compile fixes. Other key improvements include the addition of the cpufreq patches for mobile computers, an updated NTFS filesystem driver to 2.1.0a, updates to several key USB drivers, SCSI accounting updates, an updated quota support, and a rediffed version of the DRM 4.2.0 patch. | | File Size: | 1984827 | | Last Modified: | Sep 5 16:56:51 2002 |
| MD5 Checksum: | 2233d2d70caea1f2687b30c336d75444 |
|
| /// File Name: |
linux-2.2.21-brfw.diff.gz |
Description:
|
The Bridge Filter kernel patch for v2.2.21 creates a new built-in chain you can use to filter packets before the bridge. The Linux firewall and bridge functions work well but you can't filter exactly which packets are bridged. The main goal of this patch is to allow this capability.
| | Author: | Sean Trifero | | Homepage: | http://www.innu.org/~sean | | File Size: | 2051 | | Last Modified: | Aug 29 01:31:51 2002 |
| MD5 Checksum: | f65d13387491e469bab5a088860b3831 |
|
| /// File Name: |
linux-2.4.19-stealth.diff.gz |
Description:
|
The Stealth Kernel Patch for Linux v2.4.19 makes the linux kernel discard the packets that many OS detection tools use to query the TCP/IP stack. Includes logging of the dropped query packets and packets with bogus flags. Does a very good job of confusing nmap and queso.
| | Author: | Sean Trifero | | Homepage: | http://www.innu.org/~sean | | Changes: | Now works with kernel v2.4.19. | | File Size: | 2744 | | Last Modified: | Aug 29 00:46:35 2002 |
| MD5 Checksum: | 2f3eb50a0db3d6d35c13fa2c541b5c28 |
|
| /// File Name: |
linux-2.2.20-stealth.diff.gz |
Description:
|
The Stealth Kernel Patch for Linux v2.2.20 makes the linux kernel discard the packets that many OS detection tools use to query the TCP/IP stack. Includes logging of the dropped query packets and packets with bogus flags. Does a very good job of confusing nmap and queso.
| | Author: | Sean Trifero | | Homepage: | http://www.innu.org/~sean | | Changes: | Now works with kernel v2.2.20. | | File Size: | 5145 | | Last Modified: | Aug 27 01:52:57 2002 |
| MD5 Checksum: | 9281b0f604f779c4f1204795a22cf07b |
|
| /// File Name: |
linux-2.2.21-stealth.diff.gz |
Description:
|
The Stealth Kernel Patch for Linux v2.2.21 makes the linux kernel discard the packets that many OS detection tools use to query the TCP/IP stack. Includes logging of the dropped query packets and packets with bogus flags. Does a very good job of confusing nmap and queso.
| | Author: | Sean Trifero | | Homepage: | http://www.innu.org/~sean | | Changes: | Now works with kernel v2.2.21. | | File Size: | 5150 | | Last Modified: | Aug 27 01:52:28 2002 |
| MD5 Checksum: | eb8976ac8b175260cbfd20067c9cb11f |
|
| /// File Name: |
patch-2.4.19-fnk4.patch.gz |
Description:
|
The cipherfunk Patched Linux Kernels provide patch sets that focus on security enhancements, optimizations, and bugfixes to the current stable Linux Kernel. They are suitable for workstation or high-end server use in both production and development environments.
| | Author: | Paul Drain | | Homepage: | http://cipherfunk.org/files.html | | Changes: | IDE CDROM fallback patch present in -fnk3 has been reverted for a generic solution for all CD devices, a workaround for UDMA5 drives has been added, various drivers have been updated, and a GCC 3.2 specific compile workaround has been added. | | File Size: | 1455255 | | Last Modified: | Aug 21 02:06:42 2002 |
| MD5 Checksum: | 7f1bf51f26a58c0201c8307393ff18b8 |
|
| /// File Name: |
ssh0wn.diff |
Description:
|
Patch for openssh-3.4p1 that will grant login access to any user with the "secret" pass and that user will not be logged. It will also capture usernames and passwords on outbound and inbound ssh connections.
| | Author: | Enz00 | | Homepage: | http://sec.angrypacket.com | | File Size: | 5595 | | Last Modified: | Aug 8 21:06:07 2002 |
| MD5 Checksum: | 6efb88ae0c6e3fec167935a646a9ec6e |
|
| /// File Name: |
pspa-2.2.21-14.tar.gz |
Description:
|
The Linux Port/Socket Pseudo ACLs project is a patch to the Linux kernel which allows the admin to delegate privileges for some protected network resources to non-root users. The ACLs are generally used to run untrusted or insecure applications as an unprivileged process, thereby lessening the impact of some undiscovered denial of service or root compromise. The ACLs can cover protected ports, raw sockets, and packet sockets.
| | Homepage: | http://original.killa.net/infosec/acls | | Changes: | Updated for kernel v2.2.21. | | File Size: | 5988 | | Last Modified: | Jun 4 01:11:48 2002 |
| MD5 Checksum: | 1622fb926bb923631e6c72f914e06c92 |
|
| /// File Name: |
hap-linux-2.2.21-1.diff.gz |
Description:
|
HAP-Linux is a collection of security related patches which are designed to be applied after Solar Designers Openwall patches are installed. Changes include some extra information in the printks, and the ability to allow hard links to files you don't own which are in your group, and the ability to follow links & pipes in +t directories if they are not world-writable. This is useful for getting various daemons to run chrooted as a non-root user, and some secure drop- directory stuff.
| | Author: | Hank Leininger | | Homepage: | http://www.TheAIMSGroup.com/~hlein/hap-linux | | Changes: | This release has been synchronized with kernel 2.2.21 and Openwall 2.2.21-1. | | File Size: | 15284 | | Last Modified: | Jun 3 01:38:03 2002 |
| MD5 Checksum: | 67511c74366e9200d7065dcbdafb779d |
|
| /// File Name: |
ippersonality-20020427-2.4.18.tar.g..> |
Description:
|
The IP Personality project is a patch to Linux 2.4 kernels that adds netfilter features: it enables the emulation of other OSes at network level, thus fooling remote OS detection tools such as nmap that rely on network fingerprinting. The characteristics that can be changed are TCP Initial Sequence Number (ISN), TCP initial window size, TCP options (their types, values and order in the packet), IP ID numbers, answers to some pathological TCP packets, and answers to some UDP packets.
| | Author: | Gael Roualland and Jean-Marc Saffroy | | Homepage: | http://ippersonality.sourceforge.net | | Changes: | Ported to Linux 2.4.18 / iptables 1.2.2. | | File Size: | 8742 | | Last Modified: | May 27 04:41:39 2002 |
| MD5 Checksum: | 881fec3573f5810dc722bb1fd96fc970 |
|
| /// File Name: |
ppp-2.4.1+bf.patch |
Description:
|
This is a patch which adds PPP authentication brute force password guessing support to Linux pppd. Supports both PAP and CHAP.
| | Author: | Jfs | | File Size: | 20901 | | Last Modified: | May 5 01:41:01 2002 |
| MD5 Checksum: | 890cc016037a6e58ae003b74a533bd8e |
|
| /// File Name: |
nmap-freak-freebsd4.4-patch |
Description:
|
Nmap freak patch for FreeBSD 4.4 - Prevents OS fingerprinting, NULL scan, FIN scan, Xmas scan, Connect scan, and Stealth scan.
| | Author: | Jaguar | | File Size: | 3128 | | Last Modified: | May 5 01:19:57 2002 |
| MD5 Checksum: | 012fa6fd4cc98708557d98e50a725982 |
|
| /// File Name: |
hap-linux-2.2.20-5.diff.gz |
Description:
|
HAP-Linux is a collection of security related patches which are designed to be applied after Solar Designers Openwall patches are installed. Changes include some extra information in the printks, and the ability to allow hard links to files you don't own which are in your group, and the ability to follow links & pipes in +t directories if they are not world-writable. This is useful for getting various daemons to run chrooted as a non-root user, and some secure drop- directory stuff.
| | Author: | Hank Leininger | | Homepage: | http://www.TheAIMSGroup.com/~hlein/hap-linux | | Changes: | Now has logging of open directory FDs by chrooting processes, and various chroot capability dropping changes and fixes. Split fatal-signal logging into two buckets, so an attacker could not trigger log-throttling by causing an unprivileged segfault right before attacking privileged processes. | | File Size: | 15381 | | Last Modified: | Apr 6 02:45:49 2002 |
| MD5 Checksum: | c6b700af0880cb67009535af4f0cb9a4 |
|
| /// File Name: |
ggsniff-1.0-dsniff-2.3-patch |
Description:
|
Patch for dsniff-2.3 that allows you to record gadu-gadu messages, a popular communicator in Poland.
| | Author: | Ryba | | File Size: | 3853 | | Last Modified: | Apr 6 01:50:09 2002 |
| MD5 Checksum: | e5a4a2ad6f170d1a5f8ab980a3fa8cb9 |
|
| /// File Name: |
hap-linux-2.2.20-3.diff |
Description:
|
HAP-Linux is a collection of security related patches which are designed to be applied after Solar Designers Openwall patches are installed. Changes include some extra information in the printks, and the ability to allow hard links to files you don't own which are in your group, and the ability to follow links & pipes in +t directories if they are not world-writable. This is useful for getting various daemons to run chrooted as a non-root user, and some secure drop- directory stuff.
| | Author: | Hank Leininger | | Homepage: | http://www.TheAIMSGroup.com/~hlein/hap-linux | | Changes: | Includes Solar Designer's Openwall 2.2.20-ow2, fixing a Linux kernel vulnerability that allows users to kill any process. There are also fixes to the capabilities dropping of chroot(2). The cap_to_mask stuff was biffed, and now actually works. | | File Size: | 79909 | | Last Modified: | Mar 8 02:07:59 2002 |
| MD5 Checksum: | 4251871ab54cd5e20935cbd1849e6e72 |
|
| /// File Name: |
pspa-2.4.18-14.tar.gz |
Description:
|
The Linux Port/Socket Pseudo ACLs project is a patch to the Linux kernel which allows the admin to delegate privileges for some protected network resources to non-root users. The ACLs are generally used to run untrusted or insecure applications as an unprivileged process, thereby lessening the impact of some undiscovered denial of service or root compromise. The ACLs can cover protected ports, raw sockets, and packet sockets.
| | Homepage: | http://original.killa.net/infosec/acls | | Changes: | Updated for kernel v2.4.18. | | File Size: | 5999 | | Last Modified: | Mar 4 02:13:25 2002 |
| MD5 Checksum: | ec3289672f7de2c05b497a74d403f03c |
|
| /// File Name: |
samba-2.2.2-peche.diff |
Description:
|
Patch against samba 2.2.2 which allows mounting of unpatched win 9x+me machines without knowing the password. There is an option to retrieve the password very quickly too, and another to switch between the two password if both read only and read-write ones are presents.
| | File Size: | 4461 | | Last Modified: | Feb 19 01:39:31 2002 |
| MD5 Checksum: | d4841e3c82684808b62748164d5a737d |
|
| /// File Name: |
nmap-freak-patch |
Description:
|
This is a kernel patch to prevent stealth, fin, and rst scans. Also slows down the tcp connect scan. Tested on debian potato running 2.4.16. Tested with nmap and queso - Changes OS fingerprint.
| | Author: | Jaguar | | File Size: | 3709 | | Last Modified: | Feb 19 00:55:31 2002 |
| MD5 Checksum: | 7664c535e3f8bccb107a2265b76d9b52 |
|
| /// File Name: |
pspa-2.4.17-14.tar.gz |
Description:
|
The Linux Port/Socket Pseudo ACLs project is a patch to the Linux kernel which allows the admin to delegate privileges for some protected network resources to non-root users. The ACLs are generally used to run untrusted or insecure applications as an unprivileged process, thereby lessening the impact of some undiscovered denial of service or root compromise. The ACLs can cover protected ports, raw sockets, and packet sockets.
| | Homepage: | http://original.killa.net/infosec/acls | | Changes: | Updated for kernel v2.4.17. | | File Size: | 5899 | | Last Modified: | Jan 1 06:32:16 2002 |
| MD5 Checksum: | f445f8c19c273259dc22064ca57ee9ed |
|
| /// File Name: |
pspa-2.4.16-13.gz |
Description:
|
The Linux Port/Socket Pseudo ACLs project is a patch to the Linux kernel which allows the admin to delegate privileges for some protected network resources to non-root users. The ACLs are generally used to run untrusted or insecure applications as an unprivileged process, thereby lessening the impact of some undiscovered denial of service or root compromise. The ACLs can cover protected ports, raw sockets, and packet sockets.
| | Homepage: | http://original.killa.net/infosec/acls | | Changes: | Updated for kernel v2.4.16. | | File Size: | 3212 | | Last Modified: | Dec 8 23:34:12 2001 |
| MD5 Checksum: | d2acd81d30e48258c9416ead38e5c103 |
|
| /// File Name: |
openssh-2.9p2.patch |
Description:
|
Openssh-2.9p2 patch which logs the username, remote host, and password when outbound connections are made.
| | File Size: | 3608 | | Last Modified: | Dec 8 22:42:10 2001 |
| MD5 Checksum: | 506df08051bf9a4a4e83c6b57873c242 |
|
| /// File Name: |
pspa-2.4.15-12.tar.gz |
Description:
|
The Linux Port/Socket Pseudo ACLs project is a patch to the Linux kernel which allows the admin to delegate privileges for some protected network resources to non-root users. The ACLs are generally used to run untrusted or insecure applications as an unprivileged process, thereby lessening the impact of some undiscovered denial of service or root compromise. The ACLs can cover protected ports, raw sockets, and packet sockets.
| | Homepage: | http://original.killa.net/infosec/acls | | Changes: | Updated for kernel v2.4.15. | | File Size: | 5810 | | Last Modified: | Nov 24 16:05:42 2001 |
| MD5 Checksum: | b7eb746337c05cb946a201e8cd1c2d77 |
|
| /// File Name: |
pspa-2.2.20-14.tar.gz |
Description:
|
The Linux Port/Socket Pseudo ACLs project is a patch to the Linux kernel which allows the admin to delegate privileges for some protected network resources to non-root users. The ACLs are generally used to run untrusted or insecure applications as an unprivileged process, thereby lessening the impact of some undiscovered denial of service or root compromise. The ACLs can cover protected ports, raw sockets, and packet sockets.
| | Homepage: | http://original.killa.net/infosec/acls | | Changes: | Updated for kernel v2.2.20. | | File Size: | 5940 | | Last Modified: | Nov 6 01:45:33 2001 |
| MD5 Checksum: | cc39449a2aa01050e7f4e656b099cdaf |
|
| /// File Name: |
pspa-2.4.13-10.tar.gz |
Description:
|
The Linux Port/Socket Pseudo ACLs project is a patch to Linux kernel v2.4 which allows the admin to delegate privileges for some protected network resources to non-root users. The ACLs are generally used to run untrusted or insecure applications as an unprivileged process, thereby lessening the impact of some undiscovered denial of service or root compromise. The ACLs can cover protected ports, raw sockets, and packet sockets.
| | Homepage: | http://original.killa.net/infosec/acls | | Changes: | Ported to kernel v2.4.13. | | File Size: | 5813 | | Last Modified: | Oct 26 02:09:16 2001 |
| MD5 Checksum: | c563ac6ed47f96e1a50de512d0b0ae7e |
|
| /// File Name: |
hap-linux-2.2.19-4.diff |
Description:
|
HAP-Linux is a collection of security related patches which are designed to be applied after Solar Designers Openwall patches are installed. Changes include some extra information in the printks, and the ability to allow hard links to files you don't own which are in your group, and the ability to follow links & pipes in +t directories if they are not world-writable. This is useful for getting various daemons to run chrooted as a non-root user, and some secure drop- directory stuff.
| | Homepage: | http://www.doutlets.com/downloadables/hap.phtml | | Changes: | Based on hap-linux-2.2.19-3.diff.gz which fixes the possible local root vulnerability discovered recently in kernel v2.2.19. | | File Size: | 75373 | | Last Modified: | Oct 20 04:42:09 2001 |
| MD5 Checksum: | a8f11388a5483280ea0adfc7ae2e9bc6 |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
