Net Activity Viewer



Home \| Screenshots \| Download \| News \| Contact \| Wiki
News 2015-03-30 Net Activity Viewer 0.6.4 released Fixed processing of commands and process names with invalid utf-8 characters. Some commands with bad utf-8 characters lead to an out of buffer read and possibly a denial of service security vulnerability (segfault application crash). No path for memory corruption or code execution was found. To exploit the potential vulnerability an attacker needs to control an utf-8 invalid sub-string in the command line of an application that uses network resources (ex: non URI or invalid URI encoding file name). Fixed configuration file validation to not allow huge configuration files. A configuration file with a GB scale filter would result in an application crash with memory corruption and possibly code execution. This had some small potential to be exploited as a privilege authorization avoidance method to get root from a sudo administrator at a netactview run with sudo/gksu, if the attacker can already modify current sudo user configuration files. An attack may be practical only on high end servers. Some of the clarifications to the similar netactview 0.2.2 vulnerability apply here as well. Fixed the display of multiple multicast dns connections listening on the same port. If process information was not fully available some of the connections with with identical protocol, addresses and ports would not be displayed. The fix makes all identical connections visible and uses additional identification information (inode) that is more often usable than the process ID. There still remain some connection tracking issues that will be handled better in netactview 0.7 . Fixed the connections list save when saving as root to a folder that the current sudo user can modify. The file was not saved with the sudo user as owner in some cases. Limited the DNS cache to prevent it from becoming a memory leak if the application is left open for a long time on a busy networking computer. Implemented a few other small fixes. Implemented some additional defence in depth measures to make security vulnerabilities less likely. Sources: netactview-0.6.4.tar.bz2 Ubuntu packages (Ubuntu 10.04 to 14.04 LTS): 32bit PC (x86): netactview_0.6.4-1_i386.deb 64bit PC (amd64): netactview_0.6.4-1_amd64.deb 2014-06-02 Net Activity Viewer 0.6.3 released Updated the location of the Wiki documentation to http://netactview.sourceforge.net/wiki/. The old wiki address will not be available after 2014-06-19 because sourceforge.net retires the hosted apps. No method to setup a redirect for the old address was found. Sources: netactview-0.6.3.tar.bz2 Ubuntu packages (Ubuntu 10.04 or newer): 32bit PC (x86): netactview_0.6.3-1_i386.deb 64bit PC (amd64): netactview_0.6.3-1_amd64.deb 2014-04-14 Net Activity Viewer 0.6.2 released Fixed connections list refresh on 0 connections. Sources: netactview-0.6.2.tar.bz2 Ubuntu packages (Ubuntu 10.04 or newer): 32bit PC (x86): netactview_0.6.2-1_i386.deb 64bit PC (amd64): netactview_0.6.2-1_amd64.deb 2011-07-21 Net Activity Viewer 0.6.1 released Fixed a network statistics bug visible when using PPPoE connections. Sources: netactview-0.6.1.tar.bz2 Ubuntu packages (Ubuntu 6.06 or newer): Standard PC (x86): netactview_0.6.1-1_i386.deb 64bit PC (amd64): netactview_0.6.1-1_amd64.deb 2010-12-08 Net Activity Viewer 0.6 released Added filter operators. Added csv file save Added contextual column copy Added Italian and Russian translations Added wiki documentation (2014-05-29 moved to new sourceforge.net wiki platform) Sources: netactview-0.6.tar.bz2 Ubuntu packages (Ubuntu 6.06 or newer): Standard PC (x86): netactview_0.6-1_i386.deb 64bit PC (amd64): netactview_0.6-1_amd64.deb 2009-12-21 Net Activity Viewer 0.5.1 released Fixed a bug in window size saving that appeared on XFCE. Sources: netactview-0.5.1.tar.bz2 Ubuntu packages (Ubuntu 6.06 or newer): Standard PC (x86): netactview_0.5.1-1_i386.deb 64bit PC (amd64): netactview_0.5.1-1_amd64.deb 2009-12-20 Net Activity Viewer 0.5 released Saving window size and state. Added Estonian and Portuguese translations. Sources: netactview-0.5.tar.bz2 Ubuntu packages (Ubuntu 6.06 or newer): Standard PC (x86): netactview_0.5-1_i386.deb 64bit PC (amd64): netactview_0.5-1_amd64.deb 2008-12-23 Net Activity Viewer 0.4.1 released Fixed a filtering bug. Updated and closed connections were not filtered properly. Sources: netactview-0.4.1.tar.bz2 Ubuntu packages (Ubuntu 6.06 or newer): Standard PC (x86): netactview_0.4.1-1-ubuntu_i386.deb 64bit PC (amd64): netactview_0.4.1-1-ubuntu_amd64.deb 2008-11-12 Net Activity Viewer 0.4 released Added color highlight for new and closed connections. Using gnome fixed width font for network statistics. Sources: netactview-0.4.tar.bz2 Ubuntu packages (Ubuntu 6.06 or newer): Standard PC (x86): netactview_0.4-1-ubuntu_i386.deb 64bit PC (amd64): netactview_0.4-1-ubuntu_amd64.deb 2008-9-8 Net Activity Viewer 0.3.1 released Fixed closed UDP enpoints status. Sources: netactview-0.3.1.tar.bz2 Ubuntu packages (Ubuntu 6.06 or newer): Standard PC (x86): netactview_0.3.1-1-ubuntu_i386.deb 64bit PC (amd64): netactview_0.3.1-1-ubuntu_amd64.deb 2008-5-12 Net Activity Viewer 0.3 released Added network connections filtering. Fixed a suspend/resume bug. Sources: netactview-0.3.tar.bz2 Ubuntu packages (Ubuntu 6.06 or newer): Standard PC (x86): netactview_0.3-1-ubuntu_i386.deb 64bit PC (amd64): netactview_0.3-1-ubuntu_amd64.deb 2008-2-24 Net Activity Viewer 0.2.2 released Fixed a low risk security vulnerability in the restart as root action. An application which could already run as the current normal user was able to intercept the restart as root action in order to run as root. Edit 2015-03-30: 'normal user' is here the ubuntu default desktop user which is a sudo administrator this was a privilege authorization avoidance vulnerability (as in UAC avoidance, but with a distinct user root that actually owns the administrative tasks and effects) it may not be a vulnerability if gksu (used by 'restart as root') is not meant as an UAC alternative; still weak, in case gksu or its replacements are updated to be clearly an UAC (User Account Control) alternative Sources: netactview-0.2.2.tar.bz2 Ubuntu packages (Ubuntu 6.06 or newer): Standard PC (x86): netactview_0.2.2-1-ubuntu_i386.deb 64bit PC (amd64): netactview_0.2.2-1-ubuntu_amd64.deb 2008-1-2 Net Activity Viewer 0.2.1 released Fixed incorrect process name display. In some situations, for not established connections, the shown process was not the process that created the connection. Improved error checking at program start. Sources: netactview-0.2.1.tar.bz2 Ubuntu packages (Ubuntu 6.06 or newer): Standard PC (x86): netactview_0.2.1-1-ubuntu_i386.deb 64bit PC (amd64): netactview_0.2.1-1-ubuntu_amd64.deb 2007-12-27 Net Activity Viewer 0.2 released Added port service names. Added basic network statistics. Added restart as root. Rounded up some of the existing features. Sources: netactview-0.2.tar.bz2 Ubuntu packages (Ubuntu 6.06 or newer): Standard PC (x86): netactview_0.2-1-ubuntu_i386.deb 64bit PC (amd64): netactview_0.2-1-ubuntu_amd64.deb 2007-12-18 Net Activity Viewer 0.1 released It includes all the basic stuff: Obtains the list of active network connections (tcp, udp, tcp6, udp6) from the kernel. Obtains process information for the active network connections (pid, name, command). Host name retrieval. Automatic refresh. Sorting. Some information filtering. Copy and save facilities. Automatic options state save and restore. Here you can get the sources (you need at least gtk 2.8 to compile them): netactview-0.1.tar.gz Here you can get it the ubuntu package (tested on Ubuntu 6.06, 7.04 and 7.10): netactview_0.1-1_ubuntu6.06_i386.deb

News