Welcome to LinuxSecure
I found some scripts on my workstation that have not been
published and may be interesting for some people. Actually, I will not prepare them for publishing, but you can
contact me, if you are interested in one or more of them.
- A tool for the backup of network components. The script runs as a daemon and can be configured via config files.
It reads in the config files containing the passwords of the components once, so you can store them in a crypt storage.
There exist severeal templates for ssh, scp, telnet. The intention is to make automated backups from router, switches, firewalls etc.
- Postfixanalyser was written for the trendmicro mail virusscanner. You can search for mails and you will get a
status for the found mails: when did the system receive it, when was it working with the mail the last time, whats the status of the
mail, where there any problem while delivering the mail. The second feature was a simple statistic: bytes and number of mails received and send,
mails by status (received from extern, queued, sent to trend, received from trend, queued, delivered) and mails by problem
(deferred and not sent to scanner (scanner rejected), deferred and not sent to scanner (scanner down), sent to trend, but deferred before,
dereffed and not sent to extern (mta rejected), deferred and not sent to extern (mta down), sent to extern, but deferred befor).
- A logscanner and a scanner for the checkpoint objects file.
- A tool, that parses the registry of the genugate firewall and produces a more human readable output in html.
- A ftp-script for the honeynet.
- Various backupscripts in Perl and Bash.
- Various iptables scrips.
- A script called minilinux to create a small linux out of a huge running system.
- Pigsparty was a small projetct that was never finished. The idea was to convert snort rule sets into iptables rule sets.
- A snort admin interface in php.
- A perlmodule and some programs (e.g. mfl) for the preparation and analysis of longitudinal data with a focus of same domains.
back to top
| Whats New|
|[2005-02-18] mp3riot version 1.3 released|
|[2004-10-08] mp3riot version 1.2 is out.|
|[2004-04-30] Added section Bridging|
|[2004-01-09] working progress on mp3riot version 1.2|
|Fedora Project Leader Matthew Miller has announced the electionschedule meant to fill the two new "at large"slots on Fedora's upcoming Fedora Council governance body. "These positions are of strategic importance, with a full voice in the Council's consensus process. The primary function of the Council is to identify community goals and to organize and enable the project to achieve them."Nominations will be open from November 4 through 10; voting be open from November 18 through 25. The week in between will be for campaigning. Miller also encourages potential candidates to consider the time commitment the new roles require. "We recognize that this level of commitment is difficult for many community members with full-time jobs not directly related to Fedora, and the intent is not to exclude those contributors. At the same time, these positions will require a meaningful commitment of time and responsiveness. If your other obligations make this impossible, please consider suggesting candidacy to other community members who you feel would be able to bring your voice to the table."|
|Fedora Council elections scheduled|
|The Ubuntu kernel team has announced that they will be providing extended
support for the 3.16 kernel series. The team will pick up where Greg
Kroah-Hartman left off, with 3.16.7, and will provide support until April
|Linux 3.16.y.z extended stable support|
|CentOShas updated php(C6; C7: multiple vulnerabilities),
php53(C5: multiple vulnerabilities), and wget(C6; C7:
Debianhas updated kernel(multiple vulnerabilities).
Fedorahas updated sddm(F21: multiple vulnerabilities).
Mageiahas updated file(denial of service) and dokuwiki(multiple vulnerabilities).
Oraclehas updated kernel(O5; O6; O6; O7: multiple vulnerabilities),
php(O6; O7: multiple vulnerabilities), php53(O5: multiple vulnerabilities), and wget(O6; O7:
Red Hathas updated kernel(RHEL6: multiple vulnerabilities), php(RHEL6,7: multiple vulnerabilities), php53(RHEL5: multiple vulnerabilities), php54-php(SC1: multiple vulnerabilities), php55-php(SC1: multiple vulnerabilities), and wget(RHEL6,7: code execution).
Ubuntuhas updated kernel(14.04: multiple vulnerabilities), linux-lts-trusty(12.04: multiple vulnerabilities), and wget(code execution).
|Friday's security updates|
|Over at Linux.com, Adam Jollans has a reportfrom the recently completed KVM Forumthat was held in Düsseldorf, Germany October 14-16. He looks at a talk that he gave on KVM's relationship to OpenStack and the open cloud, a new white paper on KVM [PDF], and a panel on network function virtualization (NFV):
"In the past, communications networks have been built with specific routers, switches and hubs with the configuration of all the components being manual and complex. The idea now is to take that network function, put it into software running on standard hardware.
The discussion touched on the demands ? in terms of latency, throughput, and packet jitter ? that network function virtualization places on KVM when it is being run on general purpose hardware and used to support high data volume. There was a lively discussion about how to get fast communication between the virtual machines as well as issues such as performance and sharing memory, as attendees drilled down into how KVM could be applied in new ways."|
|KVM Matures, and the Use Cases Multiply (Linux.com)|
|Greg Kroah-Hartman has announced the release of four new stable kernels: 3.17.2, 3.16.7, 3.14.23, and 3.10.59.
As always, they contain important fixes and users of those series should update.
Note that 3.16.7 is the last stable
kernel in the 3.16 series; users should upgrade to 3.17 soon.
|Stable kernels 3.17.2, 3.16.7, 3.14.23, and 3.10.59|
|Debianhas updated dokuwiki(multiple vulnerabilities).
Red Hathas updated v8314-v8
(i.e. V8)(SC1: multiple vulnerabilities, several from 2013).
Slackwarehas updated wget(code execution).
Ubuntuhas updated php5(multiple
vulnerabilities) and systemd-shim(14.10:
denial of service).
|Security advisories for Thursday|
|The LWN.net Weekly Edition for October 30, 2014 is available.
|[$] LWN.net Weekly Edition for October 30, 2014|
|The Drupal project has put out an advisorythat if you
haven't already patched the recent SQL injection
vulnerability, it's probably too late. "Automated attacks began
compromising Drupal 7 websites that were not patched or updated to Drupal
7.32 within hours of the announcement of SA-CORE-2014-005 - Drupal core -
SQL injection. You should proceed under the assumption that every Drupal 7
website was compromised unless updated or patched before Oct 15th, 11pm
UTC, that is 7 hours after the announcement."|
|A "highly critical public service announcement"from Drupal|
|CentOShas updated kernel(C7: multiple vulnerabilities).
Debianhas updated iceweasel(multiple vulnerabilities).
Fedorahas updated file(F20:
out-of-bounds read flaw), seamonkey(F20:
multiple vulnerabilities), webkitgtk3(F20:
disable SSLv3 to address POODLE), and wpa_supplicant(F20: command execution).
Mageiahas updated kde4(MG4: multiple vulnerabilities), konversation(information disclosure), mythtv(SSDP reflection attacks), php-ZendFramework(multiple vulnerabilities), quassel(information disclosure), and zabbix(local file inclusion).
Mandrivahas updated wget(symlink attack) and wpa_supplicant(command execution).
openSUSEhas updated openssl(13.1, 12.3: multiple vulnerabilities) and libxml2(13.1, 12.3: denial of service).
Oraclehas updated kernel(OL7: multiple vulnerabilities).
Red Hathas updated kernel(RHEL7: multiple vulnerabilities).
|Security advisories for Wednesday|
|One might have hoped that that Debian systemd debate would have wound down
several months ago, after the technical committee decidedthe default init system question
and especially after Matthew Vernon's general resolution on init system
choice was withdrawndue to a lack of
seconds. The Debian community, it seemed, was tired of this discussion and
ready to move on. Given a few months to rest, though, even old, tiresome
subjects can once again seem worthy of discussion. So now we have a return
of the init system choice resolution ? along with three alternatives of
|[$] A Debian init system GR flurry|
|CentOS 6.6 has been released. "There are many fundamental changes in
this release, compared with the past CentOS-6 releases, and we highly
recommend everyone study the upstream Release Notes as well as the upstream
Technical Notes about the changes and how they might impact your
installation. (See the 'Further Reading' section of the [CentOS release notes])."|
|Release for CentOS-6.6 i386 and x86_64|
|Debianhas updated torque(denial of service).
Fedorahas updated devscripts(F20: directory traversal), drupal7(F20; F19: SQL
injection), kernel(F20: multiple
vulnerabilities), kernel(F20: more KVM
vulnerabilities), php(F19: three
multiple vulnerabilities), phpMyAdmin(F20:
cross-site scripting), python(F19: buffer
overflow), python-oauth2(F20; F19: two vulnerabilities),
rubygem-httpclient(F20; F19: allows ssl negotiation), and sddm(F20: multiple vulnerabilities).
Mageiahas updated chromium-browser-stable(multiple
vulnerabilities), nginx(virtual host
confusion attacks), php(three
vulnerabilities), qemu(MG4: multiple vulnerabilities), wget(symlink attack), and wpa_supplicant, hostapd(command execution).
Mandrivahas updated mariadb(multiple vulnerabilities).
openSUSEhas updated flash-player(multiple vulnerabilities) and perl-Email-Address(denial of service).
Ubuntuhas updated pidgin(14.10,
14.04, 12.04: multiple vulnerabilities).
|Tuesday's security updates|
|The first alpha release of Debian Edu (also known as Skolelinux) is
available for testing. "Would you like to give your school's
computer a longer life? Are you
tired of sneaker administration, running from computer to computer
reinstalling the operating system? Would you like to administrate all
the computers in your school using only a couple of hours every week?
Check out Debian Edu Jessie!"|
|First Jessie based Debian Edu alpha released|
|Canonical has announceda new OpenStack-oriented distribution. "Based on Canonical?s
industry-leading OpenStack reference architecture and building on Ubuntu?s
leading position as the most widely used OpenStack platform, the Canonical
Distribution gives users the widest range of commercially-supported vendor
options for storage, software-defined networking and hypervisor from
Canonical and its OpenStack partners. It then automates the creation and
management of a reference OpenStack based on those choices."Note that some conditions apply: "The Canonical
Distribution of Ubuntu OpenStack is now available as a public beta, free
for up to 10 physical and 10 virtual machines."See this pagefor more
|The Canonical Distribution of Ubuntu OpenStack|
|The Season of KDEis a community outreach program, much like Google Summer
of Code. "It is meant for people who could not get into Google
Summer of Code for various reasons, or people who simply prefer a
differently structured, somewhat less constrained program. Season of KDE is
managed by the same team of admins and mentors that takes care of Google
Summer of Code and Google Code-in matters for KDE, with the same level of
quality and care."The student application deadline is October 31.
The mentor application deadline is November 5.
|Season of KDE 2014|