Welcome to LinuxSecure
I found some scripts on my workstation that have not been
published and may be interesting for some people. Actually, I will not prepare them for publishing, but you can
contact me, if you are interested in one or more of them.
- A tool for the backup of network components. The script runs as a daemon and can be configured via config files.
It reads in the config files containing the passwords of the components once, so you can store them in a crypt storage.
There exist severeal templates for ssh, scp, telnet. The intention is to make automated backups from router, switches, firewalls etc.
- Postfixanalyser was written for the trendmicro mail virusscanner. You can search for mails and you will get a
status for the found mails: when did the system receive it, when was it working with the mail the last time, whats the status of the
mail, where there any problem while delivering the mail. The second feature was a simple statistic: bytes and number of mails received and send,
mails by status (received from extern, queued, sent to trend, received from trend, queued, delivered) and mails by problem
(deferred and not sent to scanner (scanner rejected), deferred and not sent to scanner (scanner down), sent to trend, but deferred before,
dereffed and not sent to extern (mta rejected), deferred and not sent to extern (mta down), sent to extern, but deferred befor).
- A logscanner and a scanner for the checkpoint objects file.
- A tool, that parses the registry of the genugate firewall and produces a more human readable output in html.
- A ftp-script for the honeynet.
- Various backupscripts in Perl and Bash.
- Various iptables scrips.
- A script called minilinux to create a small linux out of a huge running system.
- Pigsparty was a small projetct that was never finished. The idea was to convert snort rule sets into iptables rule sets.
- A snort admin interface in php.
- A perlmodule and some programs (e.g. mfl) for the preparation and analysis of longitudinal data with a focus of same domains.
back to top
| Whats New|
|[2005-02-18] mp3riot version 1.3 released|
|[2004-10-08] mp3riot version 1.2 is out.|
|[2004-04-30] Added section Bridging|
|[2004-01-09] working progress on mp3riot version 1.2|
|Greg Kroah-Hartman has released the latest batch of stable kernel
updates: 3.18.5, 3.14.31,
and 3.10.67. All contain important
updates throughout the tree.
|CentOShas updated kernel(C7; C7:
multiple vulnerabilities in each update)
and libyaml(C7: denial of service).
Debianhas updated openjdk-6(multiple vulnerabilities), openjdk-7(multiple vulnerabilities), privoxy(multiple vulnerabilities), and requests(multiple vulnerabilities).
Debian-LTShas updated polarssl(code execution).
Fedorahas updated polarssl(F20; F21:
thunderbird(F20: multiple vulnerabilities), unzip(F20: unspecified impact), and vorbis-tools(F21:).
Oraclehas updated glibc(O4: code execution) and kernel(O6; O7: multiple vulnerabilities; O5; O6; O5; O6: denial of service).
SUSEhas updated kernel(SLE
12: multiple vulnerabilities).
|Friday's security updates|
|We are a bit late in noting that KDE has released Plasma 5.2 on January 27. This KDE.News articlegives a tour of the desktop that will be featured in upcoming Kubuntu and Fedora KDE spin releases (and probably other distributions as well). There are lots of new features and bug fixes in the release, see the changelogfor all the details. "In the screen locker we improved the integration with logind to ensure the screen is properly locked before suspend. The background of the lock screen can be configured. Internally this uses part of the Wayland protocol which is the future of the Linux desktop.
There are improvements in the handling of multiple monitors. The detection code for multiple monitors got ported to use the XRandR extension directly and multiple bugs related to it were fixed."|
|Plasma 5.2 Is Beautiful and Featureful (KDE.News)|
4.4 releaseis now available. "We have completed the dialog
conversion, redesigned menu bars, context menus, toolbars, status bars and
rulers to make them much more useful. The Sifr monochrome icon theme is
extended and now the default on OS X. We also developed a new Color
Selector, improved the Sidebar to integrate more smoothly with menus, and
reworked many user interface details to follow today?s UX trends."See the
release notesand this
posting from Michael Meeksfor lots more information.
|LibreOffice 4.4 released|
|CentOShas updated kernel(C6:
two vulnerabilities) and libyaml(C6:
denial of service).
Debianhas updated virtualbox(two denial of service flaws with no details).
Debian-LTShas updated jasper(two vulnerabilities), libksba(denial of
service), privoxy(three vulnerabilities),
and rpm(multiple vulnerabilities, some
from 2012 and 2013).
Fedorahas updated drupal7-context(F21; F20: open
redirect), suricata(F21; F20: denial of service), and unzip(F21: unspecified impact).
openSUSEhas updated flash-player(12.3: multiple vulnerabilities), git(13.2, 13.1: code execution), glibc(11.4:
code execution), and libpng16(13.2, 13.1:
Oraclehas updated kernel(OL7; OL6:
multiple vulnerabilities) and libyaml(OL7; OL6:
denial of service).
Red Hathas updated glibc(RHEL4:
kernel(RHEL7: multiple vulnerabilities), libyaml(RHEL6&7: denial of service), and
ntp(RHEL6.5: multiple code execution flaws).
Scientific Linuxhas updated kernel(SL7: multiple vulnerabilities) and libyaml(SL6&7: denial of service).
Slackwarehas updated glibc(code
SUSEhas updated firefox(SLE11SP2, SLE11SP1; SLE10SP4: multiple vulnerabilities) and flash-player(SLE11SP3: multiple vulnerabilities).
|Security updates for Thursday|
|The LWN.net Weekly Edition for January 29, 2015 is available.
|[$] LWN.net Weekly Edition for January 29, 2015|
|At linux.conf.au2015 in
Auckland, Rusty Russell presented a talkabout his personal side-project, Pettycoin. Russell had announced
Pettycoin at LCA 2014; at that time it represented an untested
concept: a way to attach a separate, Bitcoin-like network to the
existing Bitcoin blockchain. Pettycoin's goal was originally to offer
a simpler and faster "side network"that periodically reconnected to
Bitcoin. In the intervening year, Russell made a lot of progress, but
other new innovations in the Bitcoin arena have led him to question
parts of the Pettycoin approach and consider a reimplementation.|
|[$] Pettycoin and sidechaining|
|CentOShas updated glibc(C7; C6; C5: code execution).
Debian-LTShas updated eglibc(code execution).
Mageiahas updated busybox(arbitrary module loading), flash-player-plugin(multiple vulnerabilities), php(multiple vulnerabilities), privoxy(multiple vulnerabilities), and python-pillow(denial of service).
Oraclehas updated glibc(OL7; OL6; OL5: code execution).
Red Hathas updated chromium-browser(RHEL6 Supplementary:
multiple vulnerabilities), flash-plugin(RHEL5,6 Supplementary: multiple vulnerabilities), glibc(RHEL6,7; RHEL5; RHEL5.6,
5.9, 6.2, 6.4, 6.5: code execution), and kernel(RHEL6: denial of service).
Scientific Linuxhas updated glibc(SL6,7; SL5:
code execution) and kernel(SL6: denial of service).
SUSEhas updated glibc(SLE11,
SLE10: code execution).
Ubuntuhas updated eglibc(12.04,
10.04: code execution), openjdk-6(12.04,
10.04: multiple vulnerabilities), and openjdk-7(14.10, 14.04: multiple vulnerabilities).
|Security advisories for Wednesday|
|Ars Technica has a report on GHOST, which is a critical vulnerability found in the GNU C library (glibc).
"The buffer overflow flaw resides in __nss_hostname_digits_dots(), a glibc function that's invoked by the gethostbyname() and gethostbyname2() function calls. A remote attacker able to call either of these functions could exploit the flaw to execute arbitrary code with the permissions of the user running the application. In a blog post published Tuesday, researchers from security firm Qualys said they were able to write proof-of-concept exploit code that carried out a full-fledged remote code execution attack against the Exim mail server. The exploit bypassed all existing exploit protections available on both 32-bit and 64-bit systems, including address space layout randomization, position independent executions, and no execute protections."While the proof-of-concept used Exim, a wide variety of client and server programs call gethostbyname*(), often at the behest of a remote system (or attacker). Distributions have started putting out updates; users and administrators should plan on updating as soon as possible.
|Highly critical ?Ghost? allowing code execution affects most Linux systems (Ars Technica)|
|Greg Kroah-Hartman has released stable kernels 3.18.4, 3.14.30, and 3.10.66. All contain important fixes
throughout the tree.
|Stable kernel updates|
|CentOShas updated java-1.6.0-openjdk(C7; C6; C5: multiple vulnerabilities).
Debianhas updated eglibc(multiple vulnerabilities), wireshark(denial of service), and xen(multiple vulnerabilities).
Fedorahas updated python-django(F20: multiple vulnerabilities) and python-django14(F20: multiple vulnerabilities).
openSUSEhas updated flash-player(13.2, 13.1; 11.4: code execution).
Oraclehas updated java-1.6.0-openjdk(OL7; OL6; OL5: multiple vulnerabilities).
Red Hathas updated java-1.6.0-openjdk(RHEL5,6,7: multiple
vulnerabilities) and java-1.6.0-sun(RHEL5,6,7: multiple vulnerabilities).
Scientific Linuxhas updated java-1.6.0-openjdk(SL5,6: multiple vulnerabilities).
SUSEhas updated flash-player(SLE12: code execution).
Ubuntuhas updated oxide-qt(14.10, 14.04: multiple vulnerabilities) and firefox(14.10, 14.04, 12.04: regression in
|Tuesday's security updates|
|The Python Software Foundation wraps
upits 2014 retrospective. "On the technical side, the Python language grew with the releases of Python 2.7.9, 3.3.5, 3.4, and, in August, 3.4.1. Major new features of the 3.4 series, compared to 3.3 include "hundreds of small improvements and bug fixes."Additionally, Python 3.4.1 has many more advantages."|
|PSF: 2014 Year in Review, Part 2|
|CentOShas updated jasper(C7: multiple vulnerabilities).
Debianhas updated jasper(multiple vulnerabilities), mysql-5.5(multiple vulnerabilities), polarssl(code execution), squid(denial of service), and websvn(information disclosure).
Debian-LTShas updated libevent(denial of service) and websvn(information disclosure).
Fedorahas updated docker-io(F20: multiple vulnerabilities), grep(F21:
heap buffer overrun), java-1.7.0-openjdk(F20: multiple vulnerabilities), java-1.8.0-openjdk(F21; F20:
multiple vulnerabilities), kde-runtime(F20: misuse of crypto), kernel(F21:
restriction bypass), python-django(F21:
multiple vulnerabilities), and xdg-utils(F21: command injection).
Mageiahas updated aircrack-ng(multiple vulnerabilities), chromium-browser-stable(multiple vulnerabilities), jasper(multiple vulnerabilities), and java-1.7.0-openjdk(multiple vulnerabilities).
openSUSEhas updated Firefox(11.4: multiple vulnerabilities), libevent(13.2, 13.1: denial of service), openssl(13.2, 13.1: multiple vulnerabilities), shotwell, vala(13.2: heap buffer overflow),
and thunderbird(13.2, 13.1: multiple vulnerabilities).
SUSEhas updated flash-player(SLED11 SP3: unspecified vulnerability) and vsftpd(SLES11 SP3: unauthorized access).
Ubuntuhas updated ghostscript(10.04: multiple vulnerabilities), jasper(14.10, 14.04, 12.04: multiple vulnerabilities), and unbound(14.10, 14.04: denial of service).
|Security advisories for Monday|
|Linus has released the 3.19-rc6kernel
prepatch. "I currently expect to make an rc7 next week, with the
final 3.19 in two weeks, as per the usual schedule."|
|Kernel prepatch 3.19-rc6|
|At Opensource.com, Jordi Mon introducesthe biicodeproject, an
open-source dependency-management system for C and C++ applications
that is akin to Ruby Gems or the Python Package Index. It is a
challenging goal, he says, "because there are approximately 4
million C/C++ developers, and both languages represent up to almost
20% of the world's code."The project was started
as a proprietary service, and only recently transitioned into an
|New open source dependency manager on the scene (Opensource.com)|