LINUXsecure_LOGO
Issues on Linux and Security
 
-->
button Security Tasks
Protection
Detection
Reaction
 
button Description
Firewall
Packetfilter
Proxies
IDS
Policy
 
button Protection
In general
Iptables
Good Rules
SSH
Jail
 
button Detection
In general
Snort
Sniffing
Tripwire
Portsentry
Virus scanner
Rootkit scanner
Security scanner
 
button Hardening
In general
Openssh
Tinyproxy
 
button Bridging
Bridge
Bridging Firewall
Bridging IPS
 
button Other
Home
Vulnerabilities
Books
Links
F2html.pl
mp3riot
Downloads
News
Pigsparty
Gallery
Contributors
Impressum
 
button Search
Google
This Site

 
search in regular content
news
vulnerabilities
books
home
button Home
 

Welcome to LinuxSecure

I found some scripts on my workstation that have not been published and may be interesting for some people. Actually, I will not prepare them for publishing, but you can contact me, if you are interested in one or more of them.

  • A tool for the backup of network components. The script runs as a daemon and can be configured via config files. It reads in the config files containing the passwords of the components once, so you can store them in a crypt storage. There exist severeal templates for ssh, scp, telnet. The intention is to make automated backups from router, switches, firewalls etc.
  • Postfixanalyser was written for the trendmicro mail virusscanner. You can search for mails and you will get a status for the found mails: when did the system receive it, when was it working with the mail the last time, whats the status of the mail, where there any problem while delivering the mail. The second feature was a simple statistic: bytes and number of mails received and send, mails by status (received from extern, queued, sent to trend, received from trend, queued, delivered) and mails by problem (deferred and not sent to scanner (scanner rejected), deferred and not sent to scanner (scanner down), sent to trend, but deferred before, dereffed and not sent to extern (mta rejected), deferred and not sent to extern (mta down), sent to extern, but deferred befor).
  • A logscanner and a scanner for the checkpoint objects file.
  • A tool, that parses the registry of the genugate firewall and produces a more human readable output in html.
  • A ftp-script for the honeynet.
  • Various backupscripts in Perl and Bash.
  • Various iptables scrips.
  • A script called minilinux to create a small linux out of a huge running system.
  • Pigsparty was a small projetct that was never finished. The idea was to convert snort rule sets into iptables rule sets.
  • A snort admin interface in php.
  • A perlmodule and some programs (e.g. mfl) for the preparation and analysis of longitudinal data with a focus of same domains.

back to top
button Whats New
[2005-02-18] mp3riot version 1.3 released
[2004-10-08] mp3riot version 1.2 is out.
[2004-04-30] Added section Bridging
[2004-01-09] working progress on mp3riot version 1.2
Texas Linux Festis pleased to announce the initial list of speakers and presentations for its inaugural event. Keynote speakers include Joe "Zonker"Brockmeier and Randal L. Schwartz, with additional presentations by Linux, free software, and open source experts such as Jon "maddog"Hall, Amber Graner, Bradley Kuhn, and Max Spevack. The event will take place on Saturday, April 10th, in Austin Texas. Registration is available online. The complete list of talks is availableas well.
Texas Linux Fest announces 2010 program
Almost exactly one year ago, LWN examined the problem of 4K-sector drivesand the reasons for their existence. In short, going to 4KB physical sectors allows drive manufacturers to increase storage density, always welcome in that competitive market. Recently, there have been a number of reports that Linux is not ready to work with these drives; kernel developer Tejun Heo even posted an extensive, worth-reading summarystating that "4 KiB logical sector support is broken in both the kernel and partitioners."As the subsequent discussion revealed, though, the truth of the matter is that we're not quite that badly prepared; click below (subscribers only) for details.
[$] 4K-sector drives and Linux
The LibrePlanetconference, being held March 19-21 in Cambridge, Massachusetts, will be featuring a day-long Women's Caucuson Sunday March 21st. That track will be focusing on finding concrete ways to increase women's participation in free software, including a panel on recruiting and retaining women, a presentation on mentoring, and a workshop on how non-coders can take up critical roles in free software projects. In addition, LibrePlanet has keynotes from FSF founder Richard Stallman and EFF founder John Gilmore. More information can be found on the web sites or in the schedule.
LibrePlanet 2010 conference to feature Women's Caucus
Bruce Byfield takes a lookat innovations in GNOME and KDE. "Of course, GNOME and KDE have long had features that Windows lacked, such as multiple desktops and finer controls for customizing the user experience. However, in the last few years, both major free desktops have added features that show not only an interest in usability, but, at times, an effort to anticipate what users might actually want. The focus is by no means consistent, yet scattered here and there are features that can make any user glad that they're using a open source desktop."
GNOME and KDE: Seven Attractions in Each (Datamation)
The H coversthe CeBIT Open Source Forum. "The CeBIT Open Source Forum, a prominent feature in the Open Source area of Hall 2, featured several lectures, demonstrations and keynote speeches on several topics, from Open Source in data centres and security, to web browsers, mobility and multimedia. The H attended several of the Open Source Forum sessions, including the introduction of the latest 6.3 release of the popular Knoppix Live Linux distribution by Knoppix creator Klaus Knopper."
Happenings: FOSS at CeBIT 2010 (The H)
Simon Phipps, Chief Open Source Officer at Sun, reminiscesabout some achievements during his tenure. "Got some of the most important software in the computer industry released under Free licenses that guarantee software freedom for people who rely on them, regardless of who owns the copyrights. Unix, Java, key elements of Linux, the SPARC chip and much more have been liberated."
Simon Phipps: Last Day At Sun
Debianhas updated typo3-src(multiple vulnerabilities). Fedorahas updated bournal(F13, F12, F11: multiple vulnerabilities), F12: curl(arbitrary code execution), and F11: sudo(unintended privilege escalation). Pardushas updated sudo(unintended privilege escalation) and firefox(multiple vulnerabilities). Slackwarehas updated httpd(multiple vulnerabilities).
Security advisories for Tuesday
The first alpha release of Fedora 13 is out. "We need your help to make Fedora 13 the best release yet, so please take a moment of your time to download and try out the Alpha and make sure the things that are important to you are working. If you find a bug, please report it -- every bug you uncover is a chance to improve the experience for millions of Fedora users worldwide."There is a lotof new stuff in this release; see the announcement for a summary.
Fedora 13 Alpha released
Linus has kept his promise and released 2.6.34-rc1a bit earlier than usual, even though he reserves the right to pull in a few more trees yet. "So if you feel like you sent me a pull request bit might have been over-looked, please point that out to me, but in general the merge window is over. And as promised, if you left your pull request to the last day of a two-week window, you're now going to have to wait for the 2.6.35 window."Nouveau users should note that they can't upgrade to this kernel without updating their user-space as well.
The 2.6.34-rc1 kernel is out
TuxRadar takes a lookat several desktops and applications. "For the tinkerers and testers, 2010 is shaping up to be a perfect year. Almost every desktop and application we can think of is going to have a major release, and while release dates and roadmaps always have to be taken with a pinch of salt, many of these projects have built technology and enhancements you can play with now. We've selected the few we think are worth keeping an eye on and that can be installed easily, but Linux is littered with applications that are evolving all the time, so we've also tried to guess what the next big things might be."
Try the Linux desktop of the future (TuxRadar)
Fedorahas updated drupal(F12, F11: multiple vulnerabilities), F12: fetchmail(arbitrary code execution), and F12: sudo(unintended privilege escalation). Mandrivahas updated openoffice.org(multiple vulnerabilities) and apache(information leak). rPathhas updated openssh(information disclosure), postgresql(multiple vulnerabilities), gzip(arbitrary code execution), and mysql(multiple vulnerabilities). Slackwarehas updated firefox(multiple vulnerabilities). SUSEhas updated kernel(multiple vulnerabilities). Ubuntuhas updated gnome-screensaver(lock bypass).
Monday's security updates
LWN first looked at LogFS, a new filesystem aimed at solid-state storage devices, back in 2007. It has taken a long time, but, as of 2.6.34, LogFS will be in the mainline kernel and available for use; let the benchmarking begin.
LogFS merged into the mainline kernel
Version 2.2.15 of the Apache HTTPD server is out. "Notably, this release was updated to reflect the OpenSSL Project's release 0.9.8m of the openssl library, and addresses CVE-2009-3555 (cve.mitre.org), the TLS renegotiation prefix injection attack. This release further addresses the issues CVE-2010-0408, CVE-2010-0425 and CVE-2010-0434 within mod_proxy_ajp, mod_isapi and mod_headers respectively."
Apache 2.2.15 released
The OpenSSH 5.4 release is out, with a number of new features; these include a new certificate format, a "netcat mode,"a key revocation operation, better multiplexing support, and strengthened encryption. This release also removesdisables (by default) support for version 1 of the SSH protocol - a change which few users should notice at this point.
OpenSSH 5.4 released
The Register has posted an articleon a reported OpenSSL vulnerability that allows attackers to obtain a system's private key. Before hitting the panic button, though, it's worth seeing what's involved in carrying out this attack: "The university scientists found that they could deduce tiny pieces of a private key by injecting slight fluctuations in a device's power supply as it was processing encrypted messages. In a little more than 100 hours, they fed the device enough 'transient faults' that they were able to assemble the entirety of its 1024-bit key."It could be a problem for keys hidden in embedded systems, but that is probably about the extent of it.
'Severe' OpenSSL vuln busts public key crypto (Register)
Microsoft Excel Object Type Confusion Remote Code Execution Vulnerability
Vuln: Microsoft Excel Object Type Confusion Remote Code Execution Vulnerability
Microsoft Excel MDXSET Record Remote Heap Buffer Overflow Vulnerability
Vuln: Microsoft Excel MDXSET Record Remote Heap Buffer Overflow Vulnerability
RETIRED: Microsoft March 2010 Advance Notification Multiple Vulnerabilities
Vuln: RETIRED: Microsoft March 2010 Advance Notification Multiple Vulnerabilities
Microsoft Excel DbOrParamQry Record Remote Code Execution Vulnerability
Vuln: Microsoft Excel DbOrParamQry Record Remote Code Execution Vulnerability
ZDI-10-025: Microsoft Office Excel XLSX File Parsing Remote Code Execution Vulnerability
Bugtraq: ZDI-10-025: Microsoft Office Excel XLSX File Parsing Remote Code Execution Vulnerability
SQL injection vulnerability in wILD CMS
Bugtraq: SQL injection vulnerability in wILD CMS
IBM ENOVIA SmarTeam v5 Cross Site Scripting Vulnerability
Bugtraq: IBM ENOVIA SmarTeam v5 Cross Site Scripting Vulnerability
[security bulletin] HPSBMA02489 SSRT090065 rev.1 - HP Performance Insight , Remote Execution of Arbitrary Commands
Bugtraq: [security bulletin] HPSBMA02489 SSRT090065 rev.1 - HP Performance Insight , Remote Execution of Arbitrary Commands
News, Infocus, Columns, Vulnerabilities, Bugtraq ...
More rss feeds from SecurityFocus
-->