Welcome to LinuxSecure
I found some scripts on my workstation that have not been
published and may be interesting for some people. Actually, I will not prepare them for publishing, but you can
contact me, if you are interested in one or more of them.
- A tool for the backup of network components. The script runs as a daemon and can be configured via config files.
It reads in the config files containing the passwords of the components once, so you can store them in a crypt storage.
There exist severeal templates for ssh, scp, telnet. The intention is to make automated backups from router, switches, firewalls etc.
- Postfixanalyser was written for the trendmicro mail virusscanner. You can search for mails and you will get a
status for the found mails: when did the system receive it, when was it working with the mail the last time, whats the status of the
mail, where there any problem while delivering the mail. The second feature was a simple statistic: bytes and number of mails received and send,
mails by status (received from extern, queued, sent to trend, received from trend, queued, delivered) and mails by problem
(deferred and not sent to scanner (scanner rejected), deferred and not sent to scanner (scanner down), sent to trend, but deferred before,
dereffed and not sent to extern (mta rejected), deferred and not sent to extern (mta down), sent to extern, but deferred befor).
- A logscanner and a scanner for the checkpoint objects file.
- A tool, that parses the registry of the genugate firewall and produces a more human readable output in html.
- A ftp-script for the honeynet.
- Various backupscripts in Perl and Bash.
- Various iptables scrips.
- A script called minilinux to create a small linux out of a huge running system.
- Pigsparty was a small projetct that was never finished. The idea was to convert snort rule sets into iptables rule sets.
- A snort admin interface in php.
- A perlmodule and some programs (e.g. mfl) for the preparation and analysis of longitudinal data with a focus of same domains.
back to top
| Whats New|
|[2005-02-18] mp3riot version 1.3 released|
|[2004-10-08] mp3riot version 1.2 is out.|
|[2004-04-30] Added section Bridging|
|[2004-01-09] working progress on mp3riot version 1.2|
|Debian 8, codenamed "Jessie", has been released. It comes with a wide array of upgraded packages including GNOME 3.14, KDE Plasma Workspaces and KDE Applications 4.11.13, Python 2.7.9 and 3.4.2, Perl 5.20.2, PHP 5.6.7, PostgreSQL 9.4.1, MariaDB 10.0.16 and MySQL 5.5.42, Linux 3.16.7-ctk9, and lots more. "With this broad selection of packages and its traditional wide
architecture support, Debian once again stays true to its goal of being
the universal operating system. It is suitable for many different use
cases: from desktop systems to netbooks; from development servers to
cluster systems; and for database, web, or storage servers. At the same
time, additional quality assurance efforts like automatic installation
and upgrade tests for all packages in Debian's archive ensure that
"Jessie"fulfills the high expectations that users have of a stable
|Debian 8 "Jessie"released|
|The Rust blog has posted a guideto using Rust's foreign function interface (FFI) with C code.
Highlighted in particular are Rust's safe abstractions, which are said
to impose no costs. "Most features in Rust tie into its core
concept of ownership, and the FFI is no exception. When binding a C
library in Rust you not only have the benefit of zero overhead, but
you are also able to make it safer than C can! Bindings can leverage
the ownership and borrowing principles in Rust to codify comments
typically found in a C header about how its API should be
|Rust Once, Run Everywhere|
|Arch Linuxhas updated powerdns(denial of service) and powerdns-recursor(denial of service).
Debian-LTShas updated subversion(multiple vulnerabilities).
Fedorahas updated lcms(F20: denial of service)
and php(F21: multiple vulnerabilities).
Mageiahas updated chromium-browser-stable(M4: multiple vulnerabilities), chrony(M4: multiple vulnerabilities), lftp(M4: SSL server spoofing), libksba(M4: denial of service), ntop(M4: cross-site scripting), setup(M4: information disclosure), and t1utils(M4: multiple vulnerabilities).
openSUSEhas updated firefox(13.1; 13.2:
and socat(13.1: denial of service).
Oraclehas updated kernel(kernel 3.8.18 (O6, O7);
kernel 2.6.39 (O5, O6);
kernel 2.6.32 (O5, O6): multiple vulnerabilities).
Red Hathas updated novnc(RHEL OSP4: VNC session hijacking).
Ubuntuhas updated firefox(code execution), usb-creator(12.04, 14.04, 14.10; 15.04: privilege escalation), and wpa_supplicant(14.04, 14.10: code execution).
|Friday's security updates|
|The Ubuntu 15.04 release is out. "Ubuntu Server 15.04 includes the Kilo release of OpenStack, alongside
deployment and management tools that save devops teams time when
deploying distributed applications - whether on private clouds, public
clouds, x86 or ARM servers, or on developer laptops. Several key server
technologies, from MAAS to Ceph, have been updated to new upstream
versions with a variety of new features.
This release also includes the first release of snappy Ubuntu Core, a
new distribution model based on transactional updates."LWN looked at Snappyin January.
|Ubuntu 15.04 (Vivid Vervet) released|
|Ars Technica reportson a wpa_supplicant bugthat might leave Linux and other systems open to remote code execution.
"That's because the code fails to check the length of incoming SSID
information and writes information beyond the valid 32 octets of data to
memory beyond the range it was allocated. SSID information 'is transmitted
in an element that has a 8-bit length field and potential maximum payload
length of 255 octets,' [wpa_supplicant maintainer Jouni] Malinen wrote,
and the code 'was not sufficiently verifying the payload length on one of
the code paths using the SSID received from a peer device. This can result
in copying arbitrary data from an attacker to a fixed length buffer of 32
bytes (i.e., a possible overflow of up to 223 bytes). The overflow can
override a couple of variables in the struct, including a pointer that gets
freed. In addition, about 150 bytes (the exact length depending on
architecture) can be written beyond the end of the heap
|Wi-Fi software security bug could leave Android, Windows, Linux open to attack (Ars Technica)|
|Arch Linuxhas updated glibc(code execution).
Fedorahas updated chrony(F21:
three vulnerabilities), gnupg2(F20: denial
of service), java-1.7.0-openjdk(F20:
unspecified), kernel(F21; F20: denial of service), ntp(F20: two vulnerabilities), python(F20: denial of service from 2013), spatialite-tools(F21: three vulnerabilities),
and sqlite(F21: three vulnerabilities).
Oraclehas updated kvm(OL5: two vulnerabilities).
|Security updates for Thursday|
|The LWN.net Weekly Edition for April 23, 2015 is available.
|[$] LWN.net Weekly Edition for April 23, 2015|
|Few readers will have failed to notice by now that the attempted merging of
the kdbus interprocess communication system into the 4.1 kernel has failed
to go as well as its proponents would have liked. As of this writing, the
discussion continues and nothing has been merged. This article constitutes
an attempt to derive a bit of light from the massive amounts of heat that
have been generated so far, with a specific focus on the issue of metadata
|[$] The kdbuswreck|
|Opensource.com introducesSourcegraph. "Sourcegraph is a code search engine and browsing tool that semantically indexes all the open source code available on the web. You can search for code by repository, package, or function and click on fully linked code to read the docs, jump to definitions, and instantly find usage examples. And you can do all of this in your web browser, without having to configure any editor plugin."|
|Sourcegraph: A free code search tool for open source developers (Opensource.com)|
|Arch Linuxhas updated firefox(code execution).
CentOShas updated kernel(C6:
multiple vulnerabilities), kvm(C5: two
vulnerabilities), and qemu-kvm(C6: privilege escalation).
Debianhas updated curl(multiple
vulnerabilities) and subversion(two vulnerabilities).
Debian-LTShas updated wireshark(multiple vulnerabilities).
Fedorahas updated ceph-deploy(F21: information leak), firefox(F20:
multiple vulnerabilities), libzip(F21; F20: code
execution), mingw-gnutls(F21: denial of
service), mingw-libtasn1(F21; F20: denial of service), openstack-neutron(F20: denial of service),
python-virtualenv(F21; F20: insecure software download),
qt5-qtwebkit(F21; F20: denial of service), and qtwebkit(F21; F20:
denial of service).
openSUSEhas updated Chromium(13.2, 13.1: multiple vulnerabilities).
Oraclehas updated glibc(OL6:
two vulnerabilities), kernel(OL6: multiple
vulnerabilities), and qemu-kvm(OL6: privilege escalation).
Red Hathas updated kernel(RHEL5.9: privilege escalation), kvm(RHEL5: two vulnerabilities), and qemu-kvm(RHEL6: privilege escalation).
Scientific Linuxhas updated kernel(SL6: multiple vulnerabilities), kvm(SL5: two vulnerabilities), and qemu-kvm(SL6: privilege escalation).
Slackwarehas updated bind(denial of service), gnupg(multiple
vulnerabilities), mutt(denial of service),
ntp(two vulnerabilities), openssl(multiple vulnerabilities), php(multiple vulnerabilities), ppp(two vulnerabilities), proftpd(unauthenticated copying of files), qt(multiple vulnerabilities), and seamonkey(multiple vulnerabilities).
SUSEhas updated mariadb(SLE12: multiple vulnerabilities).
|Security advisories for Wednesday|
|Version 5.1 of the GNU Compiler Collection is out. "GCC 5.1 is a
major release containing substantial new functionality not available in GCC
4.9.x or previous GCC releases."Some of that new functionality
includes full C++14 language support, quite a few optimization
improvements, partial OpenACCsupport, OpenMP 4.0 support, an
experimental JIT library, and more; see the changelogfor details.
|GCC 5.1 released|
|The Daily Dot reportsthat the Tor project is receiving some funding from the US Defense Advanced
Research Projects Agency (DARPA) to improve Tor's hidden services. "The Dark Net road map moving forward is ambitious. Tor plans to double the encryption strength of hidden service?s identity key and to allow offline storage for that key, a major security upgrade.
Next-generation hidden services may be run from multiple hosts to better deal with denial of service attacks and high traffic in general, a potentially big power boost that further closes the gap between the Dark Net and normal websites."|
|How Tor is building a new Dark Net with help from the U.S. military (The Daily Dot)|
|Fedora 22 Beta has been released. It comes in Workstation, Server, and
Cloud editions, as well as several spins. This version replaces yum with
DNF for package management, as discussed in this recent LWN article. The Cloud edition features the
latest versions of rpm-ostree and rpm-ostree-toolbox and introduces the
Atomic command line tool. The Server edition features a new database server
role based on PostgreSQL, an updated Cockpit, and XFS as the default
filesystem. The Workstation product has also seen a number of enhancements
and improvements, including a redesigned GNOME Shell notification system,
transitional Wayland support, and much more.
|Announcing the release of Fedora 22 Beta|
|Arch Linuxhas updated jdk8-openjdk(multiple vulnerabilities), jre8-openjdk(multiple vulnerabilities), jre8-openjdk-headless(multiple vulnerabilities), and tcpdump(denial of service).
CentOShas updated glibc(C6: two
Debian-LTShas updated python-django-markupfield(information leak).
Red Hathas updated glibc(RHEL6:
two vulnerabilities) and kernel(RHEL6: multiple vulnerabilities).
Scientific Linuxhas updated glibc(SL6: two vulnerabilities).
SUSEhas updated Real Time Linux
Kernel(SLERTE11 SP3: multiple vulnerabilities).
Ubuntuhas updated mysql-5.5(14.10, 14.04, 12.04: multiple vulnerabilities), openjdk-6(12.04, 10.04: multiple
vulnerabilities), openjdk-7(14.10, 14.04:
multiple vulnerabilities), and php5(14.10,
14.04, 12.04, 10.04: multiple vulnerabilities).
|Tuesday's security updates|
|O'Reilly has posted an
excerpt from Puppet Best Practices, an upcoming book about the
Puppet system configuration tool. It's a good place to look for those
wanting an introduction to how Puppet works. "Puppet can be somewhat
alien to technologists who have a background in automation scripting. Where
most of our scripts scripts are procedural, Puppet is declarative. While a
declarative language has many major advantages for configuration
management, it does impose some interesting restrictions on the approaches
we use to solve common problems."|
|The Puppet design philosophy (O'Reilly)|