LINUXsecure_LOGO
Issues on Linux and Security
 
-->
button Security Tasks
Protection
Detection
Reaction
 
button Description
Firewall
Packetfilter
Proxies
IDS
Policy
 
button Protection
In general
Iptables
Good Rules
SSH
Jail
 
button Detection
In general
Snort
Sniffing
Tripwire
Portsentry
Virus scanner
Rootkit scanner
Security scanner
 
button Hardening
In general
Openssh
Tinyproxy
 
button Bridging
Bridge
Bridging Firewall
Bridging IPS
 
button Other
Home
Vulnerabilities
Books
Links
F2html.pl
mp3riot
Downloads
News
Pigsparty
Gallery
Contributors
Impressum
 
button Search
Google
This Site

 
search in regular content
news
vulnerabilities
books
home
button Home
 

Welcome to LinuxSecure

I found some scripts on my workstation that have not been published and may be interesting for some people. Actually, I will not prepare them for publishing, but you can contact me, if you are interested in one or more of them.

  • A tool for the backup of network components. The script runs as a daemon and can be configured via config files. It reads in the config files containing the passwords of the components once, so you can store them in a crypt storage. There exist severeal templates for ssh, scp, telnet. The intention is to make automated backups from router, switches, firewalls etc.
  • Postfixanalyser was written for the trendmicro mail virusscanner. You can search for mails and you will get a status for the found mails: when did the system receive it, when was it working with the mail the last time, whats the status of the mail, where there any problem while delivering the mail. The second feature was a simple statistic: bytes and number of mails received and send, mails by status (received from extern, queued, sent to trend, received from trend, queued, delivered) and mails by problem (deferred and not sent to scanner (scanner rejected), deferred and not sent to scanner (scanner down), sent to trend, but deferred before, dereffed and not sent to extern (mta rejected), deferred and not sent to extern (mta down), sent to extern, but deferred befor).
  • A logscanner and a scanner for the checkpoint objects file.
  • A tool, that parses the registry of the genugate firewall and produces a more human readable output in html.
  • A ftp-script for the honeynet.
  • Various backupscripts in Perl and Bash.
  • Various iptables scrips.
  • A script called minilinux to create a small linux out of a huge running system.
  • Pigsparty was a small projetct that was never finished. The idea was to convert snort rule sets into iptables rule sets.
  • A snort admin interface in php.
  • A perlmodule and some programs (e.g. mfl) for the preparation and analysis of longitudinal data with a focus of same domains.

back to top
button Whats New
[2005-02-18] mp3riot version 1.3 released
[2004-10-08] mp3riot version 1.2 is out.
[2004-04-30] Added section Bridging
[2004-01-09] working progress on mp3riot version 1.2
ACTA (Anti-Counterfeiting Trade Agreement) was called "more dangerous than SOPA"by US Sen. Ron Wyden (D-OR), as ars technica reports. "Kader Arif, a French member of the European Parliament from the Socialist Party, had been assigned to be a rapporteur on ACTA, meaning that he was asked to study the issue and deliver a report on the subject. But he resigned in protest on Thursday. ?I want to denounce in the strongest possible manner the entire process that led to the signature of this agreement,"he said, according to one translation. "No inclusion of civil society organisations, a lack of transparency from the start of the negotiations, repeated postponing of the signature of the text without an explanation being ever given, exclusion of the EU Parliament's demands that were expressed on several occasions in our assembly.?"
Opponents protest signing of ACTA without adequate debate (ars technica)
Debianhas updated libxml2(code execution/denial of service) and wireshark(multiple vulnerabilities). Fedorahas updated F15: php(denial of service and information disclosure), F15: php-eaccelerator(denial of service and information disclosure), and F15: maniadrive(denial of service and information disclosure). Gentoohas updated ktsuss(privilege escalation). openSUSEwill be updating the certificatesfor all openSUSE hosts located Nuremberg. Click below for details.
Security advisories for Friday
Lennart Poettering has announcedthe posting of a summary of the motivations for merging several root-level directories into /usr. "A unified filesystem layout (as it results from the /usr merge) is more compatible with UNIX than Linux? traditional split of /bin vs. /usr/bin. Unixes differ in where individual tools are installed, their locations in many cases are not defined at all and differ in the various Linux distributions. The /usr merge removes this difference in its entirety, and provides full compatibility with the locations of tools of any Unix via the symlink from /bin to /usr/bin."
The case for the /usr merge
Fedorahas updated rubygem-actionpack(F15; F16: cross-site scripting). Oraclehas updated kernel(OL6: privilege escalation) and kernel-uek(OL5; OL6: privilege escalation and improved CVE-2010-2962 fix). Scientific Linuxhas updated kernel(SL6: privilege escalation), glibc(SL6: multiple vulnerabilities), openssl(SL6: multiple vulnerabilities), t1lib(SL6: multiple vulnerabilities), and qemu-kvm(SL6: privilege escalation). SUSEhas updated java-1_4_2-ibm(SLE 10 SP4: multiple vulnerabilities). Ubuntuhas updated evince(code execution), linux-lts-backport-oneiric(privilege escalation), icu(code execution), and xorg(access restriction bypass).
Thursday's security updates
The 2.6.32.55, 3.0.18, and 3.2.2stable updates have been released; each contains the usual long list of important fixes
Three new stable kernel updates
The LWN.net Weekly Edition for January 26, 2012 is available.
[$] LWN.net Weekly Edition for January 26, 2012
HP has announceda roadmap for the open-sourcing of webOS that calls for the full code base to be released by September. The Apache 2.0 license will be used. "HP also announced it is releasing version 2.0 of webOS?s innovative developer tool, Enyo. Enyo 2.0 enables developers to write a single application that works across mobile devices and desktop web browsers, from the webOS, iOS and Android platforms to the Internet Explorer and Firefox browsers ? and more. The source code for Enyo is available today, giving the open source community immediate access to the acclaimed application framework for webOS."
HP: webOS to be fully released by September
[Flying robot shark]"World domination"is a less prevalent theme in Linux and open source discussions these days than it was some time ago, but it still comes up regularly in one field of study: robots. At the 2012 Southern California Linux Expo(SCALE) in Los Angeles, Willow Garage's Tully Foote described the Robot Operating System(ROS) project, an open source stack for state-of-the-art robotics. ROS is in use by industry and academic research projects, often on hardware that runs in the hundreds-of-thousands of dollars range, but it is capable of running on low end and homebrew robots, too. Click below (subscribers only) for the full report from SCALE 10x.
[$] Robots rampage (in a friendly way) at SCALE 10X
CentOShas updated openssl(C5: multiple vulnerabilities), kvm(C5: denial of service and privilege escalation), and kernel(C6: privilege escalation). Debianhas updated bip(remote code execution). Fedorahas updated wireshark(F15: multiple vulnerabilities) and kernel(F15: privilege escalation). Oraclehas updated t1lib(EL6: multiple vulnerabilities), openssl(EL5, EL6: multiple vulnerabilities), and glibc(EL6: code execution and denial of service). Red Hathas updated t1lib(RHEL6: multiple vulnerabilities), kernel-rt(MRG2.1: privilege escalation), openssl(RHEL5, RHEL6: multiple vulnerabilities), and glibc(RHEL6: code execution (from 2009) and denial of service). Scientific Linuxhas updated openssl(SL5: multiple vulnerabilities). Ubuntuhas updated curl(data injection), kernel(information disclosure and denial of service), and kernel(10.04 LTS: denial of service).
Wednesday's security updates
The KDE project has announcedthe release of KDE Plasma Workspaces, KDE Applications, and KDE Platform4.8. "KDE applications released today include Dolphin with its new display engine and semantic goodies, new Kate features and improvements, and Gwenview enhancements. Enjoy new Marble features such as interactive Elevation Profile, satellite tracking and Krunner integration."
KDE 4.8 released
The third set of interviewswith speakers from the upcoming FOSDEMconference has been posted; featured this time are Bdale Garbee, Finne Boonen, Guido Trotter, Wim Godden, Garrett Serack, and Renzo Davoli. "The central role of computers and interfaces has disappeared, services are the main focus now. The logical structure of the internet must change as a consequence of this. By the IoTh [Internet of Threads] we mean a structure where the addressable nodes of the internet are, or can also be, processes or even concurrent threads of a process. In the IoTh the definition of an independent networking stack, with its own virtual interfaces, addresses, routing is as simple as the creation of a PF_UNIX socket. It is an 'ordinary business' user-space operation, not a structural and dangerous change, for system administrators only."
FOSDEM interviews, part 3
CentOShas updated C6: qemu-kvm(code execution). Debianhas updated rails(fixes a regression introduced in the previous update) and openssl(denial of service). Fedorahas updated emacs(F16; F15: privilege escalation), F16: kernel(privilege escalation/restriction bypass), F15: openssl(denial of service), and F15: xkeyboard-config(screensaver lock bypass). Gentoohas updated freetype(multiple vulnerabilities), jasper(two code execution flaws), fwbuilder(symlink attack/privilege escalation), tor(code execution/information disclosure), mit-krb5(multiple vulnerabilities), and mit-krb5-appl(privilege escalation/code execution). Oraclehas updated OL6: qemu-kvm(code execution/restriction bypass) and OL5: kvm(denial of service/code execution). Red Hathas updated qemu-kvm(code execution), kvm(denial of service/code execution), and kernel(privilege escalation). Scientific Linuxhas updated SL5: kvm(denial of service/code execution). SUSEhas updated libxml2(code execution). Ubuntuhas updated linux-lts-backport-natty(denial of service/information leak), linux-lts-backport-oneiric(multiple vulnerabilities), 10.10(denial of service/information leak), rsyslog(denial of service), qemu-kvm(code execution), and thunderbird(multiple vulnerabilities).
Tuesday's security updates
Version 7.4 of the GDB debugger is out. New features include a Renesas RL78 simulator, a number of Python scripting improvements, several new debugging commands and options, and more.
GDB 7.4 released
Here's a lengthy posting from Mark Shuttleworthdescribing the "heads-up display"concept that Ubuntu is pushing toward. "It?s smart, because it can do things like fuzzy matching, and it can learn what you usually do so it can prioritise the things you use often. It covers the focused app (because that?s where you probably want to act) as well as system functionality; you can change IM state, or go offline inSkype, all through the HUD, without changing focus, because those apps all talk to the indicator system. When you?ve been using it for a little while it seems like it?s reading your mind, in a good way."
Shuttleworth: Introducing the HUD. Say hello to the future of the menu.
Videos from the recently concluded linux.conf.au in Ballarat have been uploadedto YouTube.
Linux.conf.au 2012 videos available
Pligg CMS 'status' Parameter SQL Injection Vulnerability
Vuln: Pligg CMS 'status' Parameter SQL Injection Vulnerability
QEMU KVM CVE-2012-0029 Local Privilege Escalation Vulnerability
Vuln: QEMU KVM CVE-2012-0029 Local Privilege Escalation Vulnerability
Apache Tomcat AJP Protocol Security Bypass Vulnerability
Vuln: Apache Tomcat AJP Protocol Security Bypass Vulnerability
Apache Tomcat 'sendfile' Request Attributes Information Disclosure Vulnerability
Vuln: Apache Tomcat 'sendfile' Request Attributes Information Disclosure Vulnerability
AdaCore Security Advisory SA-2012-L119-003 Hash collisions in AWS
Bugtraq: AdaCore Security Advisory SA-2012-L119-003 Hash collisions in AWS
[ GLSA 201201-15 ] ktsuss: Privilege escalation
Bugtraq: [ GLSA 201201-15 ] ktsuss: Privilege escalation
[SECURITY] [DSA 2394-1] libxml2 security update
Bugtraq: [SECURITY] [DSA 2394-1] libxml2 security update
[HITB-Announce] Reminder: HITB2012AMS Call For Papers Closing Soon
Bugtraq: [HITB-Announce] Reminder: HITB2012AMS Call For Papers Closing Soon
News, Infocus, Columns, Vulnerabilities, Bugtraq ...
More rss feeds from SecurityFocus
-->