Welcome to LinuxSecure
I found some scripts on my workstation that have not been
published and may be interesting for some people. Actually, I will not prepare them for publishing, but you can
contact me, if you are interested in one or more of them.
- A tool for the backup of network components. The script runs as a daemon and can be configured via config files.
It reads in the config files containing the passwords of the components once, so you can store them in a crypt storage.
There exist severeal templates for ssh, scp, telnet. The intention is to make automated backups from router, switches, firewalls etc.
- Postfixanalyser was written for the trendmicro mail virusscanner. You can search for mails and you will get a
status for the found mails: when did the system receive it, when was it working with the mail the last time, whats the status of the
mail, where there any problem while delivering the mail. The second feature was a simple statistic: bytes and number of mails received and send,
mails by status (received from extern, queued, sent to trend, received from trend, queued, delivered) and mails by problem
(deferred and not sent to scanner (scanner rejected), deferred and not sent to scanner (scanner down), sent to trend, but deferred before,
dereffed and not sent to extern (mta rejected), deferred and not sent to extern (mta down), sent to extern, but deferred befor).
- A logscanner and a scanner for the checkpoint objects file.
- A tool, that parses the registry of the genugate firewall and produces a more human readable output in html.
- A ftp-script for the honeynet.
- Various backupscripts in Perl and Bash.
- Various iptables scrips.
- A script called minilinux to create a small linux out of a huge running system.
- Pigsparty was a small projetct that was never finished. The idea was to convert snort rule sets into iptables rule sets.
- A snort admin interface in php.
- A perlmodule and some programs (e.g. mfl) for the preparation and analysis of longitudinal data with a focus of same domains.
back to top
| Whats New|
|[2005-02-18] mp3riot version 1.3 released|
|[2004-10-08] mp3riot version 1.2 is out.|
|[2004-04-30] Added section Bridging|
|[2004-01-09] working progress on mp3riot version 1.2|
|The Free Software Foundation blog has posted an articledetailing a
newly discovered government surveillance project as well as a new
technological countermeasure. The surveillance project is known as
HACIENDA, as is reportedly a multi-national effort "to map every
server in twenty-seven countries, employing a technique known as port
scanning."The countermeasure, developed by Julian Kirsch,
Christian Grothoff, Jacob Appelbaum, and Holger Kenn, is called TCP Stealth. According
to the TCP Stealth whitepaper, the system "replaces the
traditional random TCP SQN number with a token that authenticates the
client and (optionally) the first bytes of the TCP payload. Clients
and servers can enable TCP Stealth by explicitly setting a socket
option or linking against a library that wraps existing network system
calls."A Linux implementation of the scheme is available.
|FSF: GNU hackers discover HACIENDA government surveillance and give us a way to fight back|
|Debianhas updated libstruts1.2-java(code execution) and
Fedorahas updated drupal7(F19; F20:
denial of service), drupal7-date(F19; F20: cross-site scripting), libndp(F19; F20: code execution), and wordpress(F20: denial of service).
Mageiahas updated catfish(M3; M4:
privilege escalation), gpgme(code
python-pillow(denial of service), and subversion(M3; M4:
openSUSEhas updated openstack-neutron(13.1: access
restriction bypass), apache2(12.3; 13.1: multiple vulnerabilities), apache2-mod_security2(rules bypass), krb5,(code execution), openssl(multiple vulnerabilities),
python(12.3; 13.1: information leak), python3(13.1: information leak), and samba(13.1: multiple vulnerabilities).
Red Hathas updated openstack-nova(RHEL OpenStack: multiple vulnerabilities).
Ubuntuhas updated oxide-qt(14.04: multiple vulnerabilities).
|Thursday's security updates|
|The results from the Linux Foundation TAB election have been announced; the
five open seats went to Chris Mason, John Linville, H. Peter Anvin, Grant
Likely, and Kristen Accardi.
|Linux Foundation Technical Advisory Board election results|
|The LWN.net Weekly Edition for August 21, 2014 is available.
|[$] LWN.net Weekly Edition for August 21, 2014|
|A project as large as GNOME consists of enough constituent parts
that it can be a challenge just to keep up with the latest
developments of the various applications, libraries, and
infrastructure efforts. GUADEC2014 in Strasbourg provided a number
of opportunities to get up speed on the various moving
pieces. Of course, it is impossible to catch everything at a
multi-track event, but there were still quite a few updates worth mentioning.
|[$] GNOME development updates from GUADEC|
|CentOShas updated qemu-kvm(C6:
Debianhas updated cacti(multiple vulnerabilities).
openSUSEhas updated gpgme(13.1,
12.3: code execution) and wireshark(13.1: multiple vulnerabilities).
Oraclehas updated qemu-kvm(OL6:
Red Hathas updated kernel-rt(RHE MRG 2.5: multiple vulnerabilities), openstack-neutron(RHEL OSP 4.0:
denial of service), and thermostat1-httpcomponents-client(RHSC1: SSL server spoofing).
Ubuntuhas updated openjdk-7(14.04 LTS: multiple vulnerabilities).
|Security advisories for Wednesday|
|The 2014 Kernel Summit was held on August 18-20 in Chicago, IL, USA.
Reports from the first day's session are now available to LWN subscribers.
Topics covered range from I/O memory management units to the stable and
linux-next trees, to performance regressions and code review. Click below
(subscribers only) for access to the full set of articles.
|[$] The 2014 Kernel Summit|
a lookat using 2-factor authentication for commit access to kernel
git repositories. "Having the technology available is one thing, but how to incorporate it into the kernel development process -- in a way that doesn't make developers' lives painful and unbearable? When we asked them, it became abundantly clear that nobody wanted to type in 6-digit codes every time they needed to do a git remote operation. Where do you draw the line between security and usability in this case?
We looked at the options available in gitolite, the git repository management solution used at kernel.org, and found a way that allowed us to trigger additional checks only when someone performed a write operation, such as "git push."Since we already knew the username and the remote IP address of the developer attempting to perform a write operation, we put together a verification tool that allowed developers to temporarily whitelist their IP addresses using their 2-factor authentication token."|
|Linux Kernel Git Repositories Add 2-Factor Authentication (Linux.com)|
|CentOShas updated nss-util(C7:
incorrect wildcard certificate handling), nss-softokn(C7: incorrect wildcard
certificate handling), and nss(C7: incorrect wildcard certificate handling).
Fedorahas updated kernel(F19:
multiple vulnerabilities) and samba(F19: remote code execution/privilege escalation).
Oraclehas updated nss, nss-util,
nss-softokn(OL7: incorrect wildcard certificate handling).
Red Hathas updated qemu-kvm(RHEL6: multiple vulnerabilities).
Scientific Linuxhas updated qemu-kvm(SL6: multiple vulnerabilities).
SUSEhas updated flash-player(SLED11 SP3: multiple vulnerabilities).
Ubuntuhas updated openssl(10.04 LTS: regression in previous update).
|Security advisories for Tuesday|
|Python core developer Nick Coghlan seeks
to dispel worriesthat an eventual Python 4.0 release will be as
disruptive as 3.0 was. "Why mention this point? Because this switch
to 'Unicode by default' is the most disruptive of the backwards
incompatible changes in Python 3 and unlike the others (which were more
language specific), it is one small part of a much larger industry wide
change in how text data is represented and manipulated. With the language
specific issues cleared out by the Python 3 transition, a much higher
barrier to entry for new language features compared to the early days of
Python and no other industry wide migrations on the scale of switching from
'binary data with an encoding' to Unicode for text modelling currently in
progress, I can't see any kind of change coming up that would require a
Python 3 style backwards compatibility break and parallel support
|Coghlan: Why Python 4.0 won't be like Python 3.0|
|Neil Brown, the MD maintainer, has sent out an alert for a bug which, in
fairly abnormal conditions, can lead to data loss on an MD-hosted RAID6
array. "There is no risk to an optimal array or a singly-degraded
array. There is also no risk on a doubly-degraded array which is not
recovering a device or is not receiving write requests."RAID6
users will likely want to apply the patch, though, which is likely to show
up in the next stable kernel update from distributors.
|An md/raid6 data corruption bug|
|The election for half of the members of the Linux Foundation's Technical
Advisory board will be held 8:00PM, August 20, at the Kernel
Summit/LinuxCon joint reception. As of this writing, there are fewer
candidates than open positions. Anybody interested in serving on the TAB
is encouraged to make their interest known prior to the election time and,
if possible, attend the election.
|The Linux Foundation Technical Advisory Board election|
|Debianhas updated xen(multiple vulnerabilities).
Fedorahas updated 389-ds-base(F20: information
disclosure), iodine(F19; F20: authentication bypass), kernel(F20: multiple vulnerabilities),
krfb(F19; F20: denial of service), pixman(F20: denial of service), and
tboot(F19; F20: boot chain bypass).
Gentoohas updated libmodplug(multiple vulnerabilities).
Mageiahas updated 389-ds-base(information disclosure), dhcpcd(denial of service), flash-player-plugin(multiple vulnerabilities), kernel-linus(M3; M4: multiple vulnerabilities), kernel-tmb(M3; M4: multiple vulnerabilities), and kernel-vserver(multiple vulnerabilities).
openSUSEhas updated flash-player(11.4: multiple vulnerabilities).
Red Hathas updated nss,
nss-util, nss-softokn(RHEL7: incorrect certificate handling).
SUSEhas updated krb5(code execution).
Ubuntuhas updated kernel(14.04: multiple vulnerabilities) and linux-lts-trusty(12.04: multiple vulnerabilities).
|Monday's security updates|
|Linus has released3.17-rc1 and closed the
merge window for this release. He had suggested that the merge window
could be extended, but that's not how things turned out. "I'm going
to be on a plane much of tomorrow, and am not really supportive of
last-minute pull requests during the merge window anyway, so I'm closing
the merge window one day early, and 3.17-rc1 is out there now."|
|Kernel prepatch 3.17-rc1|
|O'Reilly Radar has posted a retrospective
lookat the OpenStreetMap(OSM) project on the occasion of OSM's
ten-year anniversary. Tyler Bell calls the project "the most
significant development in the Open Geo Data movement"outside
of GPS; noting that before OSM's creation, "map data sources
were few, and largely controlled by a small collection of private and
governmental players. The scarcity of map data ensured that it
remained both expensive and highly restrictive, and no one but the
largest navigation companies could use map data."Particularly
interesting are the various comparisons between the state of
the map in 2007 and today; the project's 1.5 million registered users
do not seem to be slowing down, even if today's emphasis has shifted
somewhat to less-visible features: "nodes are getting connected
and turn restrictions added to facilitate navigation, while addresses
are being sourced to help with geocoding and place finding."|
|Ten years of OpenStreetMap (O'Reilly Radar)|