|
|
 |
Welcome to LinuxSecure
I found some scripts on my workstation that have not been
published and may be interesting for some people. Actually, I will not prepare them for publishing, but you can
contact me, if you are interested in one or more of them.
- A tool for the backup of network components. The script runs as a daemon and can be configured via config files.
It reads in the config files containing the passwords of the components once, so you can store them in a crypt storage.
There exist severeal templates for ssh, scp, telnet. The intention is to make automated backups from router, switches, firewalls etc.
- Postfixanalyser was written for the trendmicro mail virusscanner. You can search for mails and you will get a
status for the found mails: when did the system receive it, when was it working with the mail the last time, whats the status of the
mail, where there any problem while delivering the mail. The second feature was a simple statistic: bytes and number of mails received and send,
mails by status (received from extern, queued, sent to trend, received from trend, queued, delivered) and mails by problem
(deferred and not sent to scanner (scanner rejected), deferred and not sent to scanner (scanner down), sent to trend, but deferred before,
dereffed and not sent to extern (mta rejected), deferred and not sent to extern (mta down), sent to extern, but deferred befor).
- A logscanner and a scanner for the checkpoint objects file.
- A tool, that parses the registry of the genugate firewall and produces a more human readable output in html.
- A ftp-script for the honeynet.
- Various backupscripts in Perl and Bash.
- Various iptables scrips.
- A script called minilinux to create a small linux out of a huge running system.
- Pigsparty was a small projetct that was never finished. The idea was to convert snort rule sets into iptables rule sets.
- A snort admin interface in php.
- A perlmodule and some programs (e.g. mfl) for the preparation and analysis of longitudinal data with a focus of same domains.
back to top
|
|
| Whats New |
| [2005-02-18] mp3riot version 1.3 released | | [2004-10-08] mp3riot version 1.2 is out. | | [2004-04-30] Added section Bridging | | [2004-01-09] working progress on mp3riot version 1.2 |
|
| There are three new stable kernels available: 3.9.4, 3.4.47,
and 3.0.80. All contain important fixes.
|
| New stable kernels 3.9.4, 3.4.47, and 3.0.80 |
|
| A security issue has been identified in the tool used by the Fedora Project
to create cloud images. "Images generated by this tool, including
Fedora Project ?official? AMIs (Amazon Machine Images), AMIs whose heritage
can be traced to official Fedora AMIs, as well as some images using the AMI
format in non-Amazon clouds, are affected, as described below."The
flaw has been assigned CVE-2013-2069.
|
| Security issue in livecd-tools causes password issue in Fedora cloud images |
|
| Long time Debian developer Ray Dassen died on May 18. "The Debian Project honours Ray's great work and his strong dedication to
Debian and Free Software. His technical knowledge and his ability to
share that knowledge with others will be missed. His contributions will
not be forgotten, and the high standards of his work will continue to
serve as an inspiration to others." |
| Debian Project mourns the loss of Ray Dassen |
|
| Debianhas updated libdmx(multiple
vulnerabilities), libxv(multiple
vulnerabilities), libxvmc(multiple
vulnerabilities), libfixes(multiple
vulnerabilities), libxrender(multiple
vulnerabilities), mesa(multiple
vulnerabilities), xserver-xorg-video-openchrome(multiple
vulnerabilities), libxt(multiple
vulnerabilities), libxcursor(multiple
vulnerabilities), libxext(multiple
vulnerabilities), libxi(multiple
vulnerabilities), libxrandr(multiple
vulnerabilities), libxp(multiple
vulnerabilities), libxcb(multiple
vulnerabilities), libfs(multiple
vulnerabilities), libxres(multiple
vulnerabilities), libxtst(multiple
vulnerabilities), libxxf86dga(multiple
vulnerabilities), libxinerama(multiple
vulnerabilities), libxxf86vm(multiple
vulnerabilities), and libxvmc(regression
in previous update).
openSUSEhas updated kernel(multiple vulnerabilities), firefox(multiple vulnerabilities), and icedtea-web(multiple vulnerabilities).
Red Hathas updated kvm(privilege
escalation).
SUSEhas updated kernel(privilege
escalation).
Ubuntuhas updated kernel(13.04; 12.10;
12.04 LTS: multiple vulnerabilities),
quantal HWE kernel(12.04 LTS:
multiple vulnerabilities), and OMAP4 kernel(12.10: multiple vulnerabilities).
|
| Security advisories for Friday |
|
| X.Org has disclosed a long list of vulnerabilities that have been fixed in
the X Window System client libraries; most of them expose clients to
attacks by a hostile server. "Most of the time X clients & servers
are run by the same user, with the server more privileged from the clients,
so this is not a problem, but there are scenarios in which a privileged
client can be connected to an unprivileged server, for instance, connecting
a setuid X client (such as a screen lock program) to a virtual X server
(such as Xvfb or Xephyr) which the user has modified to return invalid
data, potentially allowing the user to escalate their privileges."There are 30 CVE numbers assigned to these vulnerabilities; expect the
distributor updates to start flowing shortly.
|
| Numerous security issues in X Window System clients |
|
| Sarah Sharp reports
on the responseto the availability of a set of Outreach Program for
Women internships working on the Linux kernel. "As coordinator for
the Linux kernel OPW project, I was really worried about whether applicants
would be able to get patches into the kernel. Everyone knows that kernel
maintainers are the pickiest bastards^Wperfectionists about coding style,
getting the proper Signed-off-by, sending plain text email, etc. I thought
a couple applicants would be able to complete maybe one or two patches,
tops. Boy was I wrong!"In the end, 41 applicants submitted 374
patches to the kernel, of which 137 were accepted.
|
| Sharp: ??Linux Kernel Internships (OPW) Update |
|
| The Qt Blog introduces
"Boot to Qt", which is "a light-weight UI stack for embedded
linux, based on the Qt Framework - Boot to Qt is built on an Android
kernel/baselayer and offers an elegant means of developing beautiful and
performant embedded devices."Access is invitation-only currently;
a release is forecast for sometime around the end of the year.
|
| Introducing Boot to Qt |
|
| Debianhas updated
request-tracker4(eight CVE numbers), and
the kfreebsd kernel(code execution).
Fedorahas updated python-virtualenv(F17, F18:
temporary file and information disclosure vulnerabilities),
krb5(F17, "UDP ping-pong
vulnerability"from 2002), and
nginx(F18: denial of service and
information disclosure).
openSUSEhas updated samba(CIFS
share attribute verification failure).
Oraclehas updated kernel(EL5: denial of service).
Red Hathas updated java-1.5.0-ibm(RHEL5-6: 16 "unspecified"vulnerabilities).
|
| Thursday's security updates |
|
| The LWN.net Weekly Edition for May 23, 2013 is available.
|
| [$] LWN.net Weekly Edition for May 23, 2013 |
|
| Google has announcedthat it will be phasing out the file download feature for projects hosted
on Google Code. "Downloads were implemented by Project Hosting on
Google Code to enable open source projects to make their files available
for public download. Unfortunately, downloads have become a source of abuse
with a significant increase in incidents recently. Due to this increasing
misuse of the service and a desire to keep our community safe and secure,
we are deprecating downloads." |
| Google Code to deprecate downloads |
|
| GigaOM assertsthat Google will be taking over the desktop (regardless of the underlying
operating system) with its Chrome browser. "For many Chrome is just
a browser. For others who use a Chromebox or Chromebook, like myself, it?s
my full-time operating system. The general consensus is that Chrome OS, the
platform used on these devices, can only browse the web and run either
extensions and web apps; something any browser can do. Simply put, the
general consensus is wrong and the signs are everywhere." |
| How Google plans to rule the computing world through Chrome (GigaOM) |
|
| The Electronic Frontier Foundation has sent out a
releaseabout how the US state of Vermont is going on the offensive
against patent trolls. "Not content to strike back against a single
troll, Vermont is also poised to pass a bill dealing with the problem as a
whole. The Vermont House and Senate recently passed a bill to combat 'bad
faith assertions of patent infringement'. And the latest word
is that Vermont's governor is about to sign it into law." |
| EFF: Vermont Is Mad as Hell at Patent Trolls |
|
| Designing an enumeration type (i.e. "enum") for a language may seem like a
straightforward exercise, but the recently "completed"discussions over
Python's PEP 435show that it has a few wrinkles. The discussion spanned several long
threads in two mailing lists
(python-ideas, python-devel) going back to Januaryin this particular
iteration, but the
idea is far older than that. Subscribers can click below for the full
article from this week's edition.
|
| [$] An "enum"for Python 3 |
|
| CentOShas updated kernel(C5:
denial of service).
Fedorahas updated gallery3(F18; F17:
cross-site scripting) and openstack-keystone(F18: multiple
vulnerabilities).
Mandrivahas updated krb5(UDP
ping-pong flaw in kpasswd).
Red Hathas updated kernel(RHEL5:
denial of service).
Scientific Linuxhas updated kernel(SL5: denial of service).
SUSEhas updated java-1_6_0-openjdk(multiple vulnerabilities) and kernel(privilege escalation).
Ubuntuhas updated libtiff(two
vulnerabilities).
|
| Security updates for Wednesday |
|
| While it is not an official Debian release, the Debian GNU/Hurd team has announced the release of Debian GNU/Hurd 2013. GNU Hurd is a Unix-style kernel based on the Mach microkernel and Debian GNU/Hurd makes much of the Debian system available atop that kernel.
Debian GNU/Hurd is currently available for the i386 architecture with more than 10.000 software packages available (more than 75% of the Debian archive, and more to come!).
Please make sure to read the configuration information, the FAQ, and the translator primerto get a grasp of the great features of GNU/Hurd.
Due to the very small number of developers, our progress of the project has not been as fast as other successful operating systems, but we believe to have reached a very decent state, even with our limited resources.
|
| Debian GNU/Hurd 2013 released |
|
|
-->
