Welcome to LinuxSecure
I found some scripts on my workstation that have not been
published and may be interesting for some people. Actually, I will not prepare them for publishing, but you can
contact me, if you are interested in one or more of them.
- A tool for the backup of network components. The script runs as a daemon and can be configured via config files.
It reads in the config files containing the passwords of the components once, so you can store them in a crypt storage.
There exist severeal templates for ssh, scp, telnet. The intention is to make automated backups from router, switches, firewalls etc.
- Postfixanalyser was written for the trendmicro mail virusscanner. You can search for mails and you will get a
status for the found mails: when did the system receive it, when was it working with the mail the last time, whats the status of the
mail, where there any problem while delivering the mail. The second feature was a simple statistic: bytes and number of mails received and send,
mails by status (received from extern, queued, sent to trend, received from trend, queued, delivered) and mails by problem
(deferred and not sent to scanner (scanner rejected), deferred and not sent to scanner (scanner down), sent to trend, but deferred before,
dereffed and not sent to extern (mta rejected), deferred and not sent to extern (mta down), sent to extern, but deferred befor).
- A logscanner and a scanner for the checkpoint objects file.
- A tool, that parses the registry of the genugate firewall and produces a more human readable output in html.
- A ftp-script for the honeynet.
- Various backupscripts in Perl and Bash.
- Various iptables scrips.
- A script called minilinux to create a small linux out of a huge running system.
- Pigsparty was a small projetct that was never finished. The idea was to convert snort rule sets into iptables rule sets.
- A snort admin interface in php.
- A perlmodule and some programs (e.g. mfl) for the preparation and analysis of longitudinal data with a focus of same domains.
back to top
| Whats New|
|[2005-02-18] mp3riot version 1.3 released|
|[2004-10-08] mp3riot version 1.2 is out.|
|[2004-04-30] Added section Bridging|
|[2004-01-09] working progress on mp3riot version 1.2|
|While distribution-hopping is common among newcomers to Linux, longtime
users tend to settle into a distribution they like and stay put
thereafter. In the end, Linux distributions are more alike than different,
and one's time is better spent getting real work done rather than looking
for a shinier version of the operating system. Your editor, however,
somehow never got that memo; that's what comes from ignoring Twitter,
perhaps. So there is a new distribution on the main desktop machine; this
time around it's openSUSE Tumbleweed.
|[$] Trying out openSUSE Tumbleweed|
|Nextcloud 10 has been releasedwith new features for system administrators to control and direct the flow
of data between users on a Nextcloud server. "Rule based file tagging and responding to these tags as well as other triggers like physical location, user group, file properties and request type enables administrators to specifically deny access to, convert, delete or retain data following business or legal requirements. Monitoring, security, performance and usability improvements complement this release, enabling larger and more efficient Nextcloud installations."|
|Nextcloud 10 released|
|The Maru OS handset distribution that includes an Ubuntu desktop (reviewed herein April) is finally available
in source form. "If you're interested in contributing in general, please check out the
project's GitHub (https://github.com/maruos/maruos),
get up and running with the developer guide (https://github.com/maruos/maruos/wiki/Developer-Guide),
and join the developer group (https://groups.google.com/forum/#!forum/maru-os-dev)"|
|The long-awaited Maru OS source release|
|Arch Linuxhas updated mediawiki(multiple vulnerabilities).
CentOShas updated java-1.6.0-openjdk(C7; C6; C5: multiple vulnerabilities).
Debianhas updated flex(code
vulnerabilities), quagga(two vulnerabilities), and rails(cross-site scripting).
Fedorahas updated gnupg(F24:
flawed random number generation), openvpn(F24: information disclosure), and rubygem-actionview(F24; F23: cross-site scripting).
Red Hathas updated java-1.6.0-openjdk(RHEL5,6,7: multiple vulnerabilities).
Scientific Linuxhas updated java-1.6.0-openjdk(SL5,6,7: multiple vulnerabilities).
|Security advisories for Friday|
|Version 1.1.0 of the OpenSSL TLS library is available. A list of changes
can be found on this page;
they include a new threading API, a number of new algorithms and the
removal of a number of older ones, pipelining(parallel processing) support, extended
master secretsupport, and more.
|OpenSSL 1.1.0 released|
|Lubomir Rintel takes
a lookat new features in NetworkManager 1.4. "It is now possible to randomize the MAC address of Ethernet devices to mitigate possibility of tracking. The users can choose between different policies; use a completely random address, or just use different addresses in different networks. For Wi-Fi devices, the same randomization modes are now supported and does no longer require support from wpa-supplicant."Also a newly added API for using configuration snapshots that automatically
roll back after a timeout, IPv6 tokenized interface identifiers can be
configured, new features in nmcli, and more are covered. (Thanks
to Paul Wise)
|Rintel: NetworkManager 1.4: with better privacy and easier to use|
|Fedorahas updated eog(F23: out-of-bounds write).
openSUSEhas updated ImageMagick(Leap42.1: three vulnerabilities).
Red Hathas updated qemu-kvm-rhev(RHOSP9: two vulnerabilities) and Red Hat
OpenShift Enterprise 2.2.10(RHOSE: multiple vulnerabilities).
Ubuntuhas updated eog(out-of-bounds write), harfbuzz(16.04,
14.04: two vulnerabilities), and libidn(multiple vulnerabilities).
|Thursday's security updates|
|The LWN.net Weekly Edition for August 25, 2016 is available.
|[$] LWN.net Weekly Edition for August 25, 2016|
|On August 25, 1991, an obscure student in Finland named Linus Benedict
a messageto the comp.os.minix Usenet newsgroup saying that he was
working on a free operating system as a project to learn about the x86
architecture. He cannot possibly have known that he was launching a
project that would change the computing industry in fundamental ways.
Twenty-five years later, it is fair to say that none of us foresaw where
Linux would go ? a lesson that should be taken to heart when trying to
imagine where it might go from here.
|[$] 25 Years of Linux ? so far|
|The Gentoo community is mourning
the loss of Jonathan Portnoy. "Jon was an active member of the
International Gentoo community, almost since its founding in 1999. He was
still active until his last day. His passing has struck us deeply and with
disbelief. We all remember him as a vivid and enjoyable person, easy to
reach out to and energetic in all his endeavors."|
|In Memory of Jonathan ?avenj? Portnoy|
|CentOShas updated kernel(C6: TCP injection).
Debian-LTShas updated libgcrypt11(flawed random number generation).
Fedorahas updated eog(F24:
kernel(F23: use-after-free), mariadb(F23: multiple vulnerabilities), mingw-lcms2(F24: heap memory leak), postgresql(F23: multiple vulnerabilities), and python(F23: proxy injection).
openSUSEhas updated libidn(Leap 42.1: multiple vulnerabilities) and kernel(13.2: multiple vulnerabilities).
Oraclehas updated kernel(O6: TCP injection).
Red Hathas updated kernel(RHEL 7.1: multiple vulnerabilities; RHEL6: TCP injection)
and qemu-kvm-rhev(RHOSP8: multiple vulnerabilities).
Scientific Linuxhas updated kernel(SL6: TCP injection).
Slackwarehas updated gnupg(flawed random number generation), kernel(14.2: TCP injection), and libgcrypt(flawed random number generation).
|Wednesday's security updates|
|Version 5.0.0 of the KDevelop integrated development environment (IDE) has been released, marking the end of a two-year development cycle. The highlight is a move to Clang for C and C++ support: "The most prominent change certainly is the move away from our own, custom C++ analysis engine. Instead, C and C++ code analysis is now performed by clang."The announcement goes on to describe other benefits of using Clang, such as more accurate diagnostics and suggested fixes for many syntax errors. KDevelop has also been ported to KDE Frameworks 5 and Qt 5, which opens up the possibility of Windows releases down the line.
|KDevelop 5.0 released|
|Arch Linuxhas updated libgcrypt(information disclosure).
Fedorahas updated kernel(F24: use-after-free vulnerability), pagure(F24: cross-site scripting), and postgresql(F24: multiple vulnerabilities).
Red Hathas updated qemu-kvm-rhev(RHEL7 OSP5; RHEL7 OSP7; RHEL6 OSP5; RHEL7 OSP6:
SUSEhas updated MozillaFirefox(SLE12: multiple vulnerabilities).
|Tuesday's security updates|
|Google has announcedthat the Android 7.0 release has started rolling out to recent-model Nexus
devices. "It introduces a brand new JIT/AOT compiler to improve
software performance, make app installs faster, and take up less
storage. It also adds platform support for Vulkan, a low-overhead,
cross-platform API for high-performance, 3D graphics. Multi-Window support
lets users run two apps at the same time, and Direct Reply so users can
reply directly to notifications without having to open the app. As always,
Android is built with powerful layers of security and encryption to keep
your private data private, so Nougat brings new features like File-based
encryption, seamless updates, and Direct Boot."See this pagefor a video-heavy description of new features.
|Android 7.0 "Nougat"released|
|Greg Kroah-Hartman has announced the release of the 4.7.2, 4.4.19,
and 3.14.77stable kernels. As usual, they
contain fixes throughout the tree and users of those series should upgrade.
|Stable kernels 4.7.2, 4.4.19, and 3.14.77|