Welcome to LinuxSecure
I found some scripts on my workstation that have not been
published and may be interesting for some people. Actually, I will not prepare them for publishing, but you can
contact me, if you are interested in one or more of them.
- A tool for the backup of network components. The script runs as a daemon and can be configured via config files.
It reads in the config files containing the passwords of the components once, so you can store them in a crypt storage.
There exist severeal templates for ssh, scp, telnet. The intention is to make automated backups from router, switches, firewalls etc.
- Postfixanalyser was written for the trendmicro mail virusscanner. You can search for mails and you will get a
status for the found mails: when did the system receive it, when was it working with the mail the last time, whats the status of the
mail, where there any problem while delivering the mail. The second feature was a simple statistic: bytes and number of mails received and send,
mails by status (received from extern, queued, sent to trend, received from trend, queued, delivered) and mails by problem
(deferred and not sent to scanner (scanner rejected), deferred and not sent to scanner (scanner down), sent to trend, but deferred before,
dereffed and not sent to extern (mta rejected), deferred and not sent to extern (mta down), sent to extern, but deferred befor).
- A logscanner and a scanner for the checkpoint objects file.
- A tool, that parses the registry of the genugate firewall and produces a more human readable output in html.
- A ftp-script for the honeynet.
- Various backupscripts in Perl and Bash.
- Various iptables scrips.
- A script called minilinux to create a small linux out of a huge running system.
- Pigsparty was a small projetct that was never finished. The idea was to convert snort rule sets into iptables rule sets.
- A snort admin interface in php.
- A perlmodule and some programs (e.g. mfl) for the preparation and analysis of longitudinal data with a focus of same domains.
back to top
| Whats New|
|[2005-02-18] mp3riot version 1.3 released|
|[2004-10-08] mp3riot version 1.2 is out.|
|[2004-04-30] Added section Bridging|
|[2004-01-09] working progress on mp3riot version 1.2|
|The 4.10-rc4kernel prepatch is out for
testing. "Things are still looking fairly normal, and this is the
usual weekly Sunday rc release. We're up to rc4, and people are clearly
starting to find the regressions. Good, good."|
|Kernel prepatch 4.10-rc4|
|The 4.9.4and 4.4.43stable kernel updates are available;
each contains a relatively large set of important fixes.
|Stable kernels 4.9.4 and 4.4.43|
|Google has postedan overview of its infrastructure security. It includes information about low-level details, such as physical security and secure boot, encryption of data at rest as well as communications between services and to users, keeping employee devices and credentials safe, and more. Undoubtedly there are lessons here for many different organizations. "This document gives an overview of how security is designed into Google?s technical infrastructure. This global scale infrastructure is designed to provide security through the entire information processing lifecycle at Google. This infrastructure provides secure deployment of services, secure storage of data with end user privacy safeguards, secure communications between services, secure and private communication with customers over the internet, and safe operation by administrators.
Google uses this infrastructure to build its internet services, including both consumer services such as Search, Gmail, and Photos, and enterprise services such as G Suite and Google Cloud Platform."|
|Google Infrastructure Security Design Overview|
|Wired coversthe release of Qbsolvas open-source software (under the Apache License v2) by D-Wave, which is a company that makes quantum computing hardware. Qbsolv is "designed to help developers program D-Wave machines without needing a background in quantum physics". Further:
Qbsolv joins a small but growing pool of tools for would-be quantum computer programmers. Last year Scott Pakin of Los Alamos National Laboratory?and one of Qbsolv?s first users?released another free tool called Qmasm, which also eases the burden of writing code for D-Wave machines by freeing developers from having to worry about addressing the underlying hardware. The goal, Ewald says, is to kickstart a quantum computing software tools ecosystem and foster a community of developers working on quantum computing problems. In recent years, open source software has been the best way to build communities of both independent developers and big corporate contributors.
Of course to actually run the software you create with these tools, you?ll need access to one of the very few existing D-Wave machines. In the meantime, you can download a D-Wave simulator that will let you test the software on your own computer. Obviously this won?t be the same as running it on a piece of hardware that uses real quantum particles, but it?s a start.
|Quantum Computing Is Real, and D-Wave Just Open-Sourced It (Wired)|
|Arch Linuxhas updated ark(code
execution), bind(multiple vulnerabilities), docker(privilege escalation), flashplugin(multiple vulnerabilities), irssi(multiple vulnerabilities), lib32-flashplugin(multiple vulnerabilities), and libvncserver(two vulnerabilities).
CentOShas updated java-1.6.0-openjdk(C7; C6; C5: multiple vulnerabilities) and kernel(three vulnerabilities).
Debianhas updated rabbitmq-server(authentication bypass).
Debian-LTShas updated asterisk(two vulnerabilities, one from 2014).
Fedorahas updated docker(F25:
privilege escalation), libgit2(F24: multiple vulnerabilities),
and pcsc-lite(F24: privilege escalation).
Gentoohas updated postgresql(multiple vulnerabilities, two from 2015), runc(privilege escalation), and seamonkey(multiple vulnerabilities).
Mageiahas updated flash-player-plugin(multiple vulnerabilities), php-ZendFramework2(parameter injection), unzip(two vulnerabilities, one from 2014),
and webmin(largely unspecified).
Oraclehas updated java-1.6.0-openjdk(OL7; OL6; OL5: multiple vulnerabilities) kernel 2.6.39(OL6; OL5:multiple vulnerabilities), kernel
3.8.13(OL7; OL6: multiple vulnerabilities), and kernel 4.1.12(OL7; OL6: multiple vulnerabilities).
Red Hathas updated java-1.6.0-openjdk(multiple vulnerabilities).
Scientific Linuxhas updated kernel(SL6: three vulnerabilities).
|Security advisories for Friday|
|Over at Techdirt, Mike Masnick writesabout a libel suit filed against the site: "As you may have heard, last week we were sued for $15 million by Shiva Ayyadurai, who claims to have invented email. We have written, at great length, about his claimsand our opinion ? backed up by detailed and thorough evidence ? that email existed long before Ayyadurai created any software. We believe the legal claims in the lawsuit are meritless, and we intend to fight them and to win.
There is a larger point here. Defamation claims like this can force independent mediacompanies to capitulate and shut down due to mounting legal costs. Ayyadurai's attorney, Charles Harder, has already shown that this model can lead to exactly that result. His efforts helped put a much larger and much more well-resourced company than Techdirt completely out of business."|
|Masnick: Techdirt's First Amendment Fight For Its Life|
|Greg Kroah-Hartman has announced the release of the 4.9.3and 4.4.42stable kernels. As usual, there are
fixes throughout the tree and users of those kernel series should upgrade.
|The 4.9.3 and 4.4.42 stable kernels have been released|
|Debianhas updated bind9(three
vulnerabilities), and python-pysaml2(XML
external entity attack).
Debian-LTShas updated libav(two
Fedorahas updated compat-guile18(F25; F24:
insecure directory creation), mingw-flac(F25: three vulnerabilities from 2015), qpid-java(F25: information disclosure), and
openSUSEhas updated flash-player(13.2: multiple vulnerabilities).
Red Hathas updated memcached(RHMAP4.2: two vulnerabilities).
Slackwarehas updated bind(denial of service), gnutls(multiple
vulnerabilities), and irssi(multiple vulnerabilities).
SUSEhas updated bind(SLE12-SP2,SP1; SLE12; SLE11-SP4,SP3: three vulnerabilities) and flash-player(SLE12-SP1: multiple vulnerabilities).
Ubuntuhas updated bind9(three
vulnerabilities) and libvncserver(two vulnerabilities).
|Thursday's security updates|
|The LWN.net Weekly Edition for January 12, 2017 is available.
|[$] LWN.net Weekly Edition for January 12, 2017|
|The Ansible project is currently posting release candidates for the 2.1.4
and 2.2.1 releases. They fix an important security bug:
"CVE-2016-9587 is rated as HIGH in risk, as a compromised remote
system being managed via Ansible can lead to commands being run on the
Ansible controller (as the user running the ansible or ansible-playbook
command)."Until this release is made, it would make sense to be
especially careful about running Ansible against systems that might have
Update: see this
advisoryfor much more detailed information.
|CVE-2016-9587: an unpleasant Ansible vulnerability|
|The appearance of a "Python 2.8"got the attention of the Python core
developers in early December. It is based on Python 2.7, with
features backported from Python 3.x. In general, there was little
support for the effort?core developers tend to clearly see Python 3 as
the way forward?but no opposition to it either. The Python license makes
it clear that these kinds of efforts are legal and even
encouraged?any real opposition to the project lies in its name.
Subscribers can click below for the full article from this week's edition.
|[$] Python 2.8?|
|Debianhas updated icedove(multiple vulnerabilities).
Debian-LTShas updated tomcat7(information disclosure).
Gentoohas updated bind(denial
of service), botan(two vulnerabilities),
c-ares(code execution), dbus(denial of service), expat(multiple vulnerabilities, one from
2012), flex(code execution), nginx(privilege escalation), ntfs3g(privilege escalation from 2015), p7zip(two code execution flaws), pgbouncer(two vulnerabilities), phpBB(two vulnerabilities), phpmyadmin(multiple vulnerabilities), vim(code execution), and vzctl(insecure ploop-based containers from 2015).
openSUSEhas updated jasper(42.2, 42.1: multiple vulnerabilities).
Oraclehas updated kernel(OL6: three vulnerabilities).
Red Hathas updated flash-plugin(RHEL6: multiple vulnerabilities), kernel(RHEL6.7: code execution), and kernel(RHEL6: three vulnerabilities).
SUSEhas updated freeradius-server(SLE12-SP1,2: insufficient
certificate verification) and LibVNCServer(SLE11-SP4: two vulnerabilities).
Ubuntuhas updated kernel(16.10; 16.04;
14.04; 12.04: multiple vulnerabilities), linux-lts-trusty(12.04: multiple
three vulnerabilities), linux-raspi2(16.10; 16.04:
two vulnerabilities), linux-snapdragon(16.04: two vulnerabilities), linux-ti-omap4(12.04: two vulnerabilities),
and webkit2gtk(16.04: multiple vulnerabilities).
|Security updates for Wednesday|
|Tim Kadlec looks at the
ongoing MongoDB compromisesand how they came to be.
"Before version 2.6.0, that wasn?t true. By default, MongoDB was left
open to remote connections. Authentication is also not required by default,
which means that out of the box installs of MongoDB before version 2.6.0
happily accept unauthenticated remote connections."|
|Kadlec: The MongoDB hack and the importance of secure defaults|
|The digiKam team has announced
the releaseof version 5.4.0 of the digiKam Software Collection, a
photo editing system.
"This version introduces several improvements to the similarity
search engine and a complete re-write of video file support."Under
the hood, digiKam has been fully ported to the QtAV frameworkto handle video and audio files.
|digiKam 5.4.0 is released|
|Synfig Studio 1.2.0, a 2D animation system, has been released.
This version features a completely rewritten render engine and new lipsync
features, along with many improvements and bugfixes.
|Synfig 1.2.0 released|