Welcome to LinuxSecure
I found some scripts on my workstation that have not been
published and may be interesting for some people. Actually, I will not prepare them for publishing, but you can
contact me, if you are interested in one or more of them.
- A tool for the backup of network components. The script runs as a daemon and can be configured via config files.
It reads in the config files containing the passwords of the components once, so you can store them in a crypt storage.
There exist severeal templates for ssh, scp, telnet. The intention is to make automated backups from router, switches, firewalls etc.
- Postfixanalyser was written for the trendmicro mail virusscanner. You can search for mails and you will get a
status for the found mails: when did the system receive it, when was it working with the mail the last time, whats the status of the
mail, where there any problem while delivering the mail. The second feature was a simple statistic: bytes and number of mails received and send,
mails by status (received from extern, queued, sent to trend, received from trend, queued, delivered) and mails by problem
(deferred and not sent to scanner (scanner rejected), deferred and not sent to scanner (scanner down), sent to trend, but deferred before,
dereffed and not sent to extern (mta rejected), deferred and not sent to extern (mta down), sent to extern, but deferred befor).
- A logscanner and a scanner for the checkpoint objects file.
- A tool, that parses the registry of the genugate firewall and produces a more human readable output in html.
- A ftp-script for the honeynet.
- Various backupscripts in Perl and Bash.
- Various iptables scrips.
- A script called minilinux to create a small linux out of a huge running system.
- Pigsparty was a small projetct that was never finished. The idea was to convert snort rule sets into iptables rule sets.
- A snort admin interface in php.
- A perlmodule and some programs (e.g. mfl) for the preparation and analysis of longitudinal data with a focus of same domains.
back to top
| Whats New|
|[2005-02-18] mp3riot version 1.3 released|
|[2004-10-08] mp3riot version 1.2 is out.|
|[2004-04-30] Added section Bridging|
|[2004-01-09] working progress on mp3riot version 1.2|
|The 4.14-rc6kernel prepatch is out. "rc6 is a bit larger than I was hoping for, and I'm not sure whether
that is a sign that we _will_ need an rc8 after all this release
(which wouldn't be horribly surprising), or whether it's simply due to
timing. I'm going to leave that open for now, so just know that rc8
|Kernel prepatch 4.14-rc6|
|The Linux Foundation has announceda pair of licenses for data that are modeled on the two broad categories of free-software licenses: permissive and copyleft. The Community Data License Agreement(CDLA) comes in two flavors: Sharing that "encourages contributions of data back to the data community"and Permissive that allows the data to be used without any further requirements.
"Inspired by the collaborative software development models of open source software, the CDLA licenses are designed to enable individuals and organizations of all types to share data as easily as they currently share open source software code. Soundly drafted licensing models can help people form communities to assemble, curate and maintain vast amounts of data, measured in petabytes and exabytes, to bring new value to communities of all types, to build new business opportunities and to power new applications that promise to enhance safety and services.
The growth of big data analytics, machine learning and artificial intelligence (AI) technologies has allowed people to extract unprecedented levels of insight from data. Now the challenge is to assemble the critical mass of data for those tools to analyze. The CDLA licenses are designed to help governments, academic institutions, businesses and other organizations open up and share data, with the goal of creating communities that curate and share data openly."|
|Linux Foundation debuts Community Data License Agreement|
|Greg Kroah-Hartman has announced the release of four new stable kernels: 4.13.9, 4.9.58, 4.4.94, and 3.18.77. There are fixes throughout the tree
in them, so users of those series should upgrade.
|Stable kernels 4.13.9, 4.9.58, 4.4.94, and 3.18.77|
|Security updates have been issued by Arch Linux(irssi, musl, and xorg-server), CentOS(httpd and java-1.8.0-openjdk), Debian(libav, ming, and openjfx), Fedora(ImageMagick, libwpd, rubygem-rmagick, and sssd), Gentoo(adobe-flash, chromium, dnsmasq, go, kodi, libpcre, and openjpeg), openSUSE(bluez, exiv2, python3-PyJWT, salt, xen, xerces-j2, and xorg-x11-server), Oracle(java-1.8.0-openjdk and kernel), Red Hat(java-1.8.0-oracle and rh-nodejs4-nodejs), and Scientific Linux(java-1.8.0-openjdk).
|Security updates for Monday|
|Christian Schaller has posted a
list of the Fedora Workstation project's accomplishmentssince its
inception. "Wayland ? We been the biggest contributor since we
joined the effort and have taken the lead on putting in place all the
pieces needed for actually using it on a desktop, including starting to
ship it as our primary offering in Fedora Workstation 25. This includes
putting a lot of effort into ensuring that XWayland works smoothly to
ensure full legacy application support."The list as a whole is quite long.
|Schaller: Looking back at Fedora Workstation so far|
|The 4.14 kernel, due in the first half of November, is moving into the
relatively slow part of the development cycle as of this writing. The time
is thus ripe for a look at the changes that went into this kernel cycle and
how they got there. While 4.14 is a fairly typical kernel development
cycle, there are a couple of aspects that stand out this time around.
|[$] A look at the 4.14 development cycle|
|The upcoming Firefox 57 release presents a challenge to distributors, who
have to decide when and how to ship a major update that will break a bunch
of older extensions. This
Fedora Magazine articledescribes the plan that Fedora has come up with
for this transition. "Users probably shouldn?t 'hold back at FF56 as
my favorite extensions don?t work.' Recall that security fixes only come
from new versions, and they?ll all be WebExtension only. The Extended
Support Release version will also switch to WebExtensions only at the next
release. This date, June 2018, marks the deadline for ESR users to migrate
|Firefox 57 coming soon: a Quantum leap (Fedora Magazine)|
|Security updates have been issued by Arch Linux(chromium), Debian(jackson-databind, libvirt, and mysql-5.5), Fedora(SDL2_image), Mageia(db53, kernel, poppler, and wpa_supplicant, hostapd), Oracle(httpd), Red Hat(ansible, chromium-browser, httpd, java-1.8.0-openjdk, kernel, and kernel-rt), and Scientific Linux(httpd and kernel).
|Security updates for Friday|
|Version 17.01.4 of the LEDE router distribution is available with a number
of important fixes.
"While this release includes fixes for the bugs in the WPA Protocol
disclosed earlier this week, these fixes do not fix the problem on the
client-side. You still need to update all your client devices. As some
client devices might never receive an update, an optional AP-side
workaround was introduced in hostapd to complicate these attacks,
slowing them down."|
|LEDE v17.01.4 service release|
4.1.4 releaseis finally available; see this articlefor some background on this
release. The announcement is all bright and sunny, but a look at the
August 16 Apache board minutesshows concern about the state of
the project. Indeed, the OpenOffice project management committee was,
according to these minutes, supposed to post an announcement about the
state of the project; it would appear that has not yet happened.
|Apache OpenOffice 4.1.4 released|
Samsung press releasedescribing the company's move into the "run Linux
on your phone"space. "Installed as an app, Linux on Galaxy gives
smartphones the capability to run multiple operating systems, enabling
developers to work with their preferred Linux-based distributions on their
mobile devices. Whenever they need to use a function that is not available
on the smartphone OS, users can simply switch to the app and run any
program they need to in a Linux OS environment."|
|Samsung to support Linux distributions on Galaxy handsets|
|The Ubuntu 17.10 release is out. "Under the hood, there have been updates to many core packages, including
a new 4.13-based kernel, glibc 2.26, gcc 7.2, and much more.
Ubuntu Desktop has had a major overhaul, with the switch from Unity as
our default desktop to GNOME3 and gnome-shell. Along with that, there
are the usual incremental improvements, with newer versions of GTK and
Qt, and updates to major packages like Firefox and LibreOffice."See the
release notesfor more information.
|Ubuntu 17.10 (Artful Aardvark) released|
|Security updates have been issued by CentOS(wpa_supplicant), Debian(db, db4.7, db4.8, graphicsmagick, imagemagick, nss, and yadifa), Fedora(ImageMagick, rubygem-rmagick, and upx), Mageia(flash-player-plugin, libxfont, openvpn, ruby, webmin, and wireshark), openSUSE(cacti, git, and upx), Oracle(wpa_supplicant), Red Hat(kernel-rt, rh-nodejs4-nodejs-tough-cookie, rh-nodejs6-nodejs-tough-cookie, and wpa_supplicant), Scientific Linux(wpa_supplicant), and Slackware(libXres, wpa_supplicant, and xorg).
|Security updates for Thursday|
|The LWN.net Weekly Edition for October 19, 2017 is available.
|[$] LWN.net Weekly Edition for October 19, 2017|
|Monday October 16 was not a particularly good day for those who are
even remotely security conscious?or, in truth, even for those who aren't. Two
separate security holes came to light; one probably affects almost all
users of modern technology. The other is more esoteric at some level, but
still serious. In both cases, the code in question is baked into various
devices, which makes itmore difficult to fix; in many cases, the devices
in question may not even have a plausible path toward a fix. Encryption
has been a boon for internet security, but both of these vulnerabilities
have highlighted that there is more to security than simply cryptography.
|[$] KRACK, ROCA, and device insecurity|