LINUXsecure_LOGO
Issues on Linux and Security
 
-->
 
 
 
 
 
 
 
home
button Home
 

Welcome to LinuxSecure

I found some scripts on my workstation that have not been published and may be interesting for some people. Actually, I will not prepare them for publishing, but you can contact me, if you are interested in one or more of them.

  • A tool for the backup of network components. The script runs as a daemon and can be configured via config files. It reads in the config files containing the passwords of the components once, so you can store them in a crypt storage. There exist severeal templates for ssh, scp, telnet. The intention is to make automated backups from router, switches, firewalls etc.
  • Postfixanalyser was written for the trendmicro mail virusscanner. You can search for mails and you will get a status for the found mails: when did the system receive it, when was it working with the mail the last time, whats the status of the mail, where there any problem while delivering the mail. The second feature was a simple statistic: bytes and number of mails received and send, mails by status (received from extern, queued, sent to trend, received from trend, queued, delivered) and mails by problem (deferred and not sent to scanner (scanner rejected), deferred and not sent to scanner (scanner down), sent to trend, but deferred before, dereffed and not sent to extern (mta rejected), deferred and not sent to extern (mta down), sent to extern, but deferred befor).
  • A logscanner and a scanner for the checkpoint objects file.
  • A tool, that parses the registry of the genugate firewall and produces a more human readable output in html.
  • A ftp-script for the honeynet.
  • Various backupscripts in Perl and Bash.
  • Various iptables scrips.
  • A script called minilinux to create a small linux out of a huge running system.
  • Pigsparty was a small projetct that was never finished. The idea was to convert snort rule sets into iptables rule sets.
  • A snort admin interface in php.
  • A perlmodule and some programs (e.g. mfl) for the preparation and analysis of longitudinal data with a focus of same domains.


back to top

button Whats New
[2005-02-18] mp3riot version 1.3 released
[2004-10-08] mp3riot version 1.2 is out.
[2004-04-30] Added section Bridging
[2004-01-09] working progress on mp3riot version 1.2
Systemd v239 has been released with a long list of changes; click below for the full set. "A new system.conf setting NoNewPrivileges= is now available which may be used to turn off acquisition of new privileges system-wide (i.e. set Linux' PR_SET_NO_NEW_PRIVS for PID 1 itself, and thus also for all its children). Note that turning this option on means setuid binaries and file system capabilities lose their special powers. While turning on this option is a big step towards a more secure system, doing so is likely to break numerous pre-existing UNIX tools, in particular su and sudo."
Systemd v239 released

Version 5.28.0 of the Perl language has been released. "Perl 5.28.0 represents approximately 13 months of development since Perl 5.26.0 and contains approximately 730,000 lines of changes across 2,200 files from 77 authors". The full list of changes can be found over here; some highlights include Unicode 10.0 support, string- and number-specific bitwise operators, a change to more secure hash functions, and safer in-place editing.
Perl 5.28.0 released

The second 4.18 kernel prepatchis out for testing. "Anyway, it's early in the rc series yet, but things look fairly normal."
Kernel prepatch 4.18-rc2

A new archive of linux-kernel mailing list (LKML) posts going back to 1998 is now available at lore.kernel.org. It is based on public-inbox(which we looked atback in February. Among other things, public-inbox allows retrieving the entire archive via Git: "Git clone URLs are provided at the bottom of each page. Note, that due to its volume, the LKML archive is sharded into multiple repositories, each roughly 1GB in size. In addition to cloning from lore.kernel.org, you may also access these repositories on git.kernel.org."The full announcement, which includes information about a new Patchwork instanceas well as ways to link into the new archive, can be found on kernel.org.
LKML archives on lore.kernel.org

Security updates have been issued by Debian(php-horde-image), openSUSE(kernel), Scientific Linux(git), SUSE(bluez, kernel, mariadb, and mariadb, mariadb-connector-c, xtrabackup), and Ubuntu(openjdk-7).
Security updates for Friday

On his blog, James Bottomley looksat the value proposition for various types of cloud deployments. In particular, he compares the vertical and horizontal attack profile (VAP and HAP) of four different models: separate servers, separate logins on a single server, virtual machines, and containers. He finds the container story to be compelling: "The total VAP here is identical to that of physical infrastructure. However, the Tenant component is much smaller (the kernel accounting for around 50% of all vulnerabilities). It is this reduction in the Tenant VAP that makes containers so appealing: the CSP [cloud service provider] is now responsible for monitoring and remediating about half of the physical system VAP which is a great improvement for the Tenant. Plus when the CSP remediates on the host, every container benefits at once, which is much better than having to crack open every virtual machine image to do it. Best of all, the Tenant images don?t have to be modified to benefit from these fixes, simply running on an updated CSP host is enough. However, the cost for this is that the HAP is the entire linux kernel syscall interface meaning the HAP is much larger than then hypervisor virtual infrastructure case because the latter benefits from interface narrowing to only the hypercalls (qualitatively, assuming the hypercall interface is ~30 calls and the syscall interface is ~300 calls, then the HAP is 10x larger in the container case than the hypervisor case); however, thanks to protections from the kernel namespace code, the HAP isless than the shared login server case. Best of all, from the Tenant point of view, this entire HAP cost is borne by the CSP, which makes this an incredible deal: not only does the Tenant get a significant reduction in their VAP but the CSP is hugely motivated to keep on top of all vulnerabilitiesin their part of the VAP and remediate very fast because of the business implications of a successful horizontal attack."
Bottomley: Containers and Cloud Security

Security updates have been issued by openSUSE(cobbler and matrix-synapse), Oracle(git), Red Hat(git), SUSE(java-1_7_1-ibm, nagios-nrpe, and ntp), and Ubuntu(AMD microcode).
Security updates for Thursday

The LWN.net Weekly Edition for June 21, 2018 is available.
[$] LWN.net Weekly Edition for June 21, 2018

Stable kernels 4.16.17and 4.14.51have been released with lots of fixes throughout the tree. Users should upgrade.
Two stable kernel updates

A two-part session at the 2018 Python Language Summit tackled the core developer diversity problem from two different angles. Victor Stinner outlined some work he has been doing to mentor new developers on their path toward joining the core development ranks; he has also been trying to document that path. Mariatta Wijaya gave a very personal talk that described the diversity problem while also providing some concrete action items that the project and individuals could take to help make Python more welcoming to minorities.
[$] Mentoring and diversity for Python

In a session with a title that used a common misquoteof Rodney King ("can't we all just get along?"), several Python developers wanted to discuss an incident that had recently occurred on the python-dev mailing list. A rude posting to the list led to a thread that got somewhat out of control. Some short tempers among the members of the Python developer community likely escalated things unnecessarily. The incident in question was brought up as something of an object lesson; people should take some time to simmer down before firing off that quick, but perhaps needlessly confrontational, reply.
[$] Getting along in the Python community

The "PEP 572 mess"was the topic of a 2018 Python Language Summit session led by benevolent dictator for life (BDFL) Guido van Rossum. PEP 572seeks to add assignment expressions (or "inline assignments") to the language, but it has seen a prolonged discussion over multiple huge threads on the python-dev mailing list?even after multiple rounds on python-ideas. Those threads were often contentious and were clearly voluminous to the point where many probably just tuned them out. At the summit, Van Rossum gave an overview of the feature proposal, which he seems inclined toward accepting, but he also wantedto discuss how to avoid this kind of thread explosion in the future.
[$] PEP 572 and decision-making in Python

Matthew Miller looks at how Red Hat's acquisition of CoreOS will affect the Fedora project. "This isn?t the place for technical details ? see ?what next?? at the bottom of this message for more. I expect that over the next year or so, Fedora Atomic Host will be replaced by a new thing combining the best from Container Linux and Project Atomic. This new thing will be ?Fedora CoreOS? and serve as the upstream to Red Hat CoreOS."
Welcome to Fedora CoreOS

Security updates have been issued by Arch Linux(pass), Debian(xen), Fedora(chromium, cobbler, gnupg, kernel, LibRaw, mariadb, mingw-libtiff, nikto, and timidity++), Gentoo(chromium, curl, and transmission), Mageia(gnupg, gnupg2, librsvg, poppler, roundcubemail, and xdg-utils), Red Hat(ansible and glusterfs), Slackware(gnupg), SUSE(cobbler, dwr, java-1_8_0-ibm, kernel, microcode_ctl, pam-modules, salt, slf4j, and SMS3.1), and Ubuntu(libgcrypt11, libgcrypt11, libgcrypt20, and mozjs52).
Security updates for Wednesday

Security updates have been issued by Arch Linux(libgcrypt), Fedora(bouncycastle, nodejs, and perl-Archive-Tar), openSUSE(aubio), and Red Hat(chromium-browser, glibc, kernel, kernel-rt, libvirt, pcs, samba, samba4, sssd and ding-libs, and zsh).
Security updates for Tuesday

Multiple CPU Hardware CVE-2017-5715 Information Disclosure Vulnerability
Vuln: Multiple CPU Hardware CVE-2017-5715 Information Disclosure Vulnerability

Delta Industrial Automation COMMGR CVE-2018-10594 Stack Based Buffer Overflow Vulnerability
Vuln: Delta Industrial Automation COMMGR CVE-2018-10594 Stack Based Buffer Overflow Vulnerability

Multiple Rockwell Automation Products CVE-2017-9312 Remote Denial of Service Vulnerability
Vuln: Multiple Rockwell Automation Products CVE-2017-9312 Remote Denial of Service Vulnerability

Oracle Outside In Technology CVE-2018-2806 Remote Security Vulnerability
Vuln: Oracle Outside In Technology CVE-2018-2806 Remote Security Vulnerability

FreeBSD Security Advisory FreeBSD-SA-18:07.lazyfpu
Bugtraq: FreeBSD Security Advisory FreeBSD-SA-18:07.lazyfpu

[SECURITY] [DSA 4232-1] xen security update
Bugtraq: [SECURITY] [DSA 4232-1] xen security update

[slackware-security] gnupg (SSA:2018-170-01)
Bugtraq: [slackware-security] gnupg (SSA:2018-170-01)

XSS in Canopy login page
Bugtraq: XSS in Canopy login page

News, Infocus, Columns, Vulnerabilities, Bugtraq ...
More rss feeds from SecurityFocus

-->