Welcome to LinuxSecure
I found some scripts on my workstation that have not been
published and may be interesting for some people. Actually, I will not prepare them for publishing, but you can
contact me, if you are interested in one or more of them.
- A tool for the backup of network components. The script runs as a daemon and can be configured via config files.
It reads in the config files containing the passwords of the components once, so you can store them in a crypt storage.
There exist severeal templates for ssh, scp, telnet. The intention is to make automated backups from router, switches, firewalls etc.
- Postfixanalyser was written for the trendmicro mail virusscanner. You can search for mails and you will get a
status for the found mails: when did the system receive it, when was it working with the mail the last time, whats the status of the
mail, where there any problem while delivering the mail. The second feature was a simple statistic: bytes and number of mails received and send,
mails by status (received from extern, queued, sent to trend, received from trend, queued, delivered) and mails by problem
(deferred and not sent to scanner (scanner rejected), deferred and not sent to scanner (scanner down), sent to trend, but deferred before,
dereffed and not sent to extern (mta rejected), deferred and not sent to extern (mta down), sent to extern, but deferred befor).
- A logscanner and a scanner for the checkpoint objects file.
- A tool, that parses the registry of the genugate firewall and produces a more human readable output in html.
- A ftp-script for the honeynet.
- Various backupscripts in Perl and Bash.
- Various iptables scrips.
- A script called minilinux to create a small linux out of a huge running system.
- Pigsparty was a small projetct that was never finished. The idea was to convert snort rule sets into iptables rule sets.
- A snort admin interface in php.
- A perlmodule and some programs (e.g. mfl) for the preparation and analysis of longitudinal data with a focus of same domains.
back to top
| Whats New|
|[2005-02-18] mp3riot version 1.3 released|
|[2004-10-08] mp3riot version 1.2 is out.|
|[2004-04-30] Added section Bridging|
|[2004-01-09] working progress on mp3riot version 1.2|
|In the performance-conscious world of high-speed networking, anything that
can be done to avoid copying packet data is welcome. The MSG_ZEROCOPYfeatureadded in 4.14
enables zero-copy transmission of data, but does not address the receive
side of the equation. It now appears that the 4.18 kernel will include a zero-copy receive mechanismby Eric Dumazet
to close that gap, at least for some relatively specialized applications.
|[$] Zero-copy TCP receive|
|Stable kernels 4.16.3, 4.15.18, and 4.14.35have been released. This is the last
4.15.y kernel and users should move to 4.16.y.
|Stable kernel updates|
|Security updates have been issued by Debian(opencv and wireshark), Fedora(corosync and pcs), Oracle(firefox, kernel, libvncserver, and libvorbis), Slackware(gd), SUSE(kernel), and Ubuntu(apache2).
|Security updates for Thursday|
|The LWN.net Weekly Edition for April 19, 2018 is available.
|[$] LWN.net Weekly Edition for April 19, 2018|
|It is normally the grumpy editor's job to look
at accounting software; he does so with an eye toward getting the business off of the
proprietary QuickBooks application and moving to something free. It may be
that Beancountdeserves a look of
that nature before too long but, in the meantime, a slightly less grumpy
editor has been messing with this text-based accounting tool for a variety
of much smaller projects. It is an interesting system, with a lot of
capabilities, but its reliance on hand-rolling for various pieces
may scare some folks off.
|[$] Counting beans?and more?with Beancount|
|The release of pip 10.0 has been announced. Some highlights of this
release include the removal of Python 2.6 support, limited PEP 518support (with
more to come), a new "pip config"command, and other improvements.
|Pip 10.0 has been released|
|The new PyPIhas been launched. Browser
traffic and API calls (including "pip install") have been redirected from
the old pypi.python.org to the new site. The old PyPI will shut down on
April 30. LWN coveredthe new PyPI last week.
|New PyPI launched|
|Developers of database management systems are, by necessity, concerned
about getting data safely to persistent storage. So when the PostgreSQL
community found out that the way the kernel handles I/O errors could result
in data being lost without any errors being reported to user space, a fair
amount of unhappiness resulted. The problem, which is exacerbated by the
way PostgreSQL performs buffered I/O, turns out not to be unique to Linux,
and will not be easy to solve even there.
|[$] PostgreSQL's fsync() surprise|
|Security updates have been issued by Debian(freeplane and jruby), Fedora(kernel and python-bleach), Gentoo(evince, gdk-pixbuf, and ncurses), openSUSE(kernel), Oracle(gcc, glibc, kernel, krb5, ntp, openssh, openssl, policycoreutils, qemu-kvm, and xdg-user-dirs), Red Hat(corosync, glusterfs, kernel, and kernel-rt), SUSE(openssl), and Ubuntu(openssl and perl).
|Security updates for Wednesday|
|Security updates have been issued by Debian(corosync, linux-tools, qemu, qemu-kvm, and r-cran-readxl), openSUSE(evince, memcached, nodejs4, ntp, pdns-recursor, python-gunicorn, python3-gunicorn, and python3), and Ubuntu(ruby1.9.1, ruby2.0, ruby2.3).
|Security updates for Tuesday|
|Microsoft has issued a
press releasedescribing the security dangers involved with the
Internet of things ("a weaponized stove, baby monitors that spy, the
contents of your refrigerator being held for ransom") and introducing
"Microsoft Azure Sphere"as a combination of hardware and software to
address the problem. "Unlike the RTOSes common to MCUs today, our
defense-in-depth IoT OS offers multiple layers of security. It combines
security innovations pioneered in Windows, a security monitor, and a custom
Linux kernel to create a highly-secured software environment and a
trustworthy platform for new IoT experiences."|
|Introducing Microsoft Azure Sphere|
|Alpine Linux-based postmarketOS is touch-optimized and pre-configured for
installation on smartphones and other mobile devices. The postmarketOS
postmarketOS-lowlevelwhich is a community project aimed at creating
free bootloaders and cellular modem firmware, currently focused on MediaTek
phones. "But before we get started, please keep in mind that these
are moon shots. So while there is some little progress, it's mostly about
letting fellow hackers know what we've tried and what we're up to, in the
hopes of attracting more interested talent to our cause. After all, our
philosophy is to keep the community informed and engaged during the
|Security updates have been issued by Arch Linux(lib32-openssl and zsh), Debian(patch, perl, ruby-loofah, squirrelmail, tiff, and tiff3), Fedora(gnupg2), Gentoo(go), Mageia(firefox, flash-player-plugin, nxagent, puppet, python-paramiko, samba, and thunderbird), Red Hat(flash-plugin), Scientific Linux(python-paramiko), and Ubuntu(patch, perl, and ruby).
|Security updates for Monday|
|Version 1.10 of the Subversion version-control system is out.
Improvements include a new interactive resolver for merge conflicts, better
path-based authorization, LZ4 compression, and more; see the
release notesfor details.
|Apache Subversion 1.10.0 released|
|By the time the 4.17 merge window was closed and 4.17-rc1was
released, 11,769 non-merge changesets had been pulled into the
mainline repository. 4.17 thus looks to be a typically busy development
cycle, with a merge window only slightly more busy than 4.16 had.
Some 6,000 of those changes were pulled after last week's summarywas written. There was a
lot of the usual maintenance work in those patches (over 10% of those
changes were to device-tree files, for example), but also some more
|[$] The second half of the 4.17 merge window|