LINUXsecure_LOGO
Issues on Linux and Security
 
-->
 
 
 
 
 
 
 
home
button Home
 

Welcome to LinuxSecure

I found some scripts on my workstation that have not been published and may be interesting for some people. Actually, I will not prepare them for publishing, but you can contact me, if you are interested in one or more of them.

  • A tool for the backup of network components. The script runs as a daemon and can be configured via config files. It reads in the config files containing the passwords of the components once, so you can store them in a crypt storage. There exist severeal templates for ssh, scp, telnet. The intention is to make automated backups from router, switches, firewalls etc.
  • Postfixanalyser was written for the trendmicro mail virusscanner. You can search for mails and you will get a status for the found mails: when did the system receive it, when was it working with the mail the last time, whats the status of the mail, where there any problem while delivering the mail. The second feature was a simple statistic: bytes and number of mails received and send, mails by status (received from extern, queued, sent to trend, received from trend, queued, delivered) and mails by problem (deferred and not sent to scanner (scanner rejected), deferred and not sent to scanner (scanner down), sent to trend, but deferred before, dereffed and not sent to extern (mta rejected), deferred and not sent to extern (mta down), sent to extern, but deferred befor).
  • A logscanner and a scanner for the checkpoint objects file.
  • A tool, that parses the registry of the genugate firewall and produces a more human readable output in html.
  • A ftp-script for the honeynet.
  • Various backupscripts in Perl and Bash.
  • Various iptables scrips.
  • A script called minilinux to create a small linux out of a huge running system.
  • Pigsparty was a small projetct that was never finished. The idea was to convert snort rule sets into iptables rule sets.
  • A snort admin interface in php.
  • A perlmodule and some programs (e.g. mfl) for the preparation and analysis of longitudinal data with a focus of same domains.


back to top

button Whats New
[2005-02-18] mp3riot version 1.3 released
[2004-10-08] mp3riot version 1.2 is out.
[2004-04-30] Added section Bridging
[2004-01-09] working progress on mp3riot version 1.2
Laszlo Agocs takes a lookat improvements to the basic OpenGL enablers that form the foundation of Qt Quick and the optional OpenGL-based rendering path of QPainter in Qt 5.9. "As explained here, such shader programs will attempt to cache the program binaries on disk using GL_ARB_get_program_binaryor the standard equivalents in OpenGL ES 3.0. When no support is provided by the driver, the behavior is equivalent to the non-cached case. The files are stored in the global or per-process cache location, whichever is writable. The result is a nice boost in performance when a program is created with the same shader sources next time."
Agocs: Boosting performance with shader binary caching in Qt 5.9

Security updates have been issued by Debian(audiofile, jhead, libxslt, samba, suricata, and wordpress), Fedora(openslp), Mageia(icoutils, kdelibs4, and virtualbox), Oracle(icoutils and openjpeg), Red Hat(icoutils and openjpeg), and Ubuntu(audiofile, git, and samba).
Security updates for Thursday

The LWN.net Weekly Edition for March 23, 2017 is available.
[$] LWN.net Weekly Edition for March 23, 2017

GitLab 9.0 has been releasedwith many new features and improvements. "In the last several releases, GitLab has transformed how development teams get from idea to production. In just a few minutes, you can deploy GitLab to a container scheduler, add CI/CD with auto deployed review apps, utilize ChatOps, and analyze your cycle time. With 9.0 you can now watch your deploys with deploy boards and monitor application performance with Prometheus."
GitLab 9.0 Released with Subgroups and Deploy Boards

The NTPsec Project has announced the 0.9.7 release of NTPsec, with assistance from the Mozilla Foundation's "Secure Open Source"initiative. NTPsec is an implementation of the Network Time Protocol (NTP). "NTPsec 0.9.7 incorporates significant improvements in security, accuracy, precision, visualization, and usability, with assistance, contributions, and audits provided by infosec researchers and other technical contributors. For this release, the NTPsec Project worked particularly closely with the Mozilla Foundation's "Secure Open Source"initiative, who funded an infosec audit, and with Cure53.de, who provided the audit."
NTPsec Project announces 0.9.7

The GNOME Project has announced the release of GNOME 3.24, "Portland". "This release is the result of 6 months? hard work by the GNOME community. It contains major new features such as night light, as well as many smaller improvements and bug fixes. GNOME's existing applications have been improved and there is also a new Recipes app. Improvements to our platform include refined notifications and several revamped settings panels."
GNOME 3.24 released

Greg Kroah-Hartman has released stable kernels 4.10.5, 4.9.17, and 4.4.56. All of them contain important fixes and users should upgrade.
Stable kernel updates

Security updates have been issued by Arch Linux(irssi), Fedora(qemu), openSUSE(mbedtls), and Ubuntu(eglibc, glibc).
Security updates for Wednesday

In a morning plenary session on the first day of the 2017 Linux Storage, Filesystem, and Memory-Management Summit, Jérôme Glisse led a discussion on memory that cannot be addressed by the CPU because it lives in devices like GPUs or FPGAs. There is often a substantial pile of memory on these devices and it can be accessed much more quickly by the devices than the system RAM can be. Making it easier for user-space programmers to use that memory transparently is the goal of the heterogeneous memory management (HMM) patchesthat Glisse has been working on.
[$] Unaddressable device memory

Matthew Garrett announcesa new, hopefully more efficient process for reviewing bootloaders to be used with Shimin UEFI secure boot systems. "To that end, we're adopting a new model. A mailing list has been created at shim-review@lists.freedesktop.org, and members of this list will review submissions and provide a recommendation to Microsoft on whether these should be signed or not."
Garrett: A new Shim review process

The Android Developers Blog introduces the first developer previewof Android O. This version includes background limits, notification channels, autofill APIs, PIP for handsets, font resources in XML, adaptive icons, and much more. "Building on the work we began in Nougat, Android O puts a big priority on improving a user's battery life and the device's interactive performance. To make this possible, we've put additional automatic limits on what apps can do in the background, in three main areas: implicit broadcasts, background services, and location updates. These changes will make it easier to create apps that have minimal impact on a user's device and battery. Background limits represent a significant change in Android, so we want every developer to get familiar with them."
O-MG, the Developer Preview of Android O is here! (Android Developers Blog)

KDevelop is KDE's Integrated Development Environment (IDE). Version 5.1 has been releasedwith LLDB support, Analyzer run mode, initial OpenCL language support, improved Python language support, and more.
KDevelop 5.1.0 released

Red Hat has announced the releaseof Red Hat Enterprise Linux 6.9. "Red Hat Enterprise Linux 6.9 delivers new hardware support developed in collaboration with Red Hat partners which helps to provide a smooth transition of Red Hat Enterprise Linux 6 production deployments to Red Hat Enterprise Linux 7 environments. Additionally, Red Hat Enterprise Linux 6.9 adds updates to TLS 1.2 to further enhance secure communications and provide broader support for the latest PCI-DSS standards, better equipping enterprises to offer more secure online transactions."
Red Hat Enterprise Linux 6.9 released

Security updates have been issued by Debian(sitesummary), Fedora(jasper, knot-resolver, R, rkward, rpm-ostree, rpy, w3m, and xen), openSUSE(firefox), Red Hat(bash, coreutils, glibc, gnutls, kernel, libguestfs, ocaml, openssh, qemu-kvm, quagga, samba, samba4, subscription-manager, tigervnc, and wireshark), and Ubuntu(eglibc, glibc, firefox, freetype, gnutls26, NVIDIA graphics, and nvidia-graphics-drivers-375).
Security updates for Tuesday

The opening session of the 2017 Linux Storage, Filesystem, and Memory-Management Summit covered a familiar topic: how to represent (possibly massive) persistent-memory arrays to various subsystems in the kernel. This session, led by Dan Williams, focused in particular on the ZONE_DEVICEabstraction and whether the kernel should use pagestructures to represent persistent memory or not.
[$] ZONE_DEVICE and the future of struct page

SAP GUI CVE-2017-6950 Remote Code Execution Vulnerability
Vuln: SAP GUI CVE-2017-6950 Remote Code Execution Vulnerability

NetIQ Access Manager CVE-2016-5758 Cross Site Request Forgery Vulnerability
Vuln: NetIQ Access Manager CVE-2016-5758 Cross Site Request Forgery Vulnerability

pngdefry 'pngdefry.c' Heap Based Buffer Overflow Vulnerability
Vuln: pngdefry 'pngdefry.c' Heap Based Buffer Overflow Vulnerability

W3C High Resolution Time API CVE-2017-5928 Security Vulnerability
Vuln: W3C High Resolution Time API CVE-2017-5928 Security Vulnerability

[SECURITY] [DSA 3816-1] samba security update
Bugtraq: [SECURITY] [DSA 3816-1] samba security update

APPLE-SA-2017-03-22-1 iTunes for Windows 12.6
Bugtraq: APPLE-SA-2017-03-22-1 iTunes for Windows 12.6

SEC Consult SA-20170322-0 :: Multiple vulnerabilities in Solare Datensysteme Solar-Log devices
Bugtraq: SEC Consult SA-20170322-0 :: Multiple vulnerabilities in Solare Datensysteme Solar-Log devices

Defense in depth -- the Microsoft way (part 47): "AppLocker bypasses are not serviced via monthly security roll-ups"
Bugtraq: Defense in depth -- the Microsoft way (part 47): "AppLocker bypasses are not serviced via monthly security roll-ups"

News, Infocus, Columns, Vulnerabilities, Bugtraq ...
More rss feeds from SecurityFocus

-->