LINUXsecure_LOGO
Issues on Linux and Security
 
-->
 
 
 
 
 
 
 
home
button Home
 

Welcome to LinuxSecure

I found some scripts on my workstation that have not been published and may be interesting for some people. Actually, I will not prepare them for publishing, but you can contact me, if you are interested in one or more of them.

  • A tool for the backup of network components. The script runs as a daemon and can be configured via config files. It reads in the config files containing the passwords of the components once, so you can store them in a crypt storage. There exist severeal templates for ssh, scp, telnet. The intention is to make automated backups from router, switches, firewalls etc.
  • Postfixanalyser was written for the trendmicro mail virusscanner. You can search for mails and you will get a status for the found mails: when did the system receive it, when was it working with the mail the last time, whats the status of the mail, where there any problem while delivering the mail. The second feature was a simple statistic: bytes and number of mails received and send, mails by status (received from extern, queued, sent to trend, received from trend, queued, delivered) and mails by problem (deferred and not sent to scanner (scanner rejected), deferred and not sent to scanner (scanner down), sent to trend, but deferred before, dereffed and not sent to extern (mta rejected), deferred and not sent to extern (mta down), sent to extern, but deferred befor).
  • A logscanner and a scanner for the checkpoint objects file.
  • A tool, that parses the registry of the genugate firewall and produces a more human readable output in html.
  • A ftp-script for the honeynet.
  • Various backupscripts in Perl and Bash.
  • Various iptables scrips.
  • A script called minilinux to create a small linux out of a huge running system.
  • Pigsparty was a small projetct that was never finished. The idea was to convert snort rule sets into iptables rule sets.
  • A snort admin interface in php.
  • A perlmodule and some programs (e.g. mfl) for the preparation and analysis of longitudinal data with a focus of same domains.


back to top

button Whats New
[2005-02-18] mp3riot version 1.3 released
[2004-10-08] mp3riot version 1.2 is out.
[2004-04-30] Added section Bridging
[2004-01-09] working progress on mp3riot version 1.2
Back in mid-1997, your editor (Jonathan Corbet) and Liz Coolbaugh were engaged in a long-running discussion on how to trade our nice, stable, reliably paying jobs for a life of uncertainty, poverty, and around-the-clock work. Not that we thought of it in those terms, naturally. We eventually settled on joining Red Hat's nascent "support partner"program; while we were waiting for it to get started, we decided to start a weekly newsletter as a side project ? not big and professional like the real press ? to establish ourselves in the community. Thus began an amazing journey that has just completed its 20th year.
20 Years of LWN

As might have been expected from watching the commit stream, the 4.15 kernel is not ready for release, so we'll get 4.15-rc9 instead. Linus said: "I really really wanted to just release 4.15 today, but things haven't calmed down enough for me to feel comfy about it, and Davem tells me he still has some networking fixes pending. Laura Abbott found and fixed a very subtle boot bug introduced this development cycle only yesterday, and it just didn't feel right to say that we're done."
No 4.15 final release today

Security updates have been issued by Debian(bind9, couchdb, lucene-solr, mysql-5.5, openocd, and php5), Mageia(gdk-pixbuf2.0, golang, and mariadb), openSUSE(curl, gd, ImageMagick, lxterminal, ncurses, newsbeuter, perl-XML-LibXML, and xmltooling), Oracle(kernel), and SUSE(xmltooling).
Security updates for Monday

Wired recommends switching to F-Droidfor Android apps. "A polluted ocean of apps is plaguing Android, an operating system built upon Free and Open-Source Software (FOSS) but now barely resembling those venerable roots. Today, the average Android device is not only susceptible to malware and trackers, it?s also heavily locked down and loaded with proprietary components?characteristics that are hardly the calling cards of the FOSS movement. Though Android bears the moniker of open-source, the chain of trust between developers, distributors, and end-users is broken."
Android Users: To Avoid Malware, Try the F-Droid App Store (Wired)

The OpenSSL project has announceda number of changes to how the project is developed. These include shutting down the openssl-dev mailing list in favor of discussing all patches on GitHub and the addition of a new, read-only (for the world) openssl-project list. "We are changing our release schedule so that unless there are extenuating circumstances, security releases will go out on a Tuesday, with the pre-notification being the previous Tuesday. We don?t see a need to have people ready to sacrifice their weekend every time a new CVE comes out."
OpenSSL development policy changes

Here's a brief update from Greg Kroah-Hartmanon the kernel's handling of the Meltdown and Spectre vulnerabilities. "This shows that my kernel is properly mitigating the Meltdown problem by implementing PTI (Page Table Isolation), and that my system is still vulnerable to the Spectre variant 1, but is trying really hard to resolve the variant 2, but is not quite there (because I did not build my kernel with a compiler to properly support the retpoline feature)."
Kroah-Hartman: Meltdown and Spectre Linux Kernel Status - Update

Linux?s deadline scheduler is a global early deadline first scheduler for sporadic tasks with constrained deadlines. These terms were defined in the first part of this series. In this installment, the details of the Linux deadline scheduler and how it can be used will be examined.
[$] Deadline scheduler part 2 ? details and usage

Security updates have been issued by Arch Linux(bind, irssi, nrpe, perl-xml-libxml, and transmission-cli), CentOS(java-1.8.0-openjdk), Debian(awstats, libgd2, mysql-5.5, rsync, smarty3, and transmission), Fedora(keycloak-httpd-client-install and rootsh), and Red Hat(java-1.7.0-oracle and java-1.8.0-oracle).
Security updates for Friday

Git v2.16.0 is now available. "It is comprised of 509 non-merge commits since v2.15.0, contributed by 91 people, 26 of which are new faces."The release notes are included in the link below.
Git v2.16.0

Version 3.0of the Wine Windows emulation layer has been released. "This release represents a year of development effort and over 6,000 individual changes."Most of the improvements seem to be around Direct3D graphics, but it also now possible to package up Wine as an Android app; see the release notesfor details.
Wine 3.0 released

This is the second article of a series discussing various methods of reducing the size of the Linux kernel to make it suitable for small environments. The first articleprovided a short rationale for this topic, and covered the link-time garbage collection, also called the ld --gc-sectionsmethod. We've seen that, though it is pretty straightforward, link-time garbage collection has issues of its own when applied to the kernel, making achieving optimal results more difficult than it is worth. In this article we'll have a look at what the compiler itself can do using link-time optimization.
[$] Shrinking the kernel with link-time optimization

Security updates have been issued by CentOS(linux-firmware and microcode_ctl), Fedora(icecat and transmission), Oracle(java-1.8.0-openjdk and microcode_ctl), Red Hat(java-1.8.0-openjdk), Scientific Linux(java-1.8.0-openjdk), Slackware(bind), SUSE(kernel), and Ubuntu(eglibc).
Security updates for Thursday

The LWN.net Weekly Edition for January 18, 2018 is available.
[$] LWN.net Weekly Edition for January 18, 2018

Prometheusis a monitoring tool built from scratch by SoundCloud in 2012. It works by pulling metrics from monitored services and storing them in a time series database (TSDB). It has a powerful query language to inspect that database, create alerts, and plot basic graphs. Those graphs can then be used to detect anomalies or trends for (possibly automated) resource provisioning. Prometheus also has extensive service discovery features and supports high availability configurations. That's what the brochure says, anyway; let's see how it works in the hands of an old grumpy system administrator. I'll be drawing comparisons with Munin and Nagios frequently because those are the tools I have used for over a decade in monitoring Unix clusters.
[$] Monitoring with Prometheus 2.0

Greg Kroah-Hartman has released stable kernels 4.14.14, 4.9.77, 4.4.112, and 3.18.92. All of them contain important fixes and users should upgrade.
Four stable kernels

WordPress MediaElement Cross Site Scripting Vulnerability
Vuln: WordPress MediaElement Cross Site Scripting Vulnerability

Microsoft Outlook CVE-2018-0793 Remote Code Execution Vulnerability
Vuln: Microsoft Outlook CVE-2018-0793 Remote Code Execution Vulnerability

Microsoft Word CVE-2018-0794 Remote Code Execution Vulnerability
Vuln: Microsoft Word CVE-2018-0794 Remote Code Execution Vulnerability

Microsoft Office for MAC CVE-2018-0819 Spoofing Vulnerability
Vuln: Microsoft Office for MAC CVE-2018-0819 Spoofing Vulnerability

[SECURITY] [DSA 4092-1] awstats security update
Bugtraq: [SECURITY] [DSA 4092-1] awstats security update

[security bulletin] HPESBMU03806 rev.1 - HPE IceWall Products, Multiple Remote Unauthorized Disclosure of Information, Unauthorized Modificiation
Bugtraq: [security bulletin] HPESBMU03806 rev.1 - HPE IceWall Products, Multiple Remote Unauthorized Disclosure of Information, Unauthorized Modificiation

[security bulletin] HPSBGN02925 rev.3 - HP IceWall SSO, IceWall File Manager and IceWall Federation Agent, Multiple Remote Unauthorized Access Vulnerabilities
Bugtraq: [security bulletin] HPSBGN02925 rev.3 - HP IceWall SSO, IceWall File Manager and IceWall Federation Agent, Multiple Remote Unauthorized Access Vulnerabilities

[security bulletin] HPESBHF03805 rev.5 - Certain HPE products using Microprocessors from Intel, AMD, and ARM, with Speculative Execution, Elevation of Privilege and Information Disclosure.
Bugtraq: [security bulletin] HPESBHF03805 rev.5 - Certain HPE products using Microprocessors from Intel, AMD, and ARM, with Speculative Execution, Elevation of Privilege and Information Disclosure.

News, Infocus, Columns, Vulnerabilities, Bugtraq ...
More rss feeds from SecurityFocus

-->