Issues on Linux and Security
button Home

Welcome to LinuxSecure

I found some scripts on my workstation that have not been published and may be interesting for some people. Actually, I will not prepare them for publishing, but you can contact me, if you are interested in one or more of them.

  • A tool for the backup of network components. The script runs as a daemon and can be configured via config files. It reads in the config files containing the passwords of the components once, so you can store them in a crypt storage. There exist severeal templates for ssh, scp, telnet. The intention is to make automated backups from router, switches, firewalls etc.
  • Postfixanalyser was written for the trendmicro mail virusscanner. You can search for mails and you will get a status for the found mails: when did the system receive it, when was it working with the mail the last time, whats the status of the mail, where there any problem while delivering the mail. The second feature was a simple statistic: bytes and number of mails received and send, mails by status (received from extern, queued, sent to trend, received from trend, queued, delivered) and mails by problem (deferred and not sent to scanner (scanner rejected), deferred and not sent to scanner (scanner down), sent to trend, but deferred before, dereffed and not sent to extern (mta rejected), deferred and not sent to extern (mta down), sent to extern, but deferred befor).
  • A logscanner and a scanner for the checkpoint objects file.
  • A tool, that parses the registry of the genugate firewall and produces a more human readable output in html.
  • A ftp-script for the honeynet.
  • Various backupscripts in Perl and Bash.
  • Various iptables scrips.
  • A script called minilinux to create a small linux out of a huge running system.
  • Pigsparty was a small projetct that was never finished. The idea was to convert snort rule sets into iptables rule sets.
  • A snort admin interface in php.
  • A perlmodule and some programs (e.g. mfl) for the preparation and analysis of longitudinal data with a focus of same domains.

back to top

button Whats New
[2005-02-18] mp3riot version 1.3 released
[2004-10-08] mp3riot version 1.2 is out.
[2004-04-30] Added section Bridging
[2004-01-09] working progress on mp3riot version 1.2
Xda developers looks at improvementscoming to the F-Droid repository of free/open source apps for Android. The next version of F-Droid will have screenshot and feature graphics, bulk download and install, improved notifications for downloads and pending updates, and the ability to translate apps metadata. "F-Droid is conducting further field tests to ensure that usability issues with the new design are identified and resolved before the alpha releases for v0.103 is rolled out to the public. The team is also inviting feedback and suggestionsto further improve the client. Additionally, the team mentions that this is one of the many improvements happening to the broader F-Droid ecosystem in 2017, and there?s more to come."
F-Droid?s Android App Finally Gets a UI Makeover (xda developers)

Security updates have been issued by Arch Linux(jenkins, libtiff, and webkit2gtk), Debian(ghostscript, kernel, and libreoffice), Fedora(dovecot, kernel, and tomcat), Mageia(firefox and tomcat), openSUSE(backintime and ffmpeg), and Ubuntu(ghostscript, libxslt, and nss).
Security updates for Friday

The Debian release team has a few words about the upcoming Debian 9 "stretch"release. "At a recent team meeting, we decided that support for Secure Boot in the forthcoming Debian 9 "stretch"would no longer be a blocker to release. The likely, although not certain outcome is that stretch will not have Secure Boot support."If stretch does not release with Secure Boot support, it is possible that it will be introduced later. Other than that, the number of Release Critical bugs continues to drop and the team is considering the arrangements for the stretch release.
Bits from the Debian Release Team: release update

Tor, the first stable release of the Tor 0.3.0 series, is available. "With the 0.3.0 series, clients and relays now use Ed25519 keys to authenticate their link connections to relays, rather than the old RSA1024 keys that they used before. (Circuit crypto has been Curve25519-authenticated since We have also replaced the guard selection and replacement algorithm to behave more robustly in the presence of unreliable networks, and to resist guard- capture attacks."
Tor is released: a new series is stable

The Linux kernel is highly scalable but, while it runs nicely on the world's largest computers, it is not an entirely comfortable fit on the smallest. The difficulties involved in running Linux on machines with 1MB or less of memory have left an opening for other operating systems, such as Zephyr, with lower memory needs. Some developers have not given up on scaling Linux to the smallest computers, but the approaches they have to take have always been a bit of a hard sell with the rest of the development community. Nicolas Pitre's minittypatch set is a case in point.
[$] An alternative TTY layer

Greg Kroah-Hartman has released stable kernels 4.10.13, 4.9.25, and 4.4.64. They all contain important fixes and users should upgrade.
Stable kernel updates

Security updates have been issued by Debian(freetype, jasper, python-django, slurm-llnl, and weechat), Fedora(dovecot and pcre2), Gentoo(adobe-flash), openSUSE(curl, gstreamer-plugins-base, libsndfile, and tiff), and Ubuntu(mysql-5.5, mysql-5.7).
Security updates for Thursday

The Weekly Edition for April 27, 2017 is available.
[$] Weekly Edition for April 27, 2017

Sayre's lawstates: "In any dispute the intensity of feeling is inversely proportional to the value of the issues at stake". In that context, it is perhaps easy to understand why the discussion around the version number for the next major openSUSE Leap release has gone on for hundreds of sometimes vitriolic messages. While this change is controversial, the openSUSE board hopes that it will lead to more rational versioning in the long term ? but the world has a way of interfering with such plans.
[$] The great leap backward

Security updates have been issued by Debian(botan1.10, mysql-5.5, and rtmpdump), Fedora(collectd, firefox, java-1.8.0-openjdk, libdwarf, nss-softokn, nss-util, and tigervnc), Red Hat(httpd24-httpd and python27), and SUSE(kernel).
Security updates for Wednesday

The grsecurity project has announcedthat its kernel-hardening patches will now be an entirely private affair. "Today we are handing over future maintenance of grsecurity test patches to the community. This makes grsecurity for Linux 4.9 the last version Open Source Security Inc. will release to non-subscribers."
No more grsecurity test patches

An email client was once a mandatory offering for any operating system, but that may be changing. A discussion on the ubuntu-desktop mailing list explores the choices for a default email client for Ubuntu 17.10, which is due in October. One of the possibilities being considered is to not have a default email client at all.
[$] Which email client for Ubuntu 17.10?

The Kali Linux 2017.1 rolling release is available. Kali is a Debian derivative aimed at penetration testing and related tasks. This release includes support for RTL8812AU wireless card injection, streamlined support for CUDA GPU cracking, OpenVAS 9 packaged in Kali repositories, and more.
Kali Linux 2017.1 Release

The linkerd 1.0 releaseis available. "Linkerd a service mesh for cloud native applications. As part of this release, we wanted to define what this actually meant."Support for per-service router configuration has been added, along with new plugin interfaces for policy control. (LWN looked at linkerdin early April).
Linkerd 1.0 released

InfoWorld plays with the Bash Bunny, a USB device for attacking computers. "It can run anything a regular Debian Linux distro can run, such as Python scripts or common Linux commands. To infiltrate other computing devices, Bash Bunny can fake its identity as a trusted media device, networking device, keyboard, or other serial device. For example, it can load itself as a keyboard device and mimic keystrokes. You can download dozens of existing payload scripts, create your own, or ask questions in a fairly active user forum."
Bash Bunny: Big hacks come in tiny packages (InfoWorld)

Oracle Primavera Products CVE-2017-3508 Remote Security Vulnerability
Vuln: Oracle Primavera Products CVE-2017-3508 Remote Security Vulnerability

Oracle Primavera Products CVE-2017-3579 Remote Security Vulnerability
Vuln: Oracle Primavera Products CVE-2017-3579 Remote Security Vulnerability

Oracle PeopleSoft Enterprise PeopleTools CVE-2017-3519 Remote Security Vulnerability
Vuln: Oracle PeopleSoft Enterprise PeopleTools CVE-2017-3519 Remote Security Vulnerability

Oracle WebCenter Sites CVE-2017-3595 Remote Security Vulnerability
Vuln: Oracle WebCenter Sites CVE-2017-3595 Remote Security Vulnerability

[security bulletin] HPESBHF03738 rev.1 - HPE Intelligent Management Center (iMC) PLAT, Remote Code Execution
Bugtraq: [security bulletin] HPESBHF03738 rev.1 - HPE Intelligent Management Center (iMC) PLAT, Remote Code Execution

[SECURITY] [DSA 3838-1] ghostscript security update
Bugtraq: [SECURITY] [DSA 3838-1] ghostscript security update

Apple iOS 10.2 & 10.3 - Control Panel Denial of Service Vulnerability
Bugtraq: Apple iOS 10.2 &10.3 - Control Panel Denial of Service Vulnerability

Live Helper Chat - Cross-Site Scripting
Bugtraq: Live Helper Chat - Cross-Site Scripting

News, Infocus, Columns, Vulnerabilities, Bugtraq ...
More rss feeds from SecurityFocus