Welcome to LinuxSecure
I found some scripts on my workstation that have not been
published and may be interesting for some people. Actually, I will not prepare them for publishing, but you can
contact me, if you are interested in one or more of them.
- A tool for the backup of network components. The script runs as a daemon and can be configured via config files.
It reads in the config files containing the passwords of the components once, so you can store them in a crypt storage.
There exist severeal templates for ssh, scp, telnet. The intention is to make automated backups from router, switches, firewalls etc.
- Postfixanalyser was written for the trendmicro mail virusscanner. You can search for mails and you will get a
status for the found mails: when did the system receive it, when was it working with the mail the last time, whats the status of the
mail, where there any problem while delivering the mail. The second feature was a simple statistic: bytes and number of mails received and send,
mails by status (received from extern, queued, sent to trend, received from trend, queued, delivered) and mails by problem
(deferred and not sent to scanner (scanner rejected), deferred and not sent to scanner (scanner down), sent to trend, but deferred before,
dereffed and not sent to extern (mta rejected), deferred and not sent to extern (mta down), sent to extern, but deferred befor).
- A logscanner and a scanner for the checkpoint objects file.
- A tool, that parses the registry of the genugate firewall and produces a more human readable output in html.
- A ftp-script for the honeynet.
- Various backupscripts in Perl and Bash.
- Various iptables scrips.
- A script called minilinux to create a small linux out of a huge running system.
- Pigsparty was a small projetct that was never finished. The idea was to convert snort rule sets into iptables rule sets.
- A snort admin interface in php.
- A perlmodule and some programs (e.g. mfl) for the preparation and analysis of longitudinal data with a focus of same domains.
back to top
| Whats New|
|[2005-02-18] mp3riot version 1.3 released|
|[2004-10-08] mp3riot version 1.2 is out.|
|[2004-04-30] Added section Bridging|
|[2004-01-09] working progress on mp3riot version 1.2|
|DAX is the mechanism that enables direct access to files stored in
persistent memory arrays without the need to copy the data through the page
cache. At the 2017 Linux Storage, Filesystem, and Memory-Management
Summit, Ross Zwisler led a plenary session on the future of DAX. Development in
this area offers a number of interesting trade-offs between data safety and
enabling the highest performance.
|[$] The future of DAX|
|DragonFly BSD 4.8 has been released. "DragonFly
version 4.8 brings EFI boot support in the installer, further speed
improvements in the kernel, a new NVMe driver, a new eMMC driver, and Intel
video driver updates."DragonFly is an independent BSD variant,
perhaps best known for the HAMMER filesystem.
|DragonFly BSD 4.8|
|The Free Software Foundation has announced
the winnersof the 2016 Free Software Awards. The Award for Projects
of Social Benefit went to SecureDropand the Award for the Advancement of Free Software went to Alexandre Oliva. "SecureDrop is an anonymous whistleblowing platform used by major news organizations and maintained by Freedom of the Press Foundation. Originally written by the late Aaron Swartz with assistance from Kevin Poulsen and James Dolan, the free software platform was designed to facilitate private and anonymous conversations and secure document transfer between journalists and sensitive sources."|
|SecureDrop and Alexandre Oliva are 2016 Free Software Awards winners|
|Stable kernels 4.10.6, 4.9.18, and 4.4.57have been released. All of them
contain important fixes and users should upgrade.
|Stable kernel updates|
|Security updates have been issued by Debian(apt-cacher, jbig2dec, libplist, python3.2, tnef, and xrdp), Fedora(firefox, mbedtls, and sane-backends), Mageia(flash-player-plugin, freetype2, glibc, kernel, kernel-linus, kernel-tmb, libquicktime, libwmf, and tnef), and Ubuntu(thunderbird).
|Security updates for Monday|
|The 4.11-rc4kernel prepatch is out for
testing. "So on the whole things look fine. There's changes all
over, and in mostly the usual proportions. Some core kernel code shows up
in the diffstat slightly more than it usually does - we had an audit fix
and a bpf hashmap fix, but on the whole it all looks very regular."|
|Kernel prepatch 4.11-rc4|
|In the memory-management subsystem, the term "mapping"refers to the
connection between pages in memory and their backing store ? the file that
represents them on disk. One of the fundamental assumptions in the
kernel is that a given page in the page cache belongs to exactly one mapping.
But, as Miklos Szeredi explained in a plenary session at the 2017 Linux
Storage, Filesystem, and Memory-Management Summit, there aresituations
where it would be desirable to associate the same page with multiple
mappings. Achieving this goal may not be easy, though.
Click below (subscribers only) for continuing coverage from LSFMM 2017
|[$] Sharing pages between mappings|
|The Eudyptula Challengeis a
series of programming exercises for the Linux kernel. It starts from a
very basic "Hello world"kernel module, moves up in complexity to getting
patches accepted into the main kernel. The challenge
will be closed to new participants in a few months, when 20,000 people have
signed up. LWN coveredthe Eudyptula Challenge in May 2014,
when it was fairly new. At this time over 19,000 people have signed up and
only 149 have finished.
|Eudyptula Challenge Status report|
|Security updates have been issued by Arch Linux(libpurple), Debian(audiofile, cgiemail, and imagemagick), Fedora(cloud-init, empathy, and mupdf), Mageia(firefox and thunderbird), Scientific Linux(icoutils and openjpeg), Slackware(mcabber and samba), and Ubuntu(eglibc).
|Security updates for Friday|
|Back in 2015, the OpenSSL project announcedits
intent to move away from its rather quirky license. Now it has announced
change is moving forward. "After careful review, consultation
with other projects, and input from the Core Infrastructure Initiative and
legal counsel from the SFLC, the OpenSSL team decided to relicense the code
under the widely-used ASLv2."It is worth noting that this change
and the way it is being pursued are not universally popular, in the OpenBSD camp, at least.
|Laszlo Agocs takes
a lookat improvements to the basic OpenGL enablers that form the
foundation of Qt Quick and the optional OpenGL-based rendering path of
QPainter in Qt 5.9. "As
explained here, such shader programs will attempt to cache the program
binaries on disk using GL_ARB_get_program_binaryor the standard equivalents in OpenGL ES 3.0. When no support is provided
by the driver, the behavior is equivalent to the non-cached case. The files
are stored in the global or per-process cache location, whichever is writable. The result is a nice boost in performance when a program is created with the same shader sources next time."|
|Agocs: Boosting performance with shader binary caching in Qt 5.9|
|Security updates have been issued by Debian(audiofile, jhead, libxslt, samba, suricata, and wordpress), Fedora(openslp), Mageia(icoutils, kdelibs4, and virtualbox), Oracle(icoutils and openjpeg), Red Hat(icoutils and openjpeg), and Ubuntu(audiofile, git, and samba).
|Security updates for Thursday|
|The LWN.net Weekly Edition for March 23, 2017 is available.
|[$] LWN.net Weekly Edition for March 23, 2017|
|GitLab 9.0 has been releasedwith many new features and improvements. "In the last several releases, GitLab has transformed how development teams get from idea to production. In just a few minutes, you can deploy GitLab to a container scheduler, add CI/CD with auto deployed review apps, utilize ChatOps, and analyze your cycle time. With 9.0 you can now watch your deploys with deploy boards and monitor application performance with Prometheus."|
|GitLab 9.0 Released with Subgroups and Deploy Boards|
|The NTPsec Project has announced the 0.9.7 release of NTPsec, with
assistance from the Mozilla Foundation's "Secure Open Source"initiative.
NTPsec is an implementation of the Network Time Protocol (NTP).
"NTPsec 0.9.7 incorporates significant improvements in security, accuracy,
precision, visualization, and usability, with assistance, contributions,
and audits provided by infosec researchers and other technical contributors.
For this release, the NTPsec Project worked particularly closely with the
Mozilla Foundation's "Secure Open Source"initiative, who funded an infosec
audit, and with Cure53.de, who provided the audit."|
|NTPsec Project announces 0.9.7|