Issues on Linux and Security
button Home

Welcome to LinuxSecure

I found some scripts on my workstation that have not been published and may be interesting for some people. Actually, I will not prepare them for publishing, but you can contact me, if you are interested in one or more of them.

  • A tool for the backup of network components. The script runs as a daemon and can be configured via config files. It reads in the config files containing the passwords of the components once, so you can store them in a crypt storage. There exist severeal templates for ssh, scp, telnet. The intention is to make automated backups from router, switches, firewalls etc.
  • Postfixanalyser was written for the trendmicro mail virusscanner. You can search for mails and you will get a status for the found mails: when did the system receive it, when was it working with the mail the last time, whats the status of the mail, where there any problem while delivering the mail. The second feature was a simple statistic: bytes and number of mails received and send, mails by status (received from extern, queued, sent to trend, received from trend, queued, delivered) and mails by problem (deferred and not sent to scanner (scanner rejected), deferred and not sent to scanner (scanner down), sent to trend, but deferred before, dereffed and not sent to extern (mta rejected), deferred and not sent to extern (mta down), sent to extern, but deferred befor).
  • A logscanner and a scanner for the checkpoint objects file.
  • A tool, that parses the registry of the genugate firewall and produces a more human readable output in html.
  • A ftp-script for the honeynet.
  • Various backupscripts in Perl and Bash.
  • Various iptables scrips.
  • A script called minilinux to create a small linux out of a huge running system.
  • Pigsparty was a small projetct that was never finished. The idea was to convert snort rule sets into iptables rule sets.
  • A snort admin interface in php.
  • A perlmodule and some programs (e.g. mfl) for the preparation and analysis of longitudinal data with a focus of same domains.

back to top

button Whats New
[2005-02-18] mp3riot version 1.3 released
[2004-10-08] mp3riot version 1.2 is out.
[2004-04-30] Added section Bridging
[2004-01-09] working progress on mp3riot version 1.2
Security updates have been issued by Arch Linux(libgcrypt), Fedora(bouncycastle, nodejs, and perl-Archive-Tar), openSUSE(aubio), and Red Hat(chromium-browser, glibc, kernel, kernel-rt, libvirt, pcs, samba, samba4, sssd and ding-libs, and zsh).
Security updates for Tuesday

This article describes our findings that connected TCP small queues(TSQ) with the behavior of advanced WiFi protocols and, in the process, solved a throughput regression. The resulting patch is already in the mainline tree, so before continuing, please make sure your kernel is updated. Beyond the fix, it is delightful to travel through history to see how we discovered the problem, how it was tackled, and how it was patched. Subscribers can read on for the full story by guest authors Carlo Grazia and Natale Patriciello.
[$] TCP small queues and WiFi aggregation ? a war story

Security updates have been issued by CentOS(kernel), Debian(libgcrypt20, redis, and strongswan), Fedora(epiphany, freedink-dfarc, gnupg, LibRaw, nodejs-JSV, nodejs-uri-js, singularity, strongswan, and webkit2gtk3), Mageia(flash-player-plugin, freedink-dfarc, and imagemagick), openSUSE(enigmail, gpg2, java-1_7_0-openjdk, java-1_8_0-openjdk, poppler, postgresql96, python-python-gnupg, and samba), Oracle(kernel), SUSE(gpg2 and xen), and Ubuntu(gnupg and webkit2gtk).
Security updates for Monday

By the time that Linus Torvalds released 4.18-rc1and closed the merge window for this development cycle, 11,594 non-merge changesets had found their way into the mainline kernel repository. Nearly 4,500 of those were pulled after last week's summarywas written. Thus, in terms of commit traffic, 4.18 looks to be quite similar to its predecessors. As usual, the entry of significant new features has slowed toward the end of the merge window, but there are still some important changes on the list.
[$] 4.18 Merge window, part 2

The stable update machine continues to crank out releases: 4.17.2, 4.16.16, 4.14.50, 4.9.109, and 4.4.138are all available with another set of important fixes.
A set of weekend stable kernel updates

The first 4.18 prepatchis out, and the merge window has closed for this development cycle. "You may think it's still Saturday for me, and that I should give you one more day of merge window to send in some last-minute pull requests, but I know better. I'm in Japan, and it's Sunday here."
Kernel prepatch 4.18-rc1

It's been a little over one year since we last coveredDebian's reproducible buildsproject. The effort has not stopped in the interim; progress continues to be made, the message has sharpened up, and word is spreading. Chris Lamb, speaking about this at FLOSS UK in a talk called "You may think you're not a target: a tale of three developers", hinted that the end may be starting to come into sight.
[$] Toward a fully reproducible Debian

Security updates have been issued by CentOS(plexus-archiver), Fedora(chromium, kernel, and plexus-archiver), Mageia(firefox, gifsicle, jasper, leptonica, patch, perl-DBD-mysql, qt3, and scummvm), openSUSE(opencv), Oracle(kernel), Red Hat(kernel), Scientific Linux(kernel), SUSE(gpg2, nautilus, and postgresql96), and Ubuntu(gnupg2 and linux-raspi2).
Security updates for Friday

Kees Cook describes the security-oriented changesincluded in the 4.17 kernel release. "It was possible that old memory contents would live in a new process?s kernel stack. While normally not visible, ?uninitialized? memory read flaws or read overflows could expose these contents (especially stuff ?deeper? in the stack that may never get overwritten for the life of the process). To avoid this, I made sure that new stacks were always zeroed. Oddly, this ?priming? of the cache appeared to actually improve performance, though it was mostly in the noise."
Cook: security things in Linux v4.17

Ars technica has the story of a set of Docker imagescontaining cryptocurrency miners that persisted on Docker Hub for the better part of a year ? afterbeing discovered. "Neither the Docker Hub account nor the malicious images it submitted were taken down. Over the coming months, the account went on to submit 14 more malicious images. The submissions were publicly called out two more times, once in January by security firm Sysdig and again in May by security company Fortinet. Eight days after last month's report, Docker Hub finally removed the images."
Backdoored images downloaded 5 million times finally removed from Docker Hub (ars technica)

Security updates have been issued by Arch Linux(chromium and gnupg), Debian(spip), Fedora(pdns-recursor), Gentoo(adobe-flash, burp, quassel, and wget), openSUSE(bouncycastle and taglib), Oracle(kernel), SUSE(java-1_7_0-openjdk, java-1_8_0-openjdk, poppler, and samba), and Ubuntu(file, perl, and ruby1.9.1, ruby2.0, ruby2.3).
Security updates for Thursday

The Weekly Edition for June 14, 2018 is available.
[$] Weekly Edition for June 14, 2018

In a short session at the 2018 Python Language Summit, Steve Dower brought up the shortcomings of Python virtual environments, which are meant to create isolated installations of the language and its modules. He said his presentation was "co-written with Twitter"and, indeed, most of his slides were of tweets. At the end, he also slipped in an announcement of his plans for hosting a core development sprint in September.
[$] Python virtual environments

The XArray data structurewas the topic of the final filesystem track session at the 2018 Linux Storage, Filesystem, and Memory-Management Summit (LSFMM). XArray is a new API for the kernel's radix-treedata structure; the session was led by Matthew Wilcox, who created XArray. When asked by Dave Chinner if the session was intended to be a live review of the patches, Wilcox admitted with a grin that it might be "the only way to get a review on this damn patch set".
[$] XArray and the mainline

While the 2018 Linux Storage, Filesystem, and Memory-Management Summit (LSFMM) filesystem track session was advertised as being a filesystem test suite "bakeoff", it actually focused on how to make the existing test suites more accessible. Kent Overstreet said that he has learned over the years that various filesystem developers have their own scripts for testing using QEMU and other tools. He and Ted Ts'o put the session together to try to share some of that information (and code) more widely.
[$] Filesystem test suites

Intel Core Microprocessors CVE-2018-3665 Information Disclosure Vulnerability
Vuln: Intel Core Microprocessors CVE-2018-3665 Information Disclosure Vulnerability

Natus Xltek NeuroWorks/SleepWorks ICSMA-18-165-01 Multiple Security Vulnerabilities
Vuln: Natus Xltek NeuroWorks/SleepWorks ICSMA-18-165-01 Multiple Security Vulnerabilities

Microsoft Windows CVE-2018-8210 Remote Code Execution Vulnerability
Vuln: Microsoft Windows CVE-2018-8210 Remote Code Execution Vulnerability

Airbnb Knowledge Repo CVE-2018-12104 Cross Site Scripting Vulnerability
Vuln: Airbnb Knowledge Repo CVE-2018-12104 Cross Site Scripting Vulnerability

[SECURITY] [DSA 4231-1] libgcrypt20 security update
Bugtraq: [SECURITY] [DSA 4231-1] libgcrypt20 security update

[SECURITY] [DSA 4230-1] redis security update
Bugtraq: [SECURITY] [DSA 4230-1] redis security update

[SECURITY] [DSA 4229-1] strongswan security update
Bugtraq: [SECURITY] [DSA 4229-1] strongswan security update

[security bulletin] MFSBGN03810 rev.1 - Universal CMDB, Deserialization Java Objects and CSRF
Bugtraq: [security bulletin] MFSBGN03810 rev.1 - Universal CMDB, Deserialization Java Objects and CSRF

News, Infocus, Columns, Vulnerabilities, Bugtraq ...
More rss feeds from SecurityFocus