LINUXsecure_LOGO
Issues on Linux and Security
 
-->
 
 
 
 
 
 
 
home
button Home
 

Welcome to LinuxSecure

I found some scripts on my workstation that have not been published and may be interesting for some people. Actually, I will not prepare them for publishing, but you can contact me, if you are interested in one or more of them.

  • A tool for the backup of network components. The script runs as a daemon and can be configured via config files. It reads in the config files containing the passwords of the components once, so you can store them in a crypt storage. There exist severeal templates for ssh, scp, telnet. The intention is to make automated backups from router, switches, firewalls etc.
  • Postfixanalyser was written for the trendmicro mail virusscanner. You can search for mails and you will get a status for the found mails: when did the system receive it, when was it working with the mail the last time, whats the status of the mail, where there any problem while delivering the mail. The second feature was a simple statistic: bytes and number of mails received and send, mails by status (received from extern, queued, sent to trend, received from trend, queued, delivered) and mails by problem (deferred and not sent to scanner (scanner rejected), deferred and not sent to scanner (scanner down), sent to trend, but deferred before, dereffed and not sent to extern (mta rejected), deferred and not sent to extern (mta down), sent to extern, but deferred befor).
  • A logscanner and a scanner for the checkpoint objects file.
  • A tool, that parses the registry of the genugate firewall and produces a more human readable output in html.
  • A ftp-script for the honeynet.
  • Various backupscripts in Perl and Bash.
  • Various iptables scrips.
  • A script called minilinux to create a small linux out of a huge running system.
  • Pigsparty was a small projetct that was never finished. The idea was to convert snort rule sets into iptables rule sets.
  • A snort admin interface in php.
  • A perlmodule and some programs (e.g. mfl) for the preparation and analysis of longitudinal data with a focus of same domains.


back to top

button Whats New
[2005-02-18] mp3riot version 1.3 released
[2004-10-08] mp3riot version 1.2 is out.
[2004-04-30] Added section Bridging
[2004-01-09] working progress on mp3riot version 1.2
During this year's Akademy conference, Lays Rodrigues introduced Atelier, a cross-platform, open-source system that allows users to control their 3D printers. As she stated in her talk abstract, it is "a project with a goal to make the 3D printing world a better place". Read on for an overview of what the Atelier team is up to and what it has accomplished so far.
[$] 3D printing with Atelier

Security updates have been issued by Debian(confuse, jetty9, kamailio, kernel, libxcursor, and mutt), Fedora(blktrace, docker-latest, libgit2, and yubico-piv-tool), Mageia(chromium-browser-stable, flash-player-plugin, kernel, kernel-linus, kernel-tmb, microcode, openslp, and wpa_supplicant), openSUSE(apache2, curl, GraphicsMagick, perl-Archive-Zip, and xen), Oracle(kernel and mariadb), Red Hat(rh-postgresql95-postgresql), Slackware(ntp and samba), SUSE(apache2, curl, kernel, kernel-livepatch-tools, libgcrypt, mysql, openssl, perl, procps, rsyslog, shadow, wireshark, and xen), and Ubuntu(kernel).
Security updates for Monday

The 1.0 releaseof the Flatpakapplication distribution system is out. There are a number of performance improvements, the ability to mark applications as being at end-of-life, up-front confirmation of requested permissions, and more. "Apps can now request access the host SSH agent to securely access remote servers or Git repositories."
Flatpak 1.0 released

Greg Kroah-Hartman has released two batches of stable kernels. The first set has fixes in various parts of the tree, while the second batch has a single fix for a problem with the page-table-entry inversionthat is done as a mitigation for the L1TF speculative-execution vulnerability. The first batch includes: 4.18.2, 4.17.16, 4.14.64, 4.9.121, 4.4.149, and 3.18.119. The second batch is: 4.18.3, 4.17.17, 4.14.65, 4.9.122, and 4.4.150. Users should upgrade, presumably to something in the second batch unless they are running the 3.18 series.
Two rounds of stable kernels released

Security updates have been issued by Debian(intel-microcode, keystone, php-horde-image, and xen), Fedora(rsyslog), openSUSE(apache2, clamav, kernel, php7, qemu, samba, and Security), Oracle(mariadb and qemu-kvm), Red Hat(docker, mariadb, and qemu-kvm), Scientific Linux(mariadb and qemu-kvm), SUSE(GraphicsMagick, kernel, kgraft, mutt, perl-Archive-Zip, python, and xen), and Ubuntu(postgresql-10, postgresql-9.3, postgresql-9.5, procps, and webkit2gtk).
Security updates for Friday

As of this writing, Linus Torvalds has pulled just over 7,600 non-merge changesets into the mainline repository for the 4.19 development cycle. 4.19 thus seems to be off to a faster-than-usual start, perhaps because the one-week delay in the opening of the merge window gave subsystem maintainers a bit more time to get ready. There is, as usual, a lot of interesting new code finding its way into the kernel, along with the usual stream of fixes and cleanups.
[$] The first half of the 4.19 merge window

Over at Google's Project Zero blog, Natalie Silvanovich looks atsome of the bugs the project has found in WebAssembly, which is a binary format to run code in the browser for web applications. She also looks to the future: "There are two emerging features of WebAssembly that are likely to have a security impact. One is threading. Currently, WebAssembly only supports concurrency via JavaScript workers, but this is likely to change. Since JavaScript is designed assuming that this is the only concurrency model, WebAssembly threading has the potential to require a lot of code to be thread safe that did not previously need to be, and this could lead to security problems. WebAssembly GC[garbage collection] is another potential feature of WebAssembly that could lead to security problems. Currently, some uses of WebAssembly have performance problems due to the lack of higher-level memory management in WebAssembly. For example, it is difficult to implement a performant Java Virtual Machine in WebAssembly. If WebAssembly GC is implemented, it will increase the number of applications that WebAssembly can be used for, but it will also make it more likely that vulnerabilities related to memory management will occur in both WebAssembly engines and applications written in WebAssembly."
The Problems and Promise of WebAssembly (Project Zero)

The Debian project is celebratingthe 25th anniversary of its founding by Ian Murdock on August 16, 1993. The "Bits from Debian"blog had this to say: "Today, the Debian project is a large and thriving organization with countless self-organized teams comprised of volunteers. While it often looks chaotic from the outside, the project is sustained by its two main organizational documents: the Debian Social Contract, which provides a vision of improving society, and the Debian Free Software Guidelines, which provide an indication of what software is considered usable. They are supplemented by the project's Constitutionwhich lays down the project structure, and the Code of Conduct, which sets the tone for interactions within the project. Every day over the last 25 years, people have sent bug reports and patches, uploaded packages, updated translations, created artwork, organized events about Debian, updated the website, taught others how to use Debian, and created hundreds of derivatives."Happy birthday to the project from all of us here at LWN.
Debian: 25 years and counting

Greg Kroah-Hartman has released a new batch of stable kernels: 4.18.1, 4.17.15, 4.14.63, 4.9.120, and 4.4.148. These include the fixes for the L1 terminal fault vulnerabilityand a few other fixes here and there. Users should upgrade.
New stable kernels

Security updates have been issued by Debian(fuse), Fedora(cri-o, gdm, kernel-headers, postgresql, units, and wpa_supplicant), Mageia(iceaepe, kernel-linus, kernel-tmb, and libtomcrypt), openSUSE(aubio, libheimdal, nemo-extensions, and python-Django1), Red Hat(flash-plugin), SUSE(apache2, kernel, php7, qemu, samba, and ucode-intel), and Ubuntu(gnupg).
Security updates for Thursday

The LWN.net Weekly Edition for August 16, 2018 is available.
[$] LWN.net Weekly Edition for August 16, 2018

Social networks are typically walled gardens; users of a service can interact with other users and their content, but cannot see or interact with data stored in competing services. Beyond that, though, these walled gardens have generally made it difficult or impossible to decide to switch to a competitor?all of the user's data is locked into a particular site. Over time, that has been changing to some extent, but a new project has the potential to make it straightforward to switch to a new service without losing everything. The Data Transfer Project(DTP) is a collaborative project between several internet heavyweights that wants to "create an open-source, service-to-service data portability platform".
[$] The Data Transfer Project

Security updates have been issued by CentOS(kernel), Debian(kernel, linux-4.9, postgresql-9.4, and ruby-zip), Fedora(cgit, firefox, knot-resolver, mingw-LibRaw, php-symfony, php-symfony3, php-symfony4, php-zendframework-zend-diactoros, php-zendframework-zend-feed, php-zendframework-zend-http, python2-django1.11, quazip, sox, and thunderbird-enigmail), openSUSE(python-Django and seamonkey), Oracle(kernel), Red Hat(kernel, kernel-rt, and redhat-virtualization-host), Scientific Linux(kernel), Slackware(openssl), SUSE(clamav, firefox, kernel, and samba), and Ubuntu(kernel, libxml2, linux, linux-aws, linux-kvm, linux-raspi2, linux-snapdragon, linux-hwe, linux-azure, linux-gcp, linux-lts-trusty, linux-lts-xenial, linux-aws, linux-raspi2, and samba).
Security updates for Wednesday

A kernel bug that allows a remote denial of service via crafted packets was fixed recently and the resulting patchwas merged on July 23. But an announcementof the flaw (which is CVE-2018-5390) was not released until August 6?a two-week window where users were left in the dark. It was not just the patch that might have alerted attackers; the flaw was publicized in other ways, as well, before the announcement, which has led to some discussion of embargo policies on the oss-security mailing list. Within free-software circles, embargoes are generally seen as a necessary evil, but delaying the disclosure of an already-public bug does not sit well.
[$] CVE-2018-5390 and "embargoes"

The Meltdown CPU vulnerability, first disclosedin early January, was frightening because it allowed unprivileged attackers to easily read arbitrary memory in the system. Spectre, disclosed at the same time, was harder to exploit but made it possible for guests running in virtual machines to attack the host system and other guests. Both vulnerabilities have been mitigated to some extent (though it will take a long time to even find all of the Spectre vulnerabilities, much less protect against them). But now the newly disclosed"L1 terminal fault"(L1TF) vulnerability (also going by the name Foreshadow) brings back both threats: relatively easy attacks against host memory from inside a guest. Mitigations are available (and have been merged into the mainline kernel), but they will be expensive for some users.
[$] Meltdown strikes back: the L1 terminal fault vulnerability

Multiple Intel Processors Side Channel Attack Multiple Information Disclosure Vulnerabilities
Vuln: Multiple Intel Processors Side Channel Attack Multiple Information Disclosure Vulnerabilities

Symantec Encryption Management Server CVE-2018-5243 Denial of Service Vulnerability
Vuln: Symantec Encryption Management Server CVE-2018-5243 Denial of Service Vulnerability

Cisco Web Security Appliance CVE-2018-0428 Local Privilege Escalation Vulnerability
Vuln: Cisco Web Security Appliance CVE-2018-0428 Local Privilege Escalation Vulnerability

Adobe Flash Player CVE-2018-12828 Unspecified Privilege Escalation Vulnerability
Vuln: Adobe Flash Player CVE-2018-12828 Unspecified Privilege Escalation Vulnerability

[SECURITY] [DSA 4269-1] postgresql-9.6 security update
Bugtraq: [SECURITY] [DSA 4269-1] postgresql-9.6 security update

[SECURITY] [DSA 4268-1] openjdk-8 security update
Bugtraq: [SECURITY] [DSA 4268-1] openjdk-8 security update

[SECURITY] [DSA 4267-1] kamailio security update
Bugtraq: [SECURITY] [DSA 4267-1] kamailio security update

[CVE-2018-12584] Heap overflow vulnerability in reSIProcate through 1.10.2
Bugtraq: [CVE-2018-12584] Heap overflow vulnerability in reSIProcate through 1.10.2

News, Infocus, Columns, Vulnerabilities, Bugtraq ...
More rss feeds from SecurityFocus

-->