Welcome to LinuxSecure
I found some scripts on my workstation that have not been
published and may be interesting for some people. Actually, I will not prepare them for publishing, but you can
contact me, if you are interested in one or more of them.
- A tool for the backup of network components. The script runs as a daemon and can be configured via config files.
It reads in the config files containing the passwords of the components once, so you can store them in a crypt storage.
There exist severeal templates for ssh, scp, telnet. The intention is to make automated backups from router, switches, firewalls etc.
- Postfixanalyser was written for the trendmicro mail virusscanner. You can search for mails and you will get a
status for the found mails: when did the system receive it, when was it working with the mail the last time, whats the status of the
mail, where there any problem while delivering the mail. The second feature was a simple statistic: bytes and number of mails received and send,
mails by status (received from extern, queued, sent to trend, received from trend, queued, delivered) and mails by problem
(deferred and not sent to scanner (scanner rejected), deferred and not sent to scanner (scanner down), sent to trend, but deferred before,
dereffed and not sent to extern (mta rejected), deferred and not sent to extern (mta down), sent to extern, but deferred befor).
- A logscanner and a scanner for the checkpoint objects file.
- A tool, that parses the registry of the genugate firewall and produces a more human readable output in html.
- A ftp-script for the honeynet.
- Various backupscripts in Perl and Bash.
- Various iptables scrips.
- A script called minilinux to create a small linux out of a huge running system.
- Pigsparty was a small projetct that was never finished. The idea was to convert snort rule sets into iptables rule sets.
- A snort admin interface in php.
- A perlmodule and some programs (e.g. mfl) for the preparation and analysis of longitudinal data with a focus of same domains.
back to top
| Whats New|
|[2005-02-18] mp3riot version 1.3 released|
|[2004-10-08] mp3riot version 1.2 is out.|
|[2004-04-30] Added section Bridging|
|[2004-01-09] working progress on mp3riot version 1.2|
|Linus has released the 4.12-rc3kernel
prepatch. "Hey, things continue to look good, and rc3 isn't even
very big. I'm hoping there's not another shoe about to drop, but so far
this really feels like a nice calm release cycle, despite the size of the
|Kernel prepatch 4.12-rc3|
|The 3.1.0 release of the Mailmanmailing list manager is out. "Two years after the original release of Mailman 3.0, this version contains a
huge number of improvements across the entire stack. Many bugs have been
fixed and new features added in the Core, Postorius (web u/i), and HyperKitty
(archiver). Upgrading from Mailman 2.1 should be better too. We are seeing
more production sites adopt Mailman 3, and we've been getting great feedback
as these have rolled out.
Important: mailman-bundler, our previous recommended way of deploying Mailman
3, has been deprecated. Abhilash Raj is putting the finishing touches on
Docker images to deploy everything, and he'll have a further announcement in a
week or two."New features include support for Python 3.5 and 3.6, MySQL support, new REST resources and methods, user interface and user experience improvements, and more.
|Mailman 3.1.0 released|
|On his blog, Siddhesh Poyarekar looks at tunablesin the GNU C library (glibc). The idea for centralizing the handling of tunable parameters in the library started back 2013, but was added to glibc in version 2.25that was released in February.
"Tunables is an internal implementation detailin glibc. It is a way to manage ways in which we allow behaviour in glibc to be modified. As of now the only way to manage glibc is via environment variables and the way to do that was strewn all over the place in the source code. Tunables provide one place to add the tunable parameter with all of the characteristics it would have and then the framework will handle everything from there. The user of that tunable (e.g. malloc for MALLOC_MMAP_THRESHOLD_or malloc.mmap.thresholdin tunables parlance) would then simply access the tunable from the list and do what it wants to do, without bothering about where it came from."|
|Poyarekar: The story of tunables|
|This article is a tour of some of the newest features in the gnuplotplotting utility.
Some of these features are already present in
the 5.0 release, and some are planned for the next
official release, which will be gnuplot 5.2. Highlights in the
include hypertext labels, more control over axes, a long-awaited ability to
add labels to contours, better lighting effects, and more; read on for the
|[$] What's new in gnuplot 5.2|
|Security updates have been issued by CentOS(kernel), Debian(graphicsmagick, imagemagick, kde4libs, and puppet), Fedora(FlightCrew, kernel, libvncserver, and wordpress), Gentoo(adobe-flash, smb4k, teeworlds, and xen), Mageia(kernel, kernel-linus, kernel-tmb, and perl-CGI-Emulate-PSGI), openSUSE(GraphicsMagick and rpcbind), Oracle(kernel), Red Hat(kernel and kernel-rt), and Scientific Linux(kernel).
|Security updates for Friday|
|The Free Software Foundation's blog is carrying an interview with AJ Jordon, who runs the gplenforced.orgsite to support GPL enforcement efforts and to help other projects indicate their support. "gplenforced.org is a small site I made that has exactly two purposes: host a badge suitable for embedding into a README file on GitLab or something, and provide some text with an easy and friendly explanation of GPL enforcement for that badge to link to.
Putting badges in READMEs has been pretty trendy for a while now ? people add badges to indicate whether their test suite is passing, their dependencies are up-to-date, and what version is published in language package managers. gplenforced.org capitalizes on that trend to add the maintainer's beliefs about license enforcement, too."|
|The Licensing and Compliance Lab interviews AJ Jordon of gplenforced.org (FSF Blog)|
|Alpine Linux 3.6.0 has been released.
Alpine is an independent, minimalist distribution that is built around musl
libc and busybox to keep it small and resource efficient.
This version adds support for 64-bit little-endian POWER machines (ppc64le)
and 64-bit IBM z Systems (s390x).
|Alpine Linux 3.6.0 Released|
|The Devuan project set out to create a systemd-less Debian, and now Devuan
Jessie 1.0.0 Stable has been released.
"There have been no significant bug reports since Devuan Jessie
RC2 was announced only three weeks ago and the list of release
critical bugs is now empty. So finally Devuan Jessie Stable is
ready for release! As promised, this will also be a
Long-Term-Support (LTS) release. Our team will participate in
providing patches, security updates, and release upgrades beyond
the planned lifespan of Debian Jessie."|
|Devuan Jessie 1.0.0 stable LTS|
|Greg Kroah-Hartman has announced the release of the 4.11.3, 4.9.30, 4.4.70, and 3.18.55stable kernels. They contain a rather
large set of patches all over the tree and users should upgrade.
|Stable kernel updates|
|Security updates have been issued by CentOS(samba and samba4), Mageia(samba), openSUSE(bash and samba), Oracle(samba and samba4), Slackware(samba), SUSE(ghostscript and java-1_7_0-openjdk), and Ubuntu(firefox and samba).
|Security updates for Thursday|
|The LWN.net Weekly Edition for May 25, 2017 is available.
|[$] LWN.net Weekly Edition for May 25, 2017|
|At the 2016 Python Language Summit, Larry Hastings introduced Gilectomy, his project to remove
the global interpreter lock (GIL) from CPython. The GIL serializes access
to the Python interpreter, so it severely limits the performance of
multi-threaded Python programs. At the 2017 summit, Hastings was back to
update attendees on the progress he has made and where Gilectomy is headed.
|[$] Progress on the Gilectomy|
|In a brief session at the 2017 Python Language Summit, Maciej Szulik gave
an update on the state and plans for bugs.python.org(bpo). It is the Roundup-based bug tracker for
Python; moving to GitHub has not changed that. He described the work that
two Google Summer of Code (GSoC) students have done to improve the bug
|[$] The state of bugs.python.org|
|As part of a discussion in 2014about where to host some of
the Python repositories,
Brett Cannon was delegated the task of determining where they should end
up. In early 2016, he decidedthat Python's
other repositories (e.g. PEPs) should land at GitHub;
at last year's language
summit, he gave an overviewof where things
stood with a few repositories that had made the conversion. Since that
time, the CPython
repository has made the switch and he wanted to discuss some of the
workflow issues surrounding that move at this year's summit.
|[$] New CPython workflow issues|
|The Samba Team has issued an
advisoryregarding CVE-2017-7494: "All versions of Samba from
3.5.0 onwards are vulnerable to a remote code execution vulnerability,
allowing a malicious client to upload a shared library to a writable share,
and then cause the server to load and execute it."Distributors are
already shipping the fix; there's also a workaround in the advisory for
those who cannot update immediately.
|A Samba remote code execution vulnerability|