Issues on Linux and Security
button Home

Welcome to LinuxSecure

I found some scripts on my workstation that have not been published and may be interesting for some people. Actually, I will not prepare them for publishing, but you can contact me, if you are interested in one or more of them.

  • A tool for the backup of network components. The script runs as a daemon and can be configured via config files. It reads in the config files containing the passwords of the components once, so you can store them in a crypt storage. There exist severeal templates for ssh, scp, telnet. The intention is to make automated backups from router, switches, firewalls etc.
  • Postfixanalyser was written for the trendmicro mail virusscanner. You can search for mails and you will get a status for the found mails: when did the system receive it, when was it working with the mail the last time, whats the status of the mail, where there any problem while delivering the mail. The second feature was a simple statistic: bytes and number of mails received and send, mails by status (received from extern, queued, sent to trend, received from trend, queued, delivered) and mails by problem (deferred and not sent to scanner (scanner rejected), deferred and not sent to scanner (scanner down), sent to trend, but deferred before, dereffed and not sent to extern (mta rejected), deferred and not sent to extern (mta down), sent to extern, but deferred befor).
  • A logscanner and a scanner for the checkpoint objects file.
  • A tool, that parses the registry of the genugate firewall and produces a more human readable output in html.
  • A ftp-script for the honeynet.
  • Various backupscripts in Perl and Bash.
  • Various iptables scrips.
  • A script called minilinux to create a small linux out of a huge running system.
  • Pigsparty was a small projetct that was never finished. The idea was to convert snort rule sets into iptables rule sets.
  • A snort admin interface in php.
  • A perlmodule and some programs (e.g. mfl) for the preparation and analysis of longitudinal data with a focus of same domains.

back to top

button Whats New
[2005-02-18] mp3riot version 1.3 released
[2004-10-08] mp3riot version 1.2 is out.
[2004-04-30] Added section Bridging
[2004-01-09] working progress on mp3riot version 1.2
The 2018 Linux Storage, Filesystem, and Memory-Management Summit will be held April 23-25 in Park City, Utah. The call for proposals has just gone out with a tight deadline: they need to be received by January 31. "LSF/MM is an invitation-only technical workshop to map out improvements to the Linux storage, filesystem and memory management subsystems that will make their way into the mainline kernel within the coming years."
LSFMM 2018 call for proposals

While some aspects of the kernel's defenses against the Meltdown and Spectre vulnerabilities were more-or-less in place when the problems were disclosed on January 3, others were less fully formed. Additionally, many of the mitigations (especially for the two Spectre variants) had not been seen in public prior to the disclosure, meaning that there was a lot of scope for discussion once they came out. Many of those discussions are slowing down, and the kernel's initial response has mostly come into focus. The 4.15 kernel will include a broad set of mitigations, while some others will have to wait for later; read on for details on where things stand.
[$] Meltdown/Spectre mitigation for 4.15 and beyond

The Linux kernel's generic power domain (genpd) subsystem has been extended to support active state management of the power domains in the 4.15 development cycle. Power domains were traditionally used to enable or disable power to a region of a system on chip (SoC) but, with the recent updates, they can control the clock rate or amount of power supplied to that region as well. These changes improve the kernel's ability to run the system's hardware at the optimal power level for the current workload. Click below (subscribers only) for the full article contributed by Viresh Kumar.
[$] Active state management of power domains

Security updates have been issued by Arch Linux(qtpass), Debian(libkohana2-php, libxml2, transmission, and xmltooling), Fedora(kernel and qpid-cpp), Gentoo(PolarSSL and xen), Mageia(flash-player-plugin, irssi, kernel, kernel-linus, kernel-tmb, libvorbis, microcode, nvidia-current, php & libgd, poppler, webkit2, and wireshark), openSUSE(gifsicle, glibc, GraphicsMagick, gwenhywfar, ImageMagick, libetpan, mariadb, pngcrush, postgresql94, rsync, tiff, and wireshark), and Oracle(kernel).
Security updates for Monday

The 4.15-rc8kernel prepatch is out for testing. Among other things, it includes the "retpoline"mechanism intended to mitigate variant 2 of the Spectre vulnerability. Testing of this change will be hard, though, since it requires a version of GCC that almost nobody has ? watch LWN for a full article in the near future. "I'm still hoping that this will be the last rc, despite all the Meltdown and Spectre hoopla. But we will just have to see, it obviously requires this upcoming week to not come with any huge surprises."
Kernel prepatch 4.15-rc8

GnuBeeis the brand name for a line of open hardware boards designed to provide Linux-based network-attached storage. Given the success of the crowdfunding campaigns for the first two products, the GB-PC1and GB-PC2(which support 2.5 and 3.5 inch drives respectively), there appears to be a market for these devices. Given that Linux is quite good at attaching storage to a network, it seems likely they will perform their core function more than adequately. My initial focus when exploring my GB-PC1 is not the performance but the openness: just how open is it really? The best analogy I can come up with is that of a door with rusty hinges: it can be opened, but doing so requires determination.
[$] Opening up the GnuBee open NAS system

Security updates have been issued by Arch Linux(intel-ucode), Debian(gifsicle), Fedora(awstats and kernel), Gentoo(icoutils, pysaml2, and tigervnc), Mageia(dokuwiki and poppler), Oracle(kernel), SUSE(glibc, kernel, microcode_ctl, tiff, and ucode-intel), and Ubuntu(intel-microcode).
Security updates for Friday

Nextcloud has announcedNextcloud Talk, a fully open source video meeting software that is on-premise hosted and end-to-end encrypted. "Nextcloud Talk makes it easier than ever to host a privacy-respecting audio/video communication service for home users and enterprises. Business users have optional access to the Spreed High Performance Back-end offering enterprise-class scalability, reliability, and features through a Nextcloud subscription. With the easy-to-use interface, users can engage colleagues, friends, partners or customers, working in real time through High Definition (H265 based) audio and video in web meetings and webinars."
Introducing Nextcloud Talk

Security updates have been issued by Arch Linux(glibc and lib32-glibc), Debian(ming and poco), Fedora(electron-cash, electrum, firefox, heketi, microcode_ctl, and python-jsonrpclib), openSUSE(clamav-database and ucode-intel), Red Hat(flash-plugin), SUSE(OBS toolchain), and Ubuntu(webkit2gtk).
Security updates for Thursday

The Weekly Edition for January 11, 2018 is available.
[$] Weekly Edition for January 11, 2018

A focus on privacy is a key feature being touted by a number of different projects these days?from KDE to Tails to Nextcloud. One of the biggest privacy leaks for most people is their phone, so it is no surprise that there are projects looking to address that as well. A new entrant in that category is eelo, which is a non-profit project aimed at producing not only a phone, but also a suite of web services. All of that could potentially replace the Google or Apple mothership, which tend to collect as much personal data as possible.
[$] Eelo seeks to make a privacy-focused phone

Freedom of the Press Foundation has a tribute to James Dolan, who died over the holidays at the age of 36. James worked with Aaron Swartz and journalist Kevin Poulsen to build the original prototype of SecureDrop, an open-source whistleblower submission system. "He was our first full-time employee at Freedom of the Press Foundation, and quickly set out to teach other developers, contributors, and anyone interested in how the system worked. He poured his heart and soul into the work, traveling to newsrooms around North America to teach IT staffs and journalists in person how to install and use SecureDrop. He completely reworked the installation process, he pushed us to get independent security audits of the system, and he helped us hire the initial team that would take over SecureDrop once he was gone."LWN covereda LibrePlanet talk on SecureDrop back in March 2017. (Thanks to Paul Wise)
A tribute to James Dolan, co-creator of SecureDrop

Greg Kroah-Hartman has released stable kernels 4.14.13, 4.9.76, and 4.4.111. As usual, they all contain important fixes and users should update.
Stable kernel updates

Security updates have been issued by Debian(awstats, gdk-pixbuf, plexus-utils, and plexus-utils2), Fedora(asterisk, gimp, heimdal, libexif, linux-firmware, mupdf, poppler, thunderbird, webkitgtk4, wireshark, and xrdp), openSUSE(diffoscope, irssi, and qemu), SUSE(java-1_7_0-ibm, kernel-firmware, and qemu), and Ubuntu(irssi, kernel, linux, linux-aws, linux-euclid, linux-kvm, linux-hwe, linux-azure, linux-gcp, linux-oem, linux-lts-trusty, linux-lts-xenial, linux-lts-xenial, linux-aws, linux-raspi2, ruby1.9.1, ruby2.3, and sssd).
Security updates for Wednesday

Version 0.26 of the notmuch email client/indexer is available with a long list of new features. "It's now possible to include the cleartext of encrypted e-mails in the notmuch index. This makes it possible to search your encrypted e-mails with the same ease as searching cleartext."
notmuch release 0.26 now available

Advantech WebAccess ICSA-18-004-02 Multiple Security Vulnerabilities
Vuln: Advantech WebAccess ICSA-18-004-02 Multiple Security Vulnerabilities

NetGain Systems Enterprise Manager CVE-2017-16605 Directory Traversal Vulnerability
Vuln: NetGain Systems Enterprise Manager CVE-2017-16605 Directory Traversal Vulnerability

Atlassian JIRA CVE-2017-16862 Cross Site Request Forgery Vulnerability
Vuln: Atlassian JIRA CVE-2017-16862 Cross Site Request Forgery Vulnerability

Atlassian JIRA CVE-2017-16864 Cross Site Scripting Vulnerabiliy
Vuln: Atlassian JIRA CVE-2017-16864 Cross Site Scripting Vulnerabiliy

[SECURITY] [DSA 4087-1] transmission security update
Bugtraq: [SECURITY] [DSA 4087-1] transmission security update

Adminer <= v4.3.1 Server Side Request Forgery
Bugtraq: Adminer

[SECURITY] [DSA 4086-1] libxml2 security update
Bugtraq: [SECURITY] [DSA 4086-1] libxml2 security update

Seagate Media Server allows deleting of arbitrary files and folders
Bugtraq: Seagate Media Server allows deleting of arbitrary files and folders

News, Infocus, Columns, Vulnerabilities, Bugtraq ...
More rss feeds from SecurityFocus