Issues on Linux and Security
button Home

Welcome to LinuxSecure

I found some scripts on my workstation that have not been published and may be interesting for some people. Actually, I will not prepare them for publishing, but you can contact me, if you are interested in one or more of them.

  • A tool for the backup of network components. The script runs as a daemon and can be configured via config files. It reads in the config files containing the passwords of the components once, so you can store them in a crypt storage. There exist severeal templates for ssh, scp, telnet. The intention is to make automated backups from router, switches, firewalls etc.
  • Postfixanalyser was written for the trendmicro mail virusscanner. You can search for mails and you will get a status for the found mails: when did the system receive it, when was it working with the mail the last time, whats the status of the mail, where there any problem while delivering the mail. The second feature was a simple statistic: bytes and number of mails received and send, mails by status (received from extern, queued, sent to trend, received from trend, queued, delivered) and mails by problem (deferred and not sent to scanner (scanner rejected), deferred and not sent to scanner (scanner down), sent to trend, but deferred before, dereffed and not sent to extern (mta rejected), deferred and not sent to extern (mta down), sent to extern, but deferred befor).
  • A logscanner and a scanner for the checkpoint objects file.
  • A tool, that parses the registry of the genugate firewall and produces a more human readable output in html.
  • A ftp-script for the honeynet.
  • Various backupscripts in Perl and Bash.
  • Various iptables scrips.
  • A script called minilinux to create a small linux out of a huge running system.
  • Pigsparty was a small projetct that was never finished. The idea was to convert snort rule sets into iptables rule sets.
  • A snort admin interface in php.
  • A perlmodule and some programs (e.g. mfl) for the preparation and analysis of longitudinal data with a focus of same domains.

back to top

button Whats New
[2005-02-18] mp3riot version 1.3 released
[2004-10-08] mp3riot version 1.2 is out.
[2004-04-30] Added section Bridging
[2004-01-09] working progress on mp3riot version 1.2
The fifth versionof the patch series adding the boot-constraint subsystem is under review on the linux-kernel mailing list. The purpose of this subsystem is to honor the constraints put on devices by the bootloader before those devices are handed over to the operating system (OS) ? Linux in our case. If these constraints are violated, devices may fail to work properly once the kernel starts reconfiguring the hardware; by tracking and enforcing those constraints, instead, we can ensure that hardware continues to work properly until the kernel is fully operational.
[$] The boot-constraint subsystem

Security updates have been issued by Debian(quagga), Mageia(freetype2, kernel-linus, and kernel-tmb), openSUSE(chromium, GraphicsMagick, mupdf, openssl-steam, and xen), Slackware(irssi), SUSE(glibc and quagga), and Ubuntu(quagga).
Security updates for Friday

For as long as the kernel has included tracepoints, developers have argued over whether those tracepoints are part of the kernel's ABI. Tracepoint changes have had to be reverted in the past because they broke existing user-space programs that had come to depend on them; meanwhile, fears of setting internal code in stone have made it difficult to add tracepoints to a number of kernel subsystems. Now, a new tracing functionality is being proposed as a way to circumvent all of those problems.
[$] Dynamic function tracing events

Linux Journal takes a lookat the newly announcedLinuxBoot project. LWN covereda related talk back in November. "Modern firmware generally consists of two main parts: hardware initialization (early stages) and OS loading (late stages). These parts may be divided further depending on the implementation, but the overall flow is similar across boot firmware. The late stages have gained many capabilities over the years and often have an environment with drivers, utilities, a shell, a graphical menu (sometimes with 3D animations) and much more. Runtime components may remain resident and active after firmware exits. Firmware, which used to fit in an 8 KiB ROM, now contains an OS used to boot another OS and doesn't always stop running after the OS boots. LinuxBoot replaces the late stages with a Linux kernel and initramfs, which are used to load and execute the next stage, whatever it may be and wherever it may come from. The Linux kernel included in LinuxBoot is called the 'boot kernel' to distinguish it from the 'target kernel' that is to be booted and may be something other than Linux."
FOSS Project Spotlight: LinuxBoot (Linux Journal)

Security updates have been issued by Debian(jackson-databind, leptonlib, libvorbis, python-crypto, and xen), Fedora(apache-commons-email, ca-certificates, libreoffice, libxml2, mujs, p7zip, python-django, sox, and torbrowser-launcher), openSUSE(libreoffice), SUSE(libreoffice), and Ubuntu(advancecomp, erlang, and freetype).
Security updates for Thursday

The Weekly Edition for February 15, 2018 is available.
[$] Weekly Edition for February 15, 2018

A scientist with a rather unusual name, Meow-Ludo Meow-Meow, gave a talk at 2018 about the current trends in "do it yourself"(DIY) biology or "biohacking". He is perhaps most famous for being prosecuted for implanting an Opal card RFID chipinto his hand; the Opal card is used for public transportation fares in Sydney. He gave more details about his implant as well as describing some other biohacking projects in an engaging presentation.
[$] DIY biology

Mark Wielaard writes aboutthe recently discovered relicensing of the dtrace dynamic tracing subsystem under the GPL. "Thank you Oracle for making everyone?s life easier by waving your magic relicensing wand! Now there is lots of hard work to do to actually properly integrate this. And I am sure there are a lot of technical hurdles when trying to get this upstreamed into the mainline kernel. But that is just hard work. Which we can now start collaborating on in earnest."
Wielaard: dtrace for linux; Oracle does the right thing

The 2018 USENIX Enigma conferencewas held for the third time in January. Among many interesting talks, three presentations dealing with human security behaviors stood out. This article covers the key messages of these talks, namely the finding that humans are social in their security behaviors: their decision to adopt a good security practice is hardly ever an isolated decision.Subscribers can read on for the report by guest author Christian Folini.
[$] A report from the Enigma conference

Volker Lendecke is one of the first contributors to Samba, having submitted his first patches in 1994. In addition to developing other important file-sharing tools, he's heavily involved in development of the winbind service, which is implemented in winbindd. Although the core Active Directory (AD) domain controller (DC) code was written by his colleague Stefan Metzmacher, winbind is a crucial component of Samba's AD functionality. In his information-packed talk at FOSDEM 2018, Lendecke said he aimed to give a high-level overview of what AD and Samba authentication is, and in particular the communication pathways and trust relationships between the parts of Samba that authenticate a Samba user in an AD environment.
[$] Authentication and authorization in Samba 4

Security updates have been issued by Arch Linux(exim and mpv), Debian(advancecomp and graphicsmagick), Red Hat(collectd, erlang, httpd24-apr, openstack-aodh, and openstack-nova), SUSE(kernel and xen), and Ubuntu(libvorbis).
Security updates for Wednesday

Much as some of us would love never to have to deal with Windows, it exists. It wants to authenticate its users and share resources like files and printers over the network. Although many enterprises use Microsoft tools to do this, there is a free alternative, in the form of Samba. While Samba 3 has been happily providing authentication along with file and print sharing to Windows clients for many years, the Microsoft world has been slowly moving toward Active Directory (AD). Meanwhile, Samba 4, which adds a free reimplementation of AD on Linux, has been increasingly ready for deployment. Three short talks at FOSDEM 2018provided three different views of Samba 4, also known as Samba-AD, and left behind a pretty clear picture that Samba 4 is truly ready for use. Subscribers can read on for a report from guest author Tom Yates on the first two of those talks; stay tuned for another on the third soon.
[$] Two FOSDEM talks on Samba 4

Stable kernels 4.15.3, 4.14.19, and 4.9.81have been released. They all contain important fixes and users should upgrade.
Stable kernel updates

Security updates have been issued by Arch Linux(sthttpd), Debian(clamav, libreoffice, and pound), openSUSE(ipsec-tools and leptonica), SUSE(libreoffice), and Ubuntu(exim4, firefox, php5, puppet, and wavpack).
Security updates for Tuesday

While there is a lot of software distributed under the terms of the GNU General Public License, there is relatively little enforcement of the terms of that license and, it seems, even less discussion of enforcement in general. The organizers of have never shied away from such topics, though, so Karen Sandler's enforcement update during the 2018 Kernel Miniconf fit right in. The picture she painted includes a number of challenges for the GPL and the communities based on it, but there are some bright spots as well.
[$] A GPL-enforcement update

GIMP CVE-2017-17786 Heap Buffer Overflow Vulnerability
Vuln: GIMP CVE-2017-17786 Heap Buffer Overflow Vulnerability

Dell EMC Isilon OneFS Multiple Security Vulnerabilities
Vuln: Dell EMC Isilon OneFS Multiple Security Vulnerabilities

General Electric D60 Line Distance Relay Multiple Buffer Overflow Vulnerabilities
Vuln: General Electric D60 Line Distance Relay Multiple Buffer Overflow Vulnerabilities

Nortek Linear eMerge E3 Series CVE-2017-5439 Remote Command Injection Vulnerability
Vuln: Nortek Linear eMerge E3 Series CVE-2017-5439 Remote Command Injection Vulnerability

[slackware-security] irssi (SSA:2018-046-01)
Bugtraq: [slackware-security] irssi (SSA:2018-046-01)

[SECURITY] [DSA 4115-1] quagga security update
Bugtraq: [SECURITY] [DSA 4115-1] quagga security update

Re: [FD] Defense in depth -- the Microsoft way (part 51): Skype's home-grown updater allows escalation of privilege to SYSTEM
Bugtraq: Re: [FD] Defense in depth -- the Microsoft way (part 51): Skype's home-grown updater allows escalation of privilege to SYSTEM

Vulnerability Disclosure (Web Apps)-Bravo Tejari Web Portal-Unrestricted File Upload
Bugtraq: Vulnerability Disclosure (Web Apps)-Bravo Tejari Web Portal-Unrestricted File Upload

News, Infocus, Columns, Vulnerabilities, Bugtraq ...
More rss feeds from SecurityFocus