LINUXsecure_LOGO
Issues on Linux and Security
 
-->
 
 
 
 
 
 
 
home
button Home
 

Welcome to LinuxSecure

I found some scripts on my workstation that have not been published and may be interesting for some people. Actually, I will not prepare them for publishing, but you can contact me, if you are interested in one or more of them.

  • A tool for the backup of network components. The script runs as a daemon and can be configured via config files. It reads in the config files containing the passwords of the components once, so you can store them in a crypt storage. There exist severeal templates for ssh, scp, telnet. The intention is to make automated backups from router, switches, firewalls etc.
  • Postfixanalyser was written for the trendmicro mail virusscanner. You can search for mails and you will get a status for the found mails: when did the system receive it, when was it working with the mail the last time, whats the status of the mail, where there any problem while delivering the mail. The second feature was a simple statistic: bytes and number of mails received and send, mails by status (received from extern, queued, sent to trend, received from trend, queued, delivered) and mails by problem (deferred and not sent to scanner (scanner rejected), deferred and not sent to scanner (scanner down), sent to trend, but deferred before, dereffed and not sent to extern (mta rejected), deferred and not sent to extern (mta down), sent to extern, but deferred befor).
  • A logscanner and a scanner for the checkpoint objects file.
  • A tool, that parses the registry of the genugate firewall and produces a more human readable output in html.
  • A ftp-script for the honeynet.
  • Various backupscripts in Perl and Bash.
  • Various iptables scrips.
  • A script called minilinux to create a small linux out of a huge running system.
  • Pigsparty was a small projetct that was never finished. The idea was to convert snort rule sets into iptables rule sets.
  • A snort admin interface in php.
  • A perlmodule and some programs (e.g. mfl) for the preparation and analysis of longitudinal data with a focus of same domains.


back to top

button Whats New
[2005-02-18] mp3riot version 1.3 released
[2004-10-08] mp3riot version 1.2 is out.
[2004-04-30] Added section Bridging
[2004-01-09] working progress on mp3riot version 1.2
Brendan Gregg introduces a set of BPF-based tracing toolson opensource.com. "Traditional analysis of filesystem performance focuses on block I/O statistics?what you commonly see printed by the iostat(1) tool and plotted by many performance-monitoring GUIs. Those statistics show how the disks are performing, but not really the filesystem. Often you care more about the filesystem's performance than the disks, since it's the filesystem that applications make requests to and wait for. And the performance of filesystems can be quite different from that of disks! Filesystems may serve reads entirely from memory cache and also populate that cache via a read-ahead algorithm and for write-back caching. xfsslower shows filesystem performance?what the applications directly experience."
7 tools for analyzing performance in Linux with bcc/BPF (opensource.com)

Security updates have been issued by Arch Linux(roundcubemail), Debian(optipng, samba, and vlc), Fedora(compat-openssl10, fedpkg, git, jbig2dec, ldns, memcached, openssl, perl-Net-Ping-External, python-copr, python-XStatic-jquery-ui, rpkg, thunderbird, and xen), SUSE(tomcat), and Ubuntu(db, db4.8, db5.3, linux, linux-raspi2, linux-aws, linux-azure, linux-gcp, and samba).
Security updates for Wednesday

Stable kernels 4.14.1, 4.13.15, 4.9.64, 4.4.100, and 3.18.83have been released. They all contain important fixes and users should upgrade.
Five fresh kernels

Security updates have been issued by Debian(ldns and swauth), Fedora(kernel and postgresql), Mageia(botan, krb5, and sssd), and Ubuntu(apport, linux, linux-aws, linux-gke, linux-kvm, linux-raspi2, linux-snapdragon, linux, linux-raspi2, linux-hwe, linux-lts-xenial, procmail, and samba).
Security updates for Tuesday

The Intel Management Engine(ME), which is a separate processor and operating system running outside of user control on most x86 systems, has long been of concern to users who are security and privacy conscious. Google and others have been working on ways to eliminate as much of that functionality as possible (while still being able to boot and run the system). Ronald Minnich from Google came to Prague to talk about those efforts at the 2017 Embedded Linux Conference Europe.
[$] Replacing x86 firmware with Linux and Go

Security updates have been issued by Arch Linux(icu and lib32-icu), CentOS(firefox), Debian(imagemagick, konversation, libspring-ldap-java, libxml-libxml-perl, lynx-cur, ming, opensaml2, poppler, procmail, shibboleth-sp2, and xen), Fedora(firefox, java-9-openjdk, jbig2dec, kernel, knot, knot-resolver, qt5-qtwebengine, and roundcubemail), Gentoo(adobe-flash, couchdb, icedtea-bin, and phpunit), Mageia(apr, bluez, firefox, jq, konversation, libextractor, and quagga), Oracle(firefox), Red Hat(firefox), and Scientific Linux(firefox).
Security updates for Monday

The latest stable kernel updates are 4.13.14, 4.9.63, 4.4.99, and 3.18.82. Each contains the usual set of important fixes and updates.
Another set of stable kernel updates

When he released4.14, Linus Torvalds warned that the 4.15 merge window might be shorter than usual due to the US Thanksgiving holiday. Subsystem maintainers would appear to have heard him; as of this writing, over 8,800 non-merge changesets have been pulled into the mainline since the opening of the 4.15 merge window. Read on for a summary of the most interesting changes found in that first set of patches.
[$] 4.15 Merge window part 1

Security updates have been issued by Arch Linux(couchdb), Debian(opensaml2 and shibboleth-sp2), Fedora(knot and knot-resolver), openSUSE(firefox), Slackware(libplist and mozilla), and Ubuntu(firefox and ipsec-tools).
Security updates for Friday

Google has announcedthat it has released its container-difftool under the Apache v2 license. "container-diff helps users investigate image changes by computing semantic diffs between images. What this means is that container-diff figures out on a low-level what data changed, and then combines this with an understanding of package manager information to output this information in a format that?s actually readable to users. The tool can find differences in system packages, language-level packages, and files in a container image. Users can specify images in several formats - from local Docker daemon (using the prefix `daemon://` on the image path), a remote registry (using the prefix `remote://`), or a file in the .tar in the format exported by "docker save"command. You can also combine these formats to compute the diff between a local version of an image and a remote version."
Introducing container-diff, a tool for quickly comparing container images (Google Open Source Blog)

Observers of the kernel's commit stream or mailing lists will have seen a certain amount of traffic referring to the addition of SPDX license identifiers to kernel source files. For many, this may be their first encounter with SPDX. But the SPDX effort has been going on for some years; this article describes SPDX, along with why and how the kernel community intends to use it.
[$] SPDX identifiers in the kernel

Security updates have been issued by Arch Linux(firefox, flashplugin, lib32-flashplugin, and mediawiki), CentOS(kernel and php), Debian(firefox-esr, jackson-databind, and mediawiki), Fedora(apr, apr-util, chromium, compat-openssl10, firefox, ghostscript, hostapd, icu, ImageMagick, jackson-databind, krb5, lame, liblouis, nagios, nodejs, perl-Catalyst-Plugin-Static-Simple, php, php-PHPMailer, poppler, poppler-data, rubygem-ox, systemd, webkitgtk4, wget, wordpress, and xen), Mageia(flash-player-plugin, icu, jackson-databind, php, and roundcubemail), Oracle(kernel and php), Red Hat(openstack-aodh), SUSE(wget and xen), and Ubuntu(apport and webkit2gtk).
Security updates for Thursday

The LWN.net Weekly Edition for November 16, 2017 is available.
[$] LWN.net Weekly Edition for November 16, 2017

The NumPy project is phasing outsupport for Python 2. "The Python core team plans to stop supporting Python 2 in 2020. The NumPy project has supported both Python 2 and Python 3 in parallel since 2010, and has found that supporting Python 2 is an increasing burden on our limited resources; thus, we plan to eventually drop Python 2 support as well. Now that we're entering the final years of community-supported Python 2, the NumPy project wants to clarify our plans, with the goal of to helping our downstream ecosystem make plans and accomplish the transition with as little disruption as possible."NumPy releases will fully support both Python 2 and Python 3 until December 31, 2018. New feature releases will support only Python 3 as of January 1, 2019. (Thanks to Nathaniel Smith)
NumPy will drop Python 2 support

After 16 years of evolution, the SciPyproject has reached version 1.0. SciPy, a free-software project, has become one of the most popular computational toolkits for scientists from a wide range of disciplines, and is largely responsible for the ascendancy of Python in many areas of scientific research. While the 1.0 release is significant, much of the underlying software has been stable for some time; the "1.0"version number reflects that the project as a whole is on solid footing.
[$] SciPy reaches 1.0

Multiple SAP Products Information Disclosure Vulnerability
Vuln: Multiple SAP Products Information Disclosure Vulnerability

SAP Text Conversion Module Remote Code Injection Vulnerability
Vuln: SAP Text Conversion Module Remote Code Injection Vulnerability

SAP NetWeaver XML External Entity Injection Vulnerability
Vuln: SAP NetWeaver XML External Entity Injection Vulnerability

SAP TranslationSupport Application XML External Entity Injection Vulnerability
Vuln: SAP TranslationSupport Application XML External Entity Injection Vulnerability

[SECURITY] [DSA 4046-1] libspring-ldap-java security update
Bugtraq: [SECURITY] [DSA 4046-1] libspring-ldap-java security update

[SECURITY] [DSA 4045-1] vlc security update
Bugtraq: [SECURITY] [DSA 4045-1] vlc security update

CSNC-2017-030 MyTy Reflected Cross-Site Scripting (XSS)
Bugtraq: CSNC-2017-030 MyTy Reflected Cross-Site Scripting (XSS)

CSNC-2017-029 MyTy Blind SQL Injection
Bugtraq: CSNC-2017-029 MyTy Blind SQL Injection

News, Infocus, Columns, Vulnerabilities, Bugtraq ...
More rss feeds from SecurityFocus

-->