| Related sites for http://www.linuxsecure.de |
| Stanford_CS_Theory Research includes sequential and parallel algorithms, computational problems in databases, computational geometry, design and analysis of programs and programming languages, and combinatorial, logical | | Define New shareware assembler/disassembler with major differences from those available, by Alan Baylis. Download holds assembled and QBASIC versions. | | Rackmaster_Systems_Inc_ Manufacturer of industrial rack mount computer chassis and peripheral enclosures. Supports a wide range of physical formats and architectures. | | Keystone_Software_Solutions,_Inc_ Services include MAS 90 and MAS 200 for Windows needs analysis, solution recommendations, installation, training, implementation, and ongoing support services. | | NewsShark Windows newsreader for downloading large binary files. Automatic restart and resume batch download. Finds article matching user criteria. Handles file decoding. | | Artistic_Resources_&_Technology,_L_L_C_ Specializes in the implementation, production, and integration of display technologies. | | RFC_0838 Who Talks TCP? D. Smallberg. January 1983. | | Javaconsult_Training Instructor-led courses in the Java and C# programming languages, based in London. | | Global_WIN_Technology Manufactures high performance cpu heatsinks for OEM markets and end users. | | Learnem Free and fee based training for web design and programming languages. | | NetMass_Incorporated Offer online and remote backup, server backup and online storage. Based in Texas. Includes technical support library with documentation, FAQs, and feedback form. Free trials available. | | Netscape_Calendar Personal calendar tracks appointments, weather, horoscope, and events. | | 67929 Rebooting from Within a Batch File | | Howard,_Penny_-_GoPenny Includes web design and development, graphics, Flash, database integration, hosting and domain assistance. Based in Oldsmar, Florida, United States. | | Developing_A_Simple_MTS_Server_Component The article discusses implementing a MTS server component using VJ++6. (Gopalan Suresh Raj) | | The_Labs Offers design, programming, and consulting services. | | eZigma Offering web site design, hosting, e-commerce solutions, and IT services for small and medium sized businesses. | | Global_Apple_Web_Design Small business and personal website design. | | Boomerang_Data_Recovery Software that recovers data from a variety of disk related problems including files deleted but not overwritten. Windows and Mac OS X supported. | | xmlhub_ODP Generates RSS feeds for Open Directory searches or categories selected by the user. |
|
LINUXSECURE
a:hover {color:red;}
a {text-decoration:none;}
body, p, td, th, tr, form, table, ol, ul, li, a, b, font{
font-family: verdena;
font-size: 11pt;
text-align: left;
}
table.menu {width: 100%; text-align: left; border: 2px solid #01077F;}
td.menu-head {background-color: #01077F;}
td.menu-body {background-color: #D3D3D3; padding-left: 6pt;}
font.menu-head {color: #FFFFFF; font-size: 12pt; font-weight: bold;}
font.menu-body {color: #000000; font-size: 8pt; font-weight: bold;}
font.menu-search {color: #01077F; font-size: 11pt; font-weight: bold;}
table.news {width: 100%; text-align: left; border: 2px solid #01077F;}
td.news-head {background-color: #01077F;}
td.news-body {background-color: #D3D3D3; padding-left: 6pt;}
font.news-head {color: #FFFFFF; font-size: 12pt; font-weight: bold;}
font.news-body {color: #01077F; font-size: 10pt;}
table.sqlnews {width: 100%; text-align: left; border: 2px solid #D3D3D3;}
td.sqlnews-head {background-color: #D3D3D3;}
td.sqlnews-body {padding-left: 6pt;}
font.sqlnews-head {font-size: 12pt}
table.sqlvuln {width: 100%; text-align: left; border: 2px solid #D3D3D3;}
td.sqlvuln-head {background-color: #D3D3D3;}
td.sqlvuln-body {padding-left: 6pt;}
font.sqlvuln-head {font-size: 12pt}
table.books {width: 100% text-align: left; border: 2px solid #D3D3D3;}
td.books-head {background-color: #D3D3D3; padding-left: 6pt; padding-right: 6pt;}
td.books-body {padding-left: 6pt; padding-right: 6pt;}
p.head {text-align: left; font-size: 12pt; font-weight: bold;}
p.body {text-align: left; font-size: 11pt;}
table.code {width: 100%; text-align: left; border: 2px solid #D3D3D3;}
td.code-head {background-color: #D3D3D3; padding-left: 6pt;}
td.code-body {padding-left: 6pt;}
font.code-body {font-family: Courier; font-size: 10pt;}
table.gallery {text-align: left; border: 2px solid #000000;}
td.gallery-head {background-color: #000000; padding-left: 6pt;}
td.gallery-body {background-color: #D3D3D3; padding-left: 6pt;}
td.gallery-image{}
font.gallery {font-size: 10pt;}
table.vuln {text-align: left; border: 2px solid #D3D3D3;}
td.vuln-head {background-color: #D3D3D3; padding-left: 6pt;}
td.vuln-body {padding-left: 6pt;}
font.adv {color: #FFFFFF; font-size: 10pt; font-weight: bold;}
font.code {font-family: Courier;}
Issues on Linux and Security
 Security Tasks
Protection
Detection
Reaction
Description
Firewall
Packetfilter
Proxies
IDS
Policy
Protection
In general
Iptables
Good Rules
SSH
Jail
Detection
In general
Snort
Sniffing
Tripwire
Portsentry
Virus scanner
Rootkit scanner
Security scanner
Hardening
In general
Openssh
Tinyproxy
Bridging
Bridge
Bridging Firewall
Bridging IPS
Other
Home
Vulnerabilities
Books
Links
F2html.pl
mp3riot
Downloads
News
Pigsparty
Gallery
Contributors
Impressum
Search
Google
This Site
search in
regular content
news
vulnerabilities
books
Home Welcome to LinuxSecure
I found some scripts on my workstation that have not been
published and may be interesting for some people. Actually, I will not prepare them for publishing, but you can
contact me, if you are interested in one or more of them.
A tool for the backup of network components. The script runs as a daemon and can be configured via config files.
It reads in the config files containing the passwords of the components once, so you can store them in a crypt storage.
There exist severeal templates for ssh, scp, telnet. The intention is to make automated backups from router, switches, firewalls etc.
Postfixanalyser was written for the trendmicro mail virusscanner. You can search for mails and you will get a
status for the found mails: when did the system receive it, when was it working with the mail the last time, whats the status of the
mail, where there any problem while delivering the mail. The second feature was a simple statistic: bytes and number of mails received and send,
mails by status (received from extern, queued, sent to trend, received from trend, queued, delivered) and mails by problem
(deferred and not sent to scanner (scanner rejected), deferred and not sent to scanner (scanner down), sent to trend, but deferred before,
dereffed and not sent to extern (mta rejected), deferred and not sent to extern (mta down), sent to extern, but deferred befor).
A logscanner and a scanner for the checkpoint objects file.
A tool, that parses the registry of the genugate firewall and produces a more human readable output in html.
A ftp-script for the honeynet.
Various backupscripts in Perl and Bash.
Various iptables scrips.
A script called minilinux to create a small linux out of a huge running system.
Pigsparty was a small projetct that was never finished. The idea was to convert snort rule sets into iptables rule sets.
A snort admin interface in php.
A perlmodule and some programs (e.g. mfl) for the preparation and analysis of longitudinal data with a focus of same domains.
back to top
Whats New
[2005-02-18] mp3riot version 1.3 released[2004-10-08] mp3riot version 1.2 is out.[2004-04-30] Added section Bridging[2004-01-09] working progress on mp3riot version 1.2
The Register covers the releaseof an open-source rootkit. "When implemented, Immunity's DR, or Debug Register, makes backdoors and other types of malware extremely difficult to detect or eradicate. It's notable because it cloaks itself by burrowing deep inside a server's processor and availing itself of debugging mechanisms available in Intel's chip architecture. The rootkit, in other words, mimics a kernel debugger."Open source release takes Linux rootkits mainstream (The Register)Dave Phillips takes a lookat Java-based music and sound applications. "I've wanted to write this article for quite a while. Over the years I've noted that Java-based music and sound applications have increased in number and quality, yet no comprehensive list or summaries have covered these advances. And so at long last I present this survey of music and sound applications that require Java. The presentation follows no particular order, but in this first part I'll begin by questioning the use of Java in sound and music applications development, followed by a brief look at Java's internal audio and MIDI capabilities."Java Sound &Music Software for Linux, Part 1 (Linux Journal)Linux-Watch wraps up OSCON, the O'Reilly Open Source Convention held last July. "This year, OSCON introduced the Open Mobile Exchange, a one-day event addressing business, technology, web, and open source topics related to the mobile technology industry. Other events included a "hallway track"held to "debate and discuss important issues,"as well as an OSCamp, a freewheeling user-directed "unconference"that was open to all comers. The event was further enlivened by the colocation of the second annual Ubuntu Live developers conference held during the first two days of OSCON at the same Oregon Convention Center location."OSCON 2008 presentations, videos posted (Linux-Watch)Here are the first Fedoraupdates, freshly signed: samba(F9, wrong permissions of group_mapping.ldb), xastir(F8: insecure temporary files), bitlbee(F9: account hijack), wordpress(F9: privilege escalation). Gentoohas updated yelp(format string vulnerability), dnsmasq(DNS cache poisoning), realplayer(buffer overflow), mysql(privilege escalation). Mandrivahas updated python(multiple vulnerabilities). rPathhas updated libtiff(arbitrary code execution). Security advisories for FridayThe Fedora project has sent out an update on its progress toward getting updates for its stable releases moving again. "Today we've reached a major milestone in this progress. We have done a successful compose of all the existing and as of yesterday pending updates for Fedora 8 and Fedora 9, all signed with our new keys. These updates will soon hit mirrors in a new set of directory locations. What we don't have quite yet is the updated fedora-release package in the old updates location that will get you the new keys and the new repo locations. The last mile testing of this update requires that new updates be live on the mirrors."That last step may take another day or so, but it's getting close. Fedora updates flowing again - almostInternet News looks atDell's new Inspiron Mini 9 sub-notebook. "Except for a keyboard that omits the usual row of function keys above the number row, the Mini's specs match several of its competitors'. A glossy 8.9-inch display with 1,024x600 resolution shows most Web pages with no need for horizontal scrolling. Under the hood are Intel's Atom N270, a 1.6GHz one-core processor with 2MB of Level 2 cache, and GMA 950 integrated-graphics chipset. The $349 configuration will feature a custom Dell interface atop Ubuntu Linux 8.04, much as Asus and Acer offer customized versions of Xandros and Linpus Linux, respectively."It's Official: Dell Enters the Netbook Fray (Internet News)Matt Hartley questionsthe slow adoption of Linux by US schools. "“Software alternatives are just not available for Linux.” I hear the statement above almost everyday. What makes the statement so ridiculous is that it is completely inaccurate 99 percent of the time. Normally I would dismiss this as the loss of the person or the business that has opted to limittheir horizons with their platform decisions, but when I hear this coming from schools...I find myself shaking my head in complete disbelief."Linux in U.S. Schools: Why the Resistance? (IT Management)Mandrivahas updated libtiff(denial of service) and django(cross-site request forgery). Slackwarehas updated php(multiple vulnerabilities). SUSEhas updated ibmjava5(multiple vulnerabilities). Ubuntuhas updated libxml2(denial of service). Thursday Security UpdatesThe OpenBTS project, which is building a free GSM base station with GNU Radio, the Universal Software Radio Peripheral, and Asterisk, has announced its existence. Evidently they had an operating GSM network at the recent Burning Man event. Code is not available yet, but should be in the near future; see the OpenBTS pagefor more information. The OpenBTS project - an open-source GSM base stationGroklaw questionsthe recent Novell-Microsoft deal. "I've been thinking about something for a few days now. It's about the latest Novell-Microsoft deal that was announced on August 20, where Microsoft agreed to buy another $100 million worth of vouchers from Novell. I was wondering: how come two public companies can make a deal that seems to me to be material and yet keep pieces of the deal secret?"A Question About the Novell-Microsoft Deal (Groklaw)Red Hat announcedthat it has acquired Qumranet, Inc., developers of the KVM virtualization tool. "Qumranet is the inventor and key maintainer of KVM, the only virtualization technology that is fully incorporated into the Linux kernel. Red Hat views KVM as the next generation of virtualization technology -- it combines support for the latest hardware virtualization capabilities and the rapid feature development of the Linux kernel into a complete, highly functional, virtualization platform. Red Hat believes that a strong coupling between the hypervisor and the kernel is a major advantage."(thanks to Matt Domsch). Red Hat acquires QumranetThe LWN.net Weekly Edition for September 4, 2008 is available. LWN.net Weekly Edition for September 4, 2008Guest author Val Henson writes: "Back in 2001, I landed my (then) dream job as a full-time Linux kernel developer and distribution maintainer for a small embedded systems company. I was thrilled - and horrified. I'd only been working as a programmer for a couple of years and I was sure it was only a matter of time before my new employer figured out they'd hired an idiot. The only solution was to learn more about operating systems, and quickly. So I pulled out my favorite operating systems textbook and read and re-read it obsessively over the course of the next year."Click below (subscribers only) for a review of that textbook. The Kernel Hacker's Bookshelf: UNIX InternalsMandrivahas updated opensc(unauthorized PIN change) and wordnet(code execution vulnerability). Ubuntuhas updated libtiff(code execution). Security updates for WednesdayKDE 4.1.1 has been released. This is primarily a bug-fix release; see the full changelogfor all the details. KDE 4.1.1 released
-->
CitectSCADA ODBC Server Remote Stack Based Buffer Overflow Vulnerability Vuln: CitectSCADA ODBC Server Remote Stack Based Buffer Overflow VulnerabilityGoogle Chrome Arbitrary File Download Vulnerability Vuln: Google Chrome Arbitrary File Download VulnerabilityApache Tomcat UTF-8 Directory Traversal Vulnerability Vuln: Apache Tomcat UTF-8 Directory Traversal VulnerabilityApache Tomcat 'HttpServletResponse.sendError()' Cross Site Scripting Vulnerability Vuln: Apache Tomcat 'HttpServletResponse.sendError()' Cross Site Scripting VulnerabilityRe: RES: Google Chrome Automatic File Download Bugtraq: Re: RES: Google Chrome Automatic File DownloadGoogle Chrome Auto download exploit .. Bugtraq: Google Chrome Auto download exploit ..[ MDVSA-2008:188 ] tomcat5 Bugtraq: [ MDVSA-2008:188 ] tomcat5[ GLSA 200809-05 ] Courier Authentication Library: SQL injection vulnerability Bugtraq: [ GLSA 200809-05 ] Courier Authentication Library: SQL injection vulnerabilityNews, Infocus, Columns, Vulnerabilities, Bugtraq ...More rss feeds from SecurityFocus
-->
|
|
