LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Blogs
Reload this Page unSpawn
User Name
Password

Notices

Old

Rootkit Hunter reissue of 1.4.0 release (ALLOWDEVFILE)

Posted 05-01-2012 at 11:02 AM by unSpawn
Please note we've found an error with usage of exclamation points in an ALLOWDEVFILE check.
We have corrected this and have reissued 1.4.0.

NEW RELEASE SHA1: 48798beec504c00af93bf64b6e35dfc7d7aaff07
old release SHA1: 22546370647b79abce783d2a2d29352843d1b617


Apologies for the inconvenience,
unSpawn
---
Moderator
Posted in Uncategorized
Views 119 Comments 0 unSpawn is offline
Old

Rootkit Hunter release 1.4.0

Posted 04-30-2012 at 07:11 PM by unSpawn
Updated 04-30-2012 at 07:12 PM by unSpawn
Rootkit Hunter 1.4.0 release is here thanks to John Horne and all contributors who provided code, submitted ideas, bugs, fixes, documentation, helped out on the rkhunter-users mailing list and promoted Rootkit Hunter.

New:

- Added the '--list propfiles' command-line option. This will dump out the list of filenames that will be searched for when building the file properties database. By default the list is not shown if just '--list' is used.
- Added Jynx rootkit...
Continue reading...
Moderator
Posted in Uncategorized
Views 132 Comments 0 unSpawn is offline
Old

Running Logwatch in a more portable way

Posted 04-28-2012 at 04:16 AM by unSpawn
Tags logwatch
In the Linux Security forum we often ask victims of (perceived) security breaches to gather log files and parse them for leads using Logwatch. Analysis is best done on a physically separate, known secure machine in a safe network. If left unmodified Logwatch configuration defaults will result in it picking up the machines logs instead of the compromised machines logs. Here is a patch for install_logwatch.sh that will install Logwatch in a temporary directory and prepare it for receiving log files...
Continue reading...
Moderator
Posted in Uncategorized
Views 131 Comments 0 unSpawn is offline
Old

rpmlib(PayloadIsXz) is needed by opera-11.60-1185

Posted 12-10-2011 at 05:49 AM by unSpawn
Code:
Running rpm_check_debug
ERROR with rpm_check_debug vs depsolve:
rpmlib(PayloadIsXz) is needed by opera-11.60-1185
Complete!
(1, [u'Please report this error in http://bugs.centos.org/set_project.php?project_id=16&ref=http://bugs.centos.org/bug_report_page.php?category=yum'])
If you run into the above warning and are unable to get Opera installed the you should be aware of how Opera responded:
Quote:
this is not a change in policy, just
...
Continue reading...
Moderator
Posted in Uncategorized
Views 821 Comments 0 unSpawn is offline
Old

Iptables rule traversal: bandwidth at >= 10K of IP addresses

Posted 11-24-2011 at 08:07 PM by unSpawn
Updated 11-24-2011 at 02:53 PM by unSpawn
Anyone who is interested in iptables performance will find Harris, Melara, Smith and Nico's "Performance analysis of the Linux firewall in a host" (2002) and Kadlecsik and Pásztor's "Netfilter Performance Testing" (2005). But what actually is the effect of a large rule set on performance?

The attached PDF I created is not an an exhaustive study of Netfilter performance but shows you Jperf data and pictures (joy!) for plain rule sets, ipset (iphash) and the iptables...
Continue reading...
Attached Images
File Type: pdf Iptables rule traversal.pdf (551.9 KB, 31 views)
Moderator
Posted in Uncategorized
Views 741 Comments 0 unSpawn is offline
Page 1 of 10 1 23 Last »

  



All times are GMT -5. The time now is 03:35 PM.

Contact Us - Advertising Info - Rules - LQ Merchandise - Donations - Contributing Member - LQ Sitemap -
Main Menu
 
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: @linuxquestions
Open Source Consulting | Domain Registration