Showing posts sorted by date for query Debian. Sort by relevance Show all posts
Showing posts sorted by date for query Debian. Sort by relevance Show all posts

Linux Mint 16 "Petra" Released With Choice of MATE or Cinnamon

Posted by Avik Sarkar On 11/17/2013 06:29:00 pm

Linux Mint 16 "Petra" Released With Choice of MATE or Cinnamon

Earlier we have talked many times on Linux Mint, it is one of most modern, elegant and comfortable operating system based on Ubuntu or Debian which is both powerful and easy to use. The Linux Mint project has started  in 2006, since then the consistent effort of it's developers and contributors has made Linux Mint the 4th most widely used home operating system behind Microsoft Windows, Apple Mac OS and Canonical's Ubuntu. As promised from beginning the mint team used to release their new version in every six months. The last we got was Linux Mint 15 'Olivia'. Again also the team proudly to announced the release of Linux Mint 16 code named "Petra". There's been quite a lot of anticipation for the next version of Linux Mint, and as expected the result is indeed satisfactory. According to the official blog of Linux Mint- "Petra" took 6 months of incremental development on top of stable and reliable technologies. This new release comes with updated software and brings refinements and new features to make your desktop even more comfortable to use. This new release comes with updated software and brings refinements and new features to make your desktop even more comfortable to use." One of the more interesting updates of the release is version 2.0 of Cinnamon (a fork of GNOME Shell), with a large number of new features: "Cinnamon 2.0 represents 5 months of development and 856 commits from 28 developers. It features a lot of bug fixes but also brand new features and many improvements." Lets look at the new features at a glance:

New features in Linux Mint 16 MATE:-
  • Login Screen
  • USB Stick support
  • Performance improvements
  • Software Manager
  • System Improvements
  • Artwork Improvements
  • Main Components 


For a complete overview and to see screenshots of the new features Linux Mint 16 click here. The Linux Mint site has a list of new features separately for both MATE and Cinnamon. Make sure to read the “Release Notes” to be aware of important info or known issues related to this release. So dear friends what are you waiting for! lets download Mint 16 and explore it. 




SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Debian Linux 7.0 Code Named 'Wheezy' Released & Available For Download

Posted by Avik Sarkar On 5/09/2013 04:30:00 pm

Debian Linux 7.0 Code Named 'Wheezy' Released & Added  Multiarch Support, Several Specific Tools

Once it was one of the most popular Linux distribution which have drawn the maximum attention, yes you are right I am talking about none other than Debian Linux. Now a days the craze of this flavor has became little fade but as the foundation for other, more popular Linux distributions, such as Mint, Ubuntu and few Pen Testing Distro, still the value of Debian exist. So the up-gradation and new release of this Linux flavor is  still very much important. And today I will talk about the new release of Debian Linux version 7.0 code named 'Wheezy'. After many months of constant development, the developers at Debian project proudly announced the general availability of the next version of this major Linux which is Debian 7.0 aka 'Wheezy'. According to the release note This new version of Debian includes various interesting features such as multiarch support, several specific tools to deploy private clouds, an improved installer, and a complete set of multimedia codecs and front-ends which remove the need for third-party repositories. Multiarch support, one of the main release goals for Wheezy, will allow Debian users to install packages from multiple architectures on the same machine. This means that you can now, for the first time, install both 32- and 64-bit software on the same machine and have all the relevant dependencies correctly resolved, automatically. The installation process has been greatly improved: Debian can now be installed using software speech, above all by visually impaired people who do not use a Braille device. Thanks to the combined efforts of a huge number of translators, the installation system is available in 73 languages, and more than a dozen of them are available for speech synthesis too. In addition, for the first time, Debian supports installation and booting using UEFI for new 64-bit PCs (amd64), although there is no support for Secure Boot yet. 

This Release Includes Numerous Updated Software Packages, Such as:-
  • Apache 2.2.22
  • Asterisk 1.8.13.1
  • GIMP 2.8.2
  • An updated version of the GNOME desktop environment 3.4
  • GNU Compiler Collection 4.7.2
  • Icedove 10 (an unbranded version of Mozilla Thunderbird)
  • Iceweasel 10 (an unbranded version of Mozilla Firefox)
  • KDE Plasma Workspaces and KDE Applications 4.8.4
  • kFreeBSD kernel 8.3 and 9.0
  • LibreOffice 3.5.4
  • Linux 3.2
  • MySQL 5.5.30
  • Nagios 3.4.1
  • OpenJDK 6b27 and 7u3
  • Perl 5.14.2
  • PHP 5.4.4
  • PostgreSQL 9.1
  • Python 2.7.3 and 3.2.3
  • Samba 3.6.6
  • Tomcat 6.0.35 and 7.0.28
  • Xen Hypervisor 4.1.4
  • The Xfce 4.8 desktop environment
  • X.Org 7.7

Along with these more than other 36,000 ready-to-use software packages, built from nearly 17,500 source packages also included in Debian Linux 7.0. So after reading all those cool features, what you are waiting for lets download the installation image via bittorrent (the recommended method), jigdo, or HTTP




SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

'Kali Linux' The Most Advanced & Stable Penetration Testing Distribution

Posted by Avik Sarkar On 3/15/2013 12:49:00 am

From The Makers of BackTrack We Got 'Kali Linux' The Most AdvancedStable Penetration Testing Distribution 

Fans of world famous penetration testing distribution 'BackTrack' can now taste another flavor as the developer at BackTrack and Offensive Security has introduced a new Linux distribution targets enterprise security, offering a suite of helpful tools for rigorous testing calling it "Kali Linux." In the official release note Offensive-Security claimed that Kali Linux is the most advanced, robust, and stable penetration testing distribution to date. From that note we also came to know that this new distribution is a product of seven years long knowledge and experience which make Kali Linux the “next generation” penetration testing distribution. Now lets look at the main features of Kali Linux at a glance: 

Kali Linux Features:-

Kali is a complete re-build of BackTrack Linux, adhering completely to Debian development standards. All-new infrastructure has been put in place, all tools were reviewed and packaged, and we use Git for our VCS.
  • More than 300 penetration testing tools: After reviewing every tool that was included in BackTrack, we eliminated a great number of tools that either did not work or had other tools available that provided similar functionality.
  • Free and always will be: Kali Linux, like its predecessor, is completely free and always will be. You will never, ever have to pay for Kali Linux.
  • Open source Git tree: We are huge proponents of open source software and ourdevelopment tree is available for all to see and all sources are available for those who wish to tweak and rebuild packages.
  • FHS compliant: Kali has been developed to adhere to the Filesystem Hierarchy Standard, allowing all Linux users to easily locate binaries, support files, libraries, etc.
  • Vast wireless device support: We have built Kali Linux to support as many wireless devices as we possibly can, allowing it to run properly on a wide variety of hardware and making it compatible with numerous USB and other wireless devices.
  • Custom kernel patched for injection: As penetration testers, the development team often needs to do wireless assessments so our kernel has the latest injection patches included.
  • Secure development environment: The Kali Linux team is made up of a small group of trusted individuals who can only commit packages and interact with the repositories while using multiple secure protocols.
  • GPG signed packages and repos: All Kali packages are signed by each individual developer when they are built and committed and the repositories subsequently sign the packages as well.
  • Multi-language: Although pentesting tools tend to be written in English, we have ensured that Kali has true multilingual support, allowing more users to operate in their native language and locate the tools they need for the job.
  • Completely customizable: We completely understand that not everyone will agree with our design decisions so we have made it as easy as possible for our more adventurous users tocustomize Kali Linux to their liking, all the way down to the kernel.
  • ARMEL and ARMHF support: Since ARM-based systems are becoming more and more prevalent and inexpensive, we knew that Kali’s ARM support would need to be as robust as we could manage, resulting in working installations for both ARMEL and ARMHF systems. Kali Linux has ARM repositories integrated with the mainline distribution so tools for ARM will be updated in conjunction with the rest of the distribution. Kali is currently available for the following ARM devices:
Kali is specifically tailored to penetration testing and therefore, all documentation on this site assumes prior knowledge of the Linux operating system. For more information, I would like to request you to visit the official website of Kali Linux. 




SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Whonix -Anonymous Operating System Based on Debian/GNU Linux & Tor

Posted by Avik Sarkar On 10/16/2012 07:34:00 pm

Whonix -Anonymous Operating System Based on Debian/GNU Linux & Tor 

Whonix, which is earlier called TorBOX or aos; now been reintroduced with a new style. This time we got a complete anonymous general purpose Operating System based on Virtual Box, Debian GNU/Linux and Tor.  According to the project wiki page - in Whonix IP and DNS leaks are impossible. Not even malware with root rights can find out the user's real IP/location. This is because Whonix consists of two virtual machines. One machine solely runs Tor and acts as a gateway, which we call Whonix-Gateway. The other machine, which we call Whonix-Workstation, is on a completely isolated network. Only connections through Tor are possible. 

We request our reader to See Security for a more comprehensive description, security features and threat model. You can even go through with full change log and also download the source code from github

Key Features:- 

  • Adobe Flash anonymously
  • browse the web anonymously
  • Anonymous IRC
  • Anonymous Publishing
  • Anonymous E-Mail with Mozilla Thunderbird and TorBirdy
  • Add a proxy behind Tor (Tor -> proxy)
  • Based on Debian GNU/Linux.
  • Based on the Tor anonymity network.
  • Based on Virtual Box.
  • Can torify almost any application.
  • Can torify any operating system
  • Can torify Windows.
  • Chat anonymously.
  • Circumvent Censorship.
  • DNSSEC over Tor
  • Encrypted DNS
  • Full IP/DNS protocol leak protection.
  • Hide the fact that you are using Tor/Whonix
  • Isolating Proxy
  • Java anonymously
  • Javascript anonymously
  • Location/IP hidden servers
  • Prevents anyone from learning your IP.
  • Prevents anyone from learning your physical location.
  • Private obfuscated bridges supported.
  • Protects your privacy.
  • Protocol-Leak-Protection and Fingerprinting-Protection
  • Secure And Distributed Time Synchronization Mechanism
  • Security by Isolation
  • Stream isolation to prevent identity correlation through circuit sharing
  • Virtual Machine Images
  • VPN/Tunnel Support
  • Whonix is produced independently from the Tor (r) anonymity software and carries no guarantee from  The Tor Project about quality, suitability or anything else.
  • Transparent Proxy
  • Tunnel Freenet through Tor
  • Tunnel i2p through Tor
  • Tunnel JonDonym through Tor
  • Tunnel Proxy through Tor
  • Tunnel Retroshare through Tor
  • Tunnel SSH through Tor
  • Tunnel UDP over Tor
  • Tunnel VPN through Tor
To Download Whonix-0.4.5 Click Here. Before download please note that Whonix is produced independently from the Tor anonymity software and carries no guarantee from The Tor Project about quality, suitability or anything else. 






SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Three Secrets & Full Analysis of Flame's Command & Control Servers Unraveled

Posted by Avik Sarkar On 9/20/2012 05:40:00 pm

Three Secrets & Full Analysis of Flame's Command & Control Servers Unraveled

Flame the next generation cyber weapon which is also known as 'The Super Spy' has already fascinated the cyber-security industry with its sophistication and versatility as a Swiss-Army knife of cyber-spying. Recently security firm Kaspersky lab has published a new report on the sophisticated nation-state sponsored Flame cyber-espionage campaign. During the research, conducted by Kaspersky Lab in partnership with International Telecommunication Union’s cybersecurity executing arm - IMPACT, CERT-Bund/BSI and Symantec, a number of Command and Control (C&C) servers used by Flame’s creators were analyzed in detail. The analysis revealed new, groundbreaking facts about Flame. Particularly, traces of three yet undiscovered malicious programs were found, and it was discovered that the development of the Flame platform dates back to 2006.

Main findings:
  • The development of Flame’s Command and Control platform started as early as December 2006.
  • The C&C servers were disguised to look like a common Content Management System, to hide the true nature of the project from hosting providers or random investigations.
  • The servers were able to receive data from infected machines using four different protocols; only one of them servicing computers attacked with Flame.
  • The existence of three additional protocols not used by Flame provides proof that at least three other Flame-related malicious programs were created; their nature is currently unknown.
  • One of these Flame-related unknown malicious objects is currently operating in the wild.
  • There were signs that the C&C platform was still under development; one communication scheme named “Red Protocol” is mentioned but not yet implemented.
  • There is no sign that the Flame C&Cs were used to control other known malware such as Stuxnet or Gauss.
The Flame cyber-espionage campaign was originally discovered in May 2012 by Kaspersky Lab during an investigation initiated by the International Communication Union. Following this discovery, ITU-IMPACT acted swiftly to issue an alert to its 144 member nations accompanied with the appropriate remediation and cleaning procedures. The complexity of the code and confirmed links to developers of Stuxnet all point to the fact that Flame is yet another example of a sophisticated nation-state sponsored cyber operation. Originally it was estimated that Flame started operations in 2010, but the first analysis of its Command and Control infrastructure (covered by at least 80 known domains names) shifted this date two years earlier.
The findings in this particular investigation are based on the analysis of the content retrieved from several C&C servers used by Flame. This information was recovered despite the fact that Flame’s control infrastructure went offline immediately after Kaspersky Lab disclosed the existence of malware. All servers were running the 64-bit version of the Debian operating system, virtualized using OpenVZ containers. Most of the servers’ code was written in the PHP programming language. Flame’s creators used certain measures to make the C&C server look like an ordinary Content Management System, in order to avoid attention from the hosting provider.
Sophisticated encryption methods were utilized so that no one, but the attackers, could obtain the data uploaded from infected machines. The analysis of the scripts used to handle data transmissions to the victims revealed four communication protocols, and only one of them was compatible with Flame. It means that at least three other types of malware used these Command and Control servers. There is enough evidence to prove that at least one Flame-related malware is operating in the wild. These unknown malicious programs are yet to be discovered.
Another important result of the analysis is that the development of the Flame C&C platform started as early as December 2006. There are signs that the platform is still in the process of development, since a new, yet not implemented protocol called the “Red Protocol” was found on the servers. The latest modification of the servers’ code was made on May 18, 2012 by one of the programmers.
“It was problematic for us to estimate the amount of data stolen by Flame, even after the analysis of its Command and Control servers. Flame’s creators are good at covering their tracks. But one mistake of the attackers helped us to discover more data that one server was intended to keep. Based on this we can see that more than five gigabytes of data was uploaded to this particular server a week, from more than 5,000 infected machines. This is certainly an example of cyber espionage conducted on a massive scale,” commented Alexander Gostev, Chief Security Expert, Kaspersky Lab. 
Here we want to remind you that after the episode of 'Duqu'; In the middle of this year The Iranian Computer Emergency Response Team (MAHER) claims to have discovered a new targeted Stuxnet attacking the country's internal system. This newly found Stuxnet have been dubbed Flame (also known as Flamer or Skywiper). Later it was spotted in the wild when software giant Microsoft confirmed that its Windows Server Update Services (WSUS), Windows Update (WU) has been infected by Flame malware. Also in many fields, the name of 'Flame' was on the high node. 
For detailed analysis on Flame's command and control (C&C) servers click Here

-Source (Kaspersky)


SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Kaspersky Releases Linux Mail Security With Anti-malware, Anti-spam & Content Filtering

Posted by Avik Sarkar On 9/09/2012 12:59:00 am

Kaspersky Releases Linux Mail Security With Anti-malware, Anti-spam & Content Filtering 

Russian anti virus firm & security giant  Kaspersky Lab has released an anti-spam and anti-malware application called Linux Mail Security which can be integrated into different type of Linux-based mail server to fight spam and block malicious attachments. The latest spam-fighting features – including Reputation Filtering and Enforced Anti-Spam Updates Service  help to filter out zero-hour spam, while our new ZetaShield technology helps to shield businesses from zero-day and targeted attacks. Designed for integration with a range of Linux-based mail systems, Kaspersky Linux Mail Security delivers the security, flexibility and ease of management that businesses and ISPs demand. 

Key Features:- 
  • Advanced antivirus engine- Kaspersky Linux Mail Security includes the latest version of Kaspersky Lab’s award-winning antivirus engine – with behaviour stream signatures – to help detect and remove malicious attachments from incoming emails.

  • Zero-Day Exploit and Targeted Attack (ZETA) Shield- Kaspersky’s ZetaShield offers protection against unknown malware and exploits – to defend you from zero-day and zero-hour attacks and APTs (Advanced Persistent Threats).

Powerful Anti-Spam Engine- Kaspersky Linux Mail Security provides the latest version of Kaspersky’s anti-spam engine – including two powerful new technologies:
  • Enforced Anti-Spam Updates Service – uses push technology, directly from the Kaspersky cloud, to deliver real-time updates. By reducing the ‘update window’ from 20 minutes to approximately 1 minute, the Enforced Anti-Spam Updates Service helps to defend businesses against zero-hour spam and spam epidemics.
  • Cloud-assisted Reputation Filtering – fights against unknown spam, to enhance the spam capture rate and reduce the number of false positives.

Kaspersky Security Network -The cloud-based Kaspersky Security Network (KSN) gathers data from millions of participating users’ systems around the world to help defend your system from the very latest viruses and malware attacks. Potential threats are monitored and analysed – in real-time – to help block dangerous actions, before harm is caused.
Attachment filtering- The new Format Recogniser feature can filter attachments – using information about file type, name and message size. This helps businesses to enforce their email usage policy and can help to address corporate liability issues that can arise when users try to distribute illegal music or video files via the corporate email system.
Improved!Global Blacklists and Whitelists- In addition to creating corporate blacklists or whitelists, administrators can manage ‘allowed’ or ‘denied’ senders email – using IPv4 and IPv6, wildcards and regular expressions.
Personal Blacklists and Whitelists- Users also can create their own blacklists and whitelists.
Backup and personal backup with flexible search -Blocked email is quarantined in a backup system. If the system uses Microsoft Active Directory or OpenLDAP, individual users can access their personal backup via the web so they’re less likely to need to call your helpdesk.
Integration with most popular MTAs (Postfix, Sendmail, Exim, qmail and CommunigatePro)- Kaspersky Linux Mail Security lets you select the method of integration, depending on your choice of Mail Transfer Agent (MTA) – so you can integrate as a filter or using a Milter API.
Antivirus command line file scanner- The Kaspersky Anti-Virus On-Demand Scanner can be used for on-demand virus checking of objects – which can include directories, regular files and devices such as hard drives, flash drives and DVD-ROMs.
Amavisd-new- Kaspersky Linux Mail Security supports integration with Linux mail systems using the high-performance AMaViS interface.
Monitoring and Reporting features- 

  • SNMP (Simple Network Management Protocol) support – any type of event can be monitored using SNMP events and traps
  • A new dashboard gives an at-a-glance view of status and monitoring
  • Detailed, flexible reporting in PDF format – for customisable reports that help in the monitoring and analysis of security and policies
  • Notification system – informs administrators and document owners about policy violation incidents
  • Detailed logs – on all product actions, to help in identifying problems

Easy to deploy, maintain and manage- 

  • System administrators can run manual updates or set the rules for fully automatic updates of antivirus, anti-spam and ZetaShield
  • Integration with Active Directory and OpenLDAP
  • Rich email traffic management rules – administrators can create rules according to corporate security policies
  • IPv6 support
  • Scalable architecture – the entire system can be easily migrated from a test server to a production environment
Kaspersky Linux Mail Security will support the following Linux distributions - Red Hat Enterprise Linux 6.2 Server, Fedora 16, SUSE Linux Enterprise Server 11 SP2, Debian GNU/Linux 6.0.4 Squeeze, CentOS 6.2, openSUSE Linux 12.1, Ubuntu 10.04 LTS; 12.04 LTS, Mandriva Enterprise Server 5.2, FreeBSD 8.3, 9.0, Canaima 3.0, Asianux 4 SP1. 


For Detailed Information Click Here



SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Google's reCAPTCHA System Cracked By Hackers at Defcon Group

Posted by Avik Sarkar On 5/31/2012 07:23:00 pm

Google's reCAPTCHA System Cracked By Hackers at Defcon Group 949

Web-security under serious trouble, a group of hackers from Defcon Group 949 managed to crack Google's reCAPTCHA system with a success rate of better than 99 percent. Last week in LayerOne security conference in Los Angeles they demonstrated their research. But just an hour before the presentation, Google made improvements to its CAPTCHA system and fixed those flaws.
In their site they said - that they have developed everything using Ubuntu 10.04, Ubuntu 11.04, and Debian 6, however it should work on any Linux distribution without too much effort. The one thing we noticed when testing it on Ubuntu 12.04 is that it comes with a slightly different version of SoX, which has some changes which drops accuracy from 99% to around 60%. So for best results, you'll want to use SoX v14.3.0 (or v14.3.1). 

They have also developed a tool named "Stiltwalker" a proof of concept tool that defeats Google's reCAPTCHA with an insanely high accuracy (99%). All the research, code, tools and examples used in the reCAPTCHA domination made available to download for all.






SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Knoppix 7.0.1 With Kernel 3.3.7, LXDE, ADRIANE & Iceweasel 10

Posted by Avik Sarkar On 5/31/2012 07:12:00 pm

Knoppix 7.0.1 With Kernel 3.3.7, LXDE, ADRIANE & Iceweasel 10

Klaus Knopper, creator of Knoppix officially declared the general availability of its popular Live Linux distribution - Knoppix 7.0.1. This release includes a number of improvements and package upgrades, while removing proprietary packages, such as Adobe Reader. Version 7.0.1 of Knoppix is based on the usual picks from Debian stable (squeeze) and newer Desktop packages from Debian/testing and Debian/unstable (wheezy). It uses kernel 3.3.7 and LXDE (Lightweight X11 Desktop Environment) as its default desktop environment. The DVD version of Knoppix also includes a choice of GNOME 3.4 or KDE SC 4.7.4 (the current release is KDE SC 4.8.3 from early May), and additional packages such as VirtualBox 4.1.4. Package upgrades include version 3.5.3 of the LibreOffice productivity suite, Wine 1.5.4, Chromium 18 and Iceweasel 10, the re-branded version of the Firefox web browser for Debian. It now has version 1.4 of the open source ADRIANE (Audio Desktop Reference Implementation and Networking Environment) talking menu system for blind users. Other changes include better support for Broadcom Wi-Fi chipsets and experimental support for automatically detecting graphics cards with composite 3D extensions for the Compiz window manager. A full list of changes and new features can be found in the release notes.


To Download Knoppix 7.0.1 Click Here




SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Debian GNU/Linux 6.0.5 Released

Posted by Avik Sarkar On 5/17/2012 09:04:00 pm

Debian GNU/Linux 6.0.5 Released

Developers at Debian project is pleased to announce the fifth update of its stable distribution Debian 6.0 codenamed squeeze. According to the project release this update mainly adds corrections for security problems to the stable release, along with a few adjustments for serious problems. Security advisories were already published separately and are referenced where available. If you have Debian 6.0.x already installed, it is not necessary to reinstall, you only need to install all the latest updates from your nearest mirror site. 

What's new in Debian GNU/Linux 6.0.2:-
  • aide Properly support large files on 32-bit systems; fix group for bind9 log files
  • approx Don't try caching InRelease or non-.gz compressed files
  • apr Fix apr_ino_t changing size depending on -D_FILE_OFFSET_BITS on kfreebsd-*
  • apt Fix file size calculation on big-endian arches; don't prompt for CD re-insertion on "apt-get update"; add XZ support
  • apt-listchanges Correctly handle NEWS files containing only one entry
  • base-files Update /etc/debian_version
  • clive Adapt for liveleak.com changes
  • dbus Fix local DoS for system services (CVE-2011-2200)
  • deborphan Exclude libreoffice from --guess-section output; trap WINCH in a POSIX way; minor translation fixes
  • dokuwiki Fix an ACL bypass issue in the XMLRPC interface
  • dpkg Fix regression in 'dpkg-divert --rename'; dpkg-split: don't corrupt metadata on 32-bit systems; fix vsnprintf() compat declaration
  • e2fsprogs Various bug fixes
  • fakechroot Fix 'debootstrap --variant=fakechroot'
  • fcgiwrap Fix init script's 'stop' target
  • gdm3 Reset SIGPIPE handler before starting the session; execute the PostSession script even when GDM is killed or shut down
  • git Allow remove and purge in one step by terminating the git-daemon/log service before removing the gitlog user
  • gnome-settings-daemon Work around possible race condition when starting Xsettings manager
  • ia32-libs Refresh packages from stable and proposed-updates.
  • iceowl Security updates
  • im-config Avoid breaking login via GDM if im-config is removed but not purged
  • inn Stop using 'sort +1n' in makehistory; disable outdated CHECK_INCLUDED_TEXT option by default
  • josm Give more verbose explanation to users who haven't agreed to the new OSM license
  • kde4libs Wildcard SSL certificate and XSS security fixes; ktar checksum and UTF-8 longlink fixes
  • kdenetwork Improve fix for CVE-2010-1000 directory traversal issue
  • kernel-wedge Add hpsa and pm8001 to scsi-extra-modules; add bna to nic-extra-modules
  • kerneltop Increase line buffer size to 1024 bytes
  • klibc ipconfig: escape DHCP options and correctly handle multiple connected network devices (CVE-2011-1930)
  • krb5 Fix DoS; fix interoperability with w2k8r2 KDCs; fix invalid free and double free; don't make authentication fail if PAC verification fails
  • kupfer Use correct parameter type to allow keybindings to work again
  • libapache2-mod-perl2 Rebuild against apr 1.4.2-6+squeeze3 to pick up apr_ino_t size fix on kFreeBSD
  • libburn Don't create images with overly-restrictive permissions
  • libfinance-quotehist-perl Disable test suite, broken by website changes
  • libmms Fix alignment issues on arm
  • linux-2.6 New hardware support; add longterm 2.6.32.41; fix oops via corrupted partition tables
  • linux-kernel-di-amd64-2.6 Rebuild against kernel-wedge 2.74+squeeze3
  • linux-kernel-di-armel-2.6 Rebuild against kernel-wedge 2.74+squeeze3
  • linux-kernel-di-i386-2.6 Rebuild against kernel-wedge 2.74+squeeze3
  • linux-kernel-di-ia64-2.6 Rebuild against kernel-wedge 2.74+squeeze3
  • linux-kernel-di-mips-2.6 Rebuild against kernel-wedge 2.74+squeeze3
  • linux-kernel-di-mipsel-2.6 Rebuild against kernel-wedge 2.74+squeeze3
  • linux-kernel-di-powerpc-2.6 Rebuild against kernel-wedge 2.74+squeeze3
  • linux-kernel-di-s390-2.6 Rebuild against kernel-wedge 2.74+squeeze3
  • linux-kernel-di-sparc-2.6 Rebuild against kernel-wedge 2.74+squeeze3
  • lua-expat Fix the 'billion laughs' DoS attack
  • monkeysphere Fix monkeysphere-host revoke-key
  • nagios-plugins Allocate a big enough buffer to handle all IPs of hosts being pinged
  • nsd3 Remove statoverride before removing the package's user
  • openldap Fix possible database corruption issues, several security issues and dpkg-reconfigure
  • php-svn Rebuild against apr 1.4.2-6+squeeze3 to pick up apr_ino_t size fix on kFreeBSD
  • php5 Rebuild against apr 1.4.2-6+squeeze3 to pick up apr_ino_t size fix on kFreeBSD
  • pianobar Update API keys for XMLRPC v30
  • postgresql-8.4 New upstream bugfix release; fix pg_upgrade use with TOAST tables
  • prosody Fix the 'billion laughs' DoS attack
  • puppet Fix service provider to properly use update-rc.d disable API
  • python-apt Strip multiarch by default in RealParseDepends; add XZ support
  • python-gudev Add missing dependency on python-gobject
  • q4wine Stop shipping the library in lib64
  • qemu Don't register qemu-mips(el) with binfmt on mips(el)
  • qemu-kvm Fix division by 0 with some guests; fix vnc zlib overflow; don't abort on user hardware errors; fix migration on 32-bit
  • qt4-x11 Blacklist some fraudulent SSL certificates; fix weakness in wildcard certificate verification
  • rapidsvn Rebuild against apr 1.4.2-6+squeeze3 to pick up apr_ino_t size fix on kFreeBSD
  • refpolicy Various permissions fixes
  • reprepro Handle Release files which don't contain md5sums
  • ruby1.8 Fix upgrades from lenny by making libruby1.8 conflict/replace irb1.8 and rdoc1.8
  • samba Fix undefined symbol error from tdb2.so; several printing related bugs and a gid leak in winbind / idmap. Document the new and potentially disruptive 'map untrusted to domain'
  • schroot Fix loading of dchroot.conf
  • softhsm Remove statoverride entries before the package's user
  • sun-java6 New upstream security update
  • tzdata New upstream version
  • vimperator Resolve compatibility issues with iceweasel
  • widelands Fix potential security issue in Internet games
  • xenomai Adapt kernel patch to apply cleanly to squeeze's kernel
  • xserver-xorg-video-tseng Fix driver initialisation

To Download Debian 6.0 codenamed "squeeze" Click Here
  

-Source (Softpedia, Debian Project)

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Lynis A Security Auditing Tool For Unix

Posted by Avik Sarkar On 12/30/2011 06:15:00 pm


Lynis is an auditing tool for Unix (specialists). It scans systems to detect software and security issues. Besides security-related information, it will also scan for general system information, installed packages, and possible configuration mistakes. The software is aimed at assisting automated auditing, software patch management, and vulnerability and malware scanning of Unix-based systems.

Official Change Log:-
  • Profile option: ignore_home_dir
  • TCP wrappers category added
  • Tooling category added
  • Initial extensions to support plugins in the future
  • Test for unpurged Debian packages [PKGS-7346]
  • Test for compiler permissions [HRDN-7222]
  • Converted all dates to ISO format and updated copyright lines
  • Correct suggestion for file integrity tool [FINT-4350]
  • Added hint when RPM list is empty on DPKG based systems [PKGS-7308]
  • Changed logging for /etc/security/limits.conf file [KRNL-5820]
  • Fixed incorrect warning for single user mode [AUTH-9308]
  • Improved output for stratum 16 time servers [TIME-3116]
  • Added suggestion and screen output for kernel hardening [KRNL-6000]
  • Screen layout optimalizations and log file improvements
  • Improved list/layout of scan options
  • Improved binary check for compilers
  • Added configuration option in scan profile (show_tool_tips, default true)

To Download Lynis Click Here


SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

sqlsus v0.7 (SQL Injection and Takeover Tool)

Posted by Avik Sarkar On 11/04/2011 09:27:00 pm


sqlsus is an open source MySQL injection and takeover tool, written in perl. Via a command line interface, you can retrieve the database(s) structure, inject your own SQL queries (even complex ones), download files from the web server, crawl the website for writable directories, upload and control a backdoor, clone the databases, and much more. sqlsus is an open source (My)SQL injection tool, written in perl. It focuses on speed and efficiency, optimising the available injection space. It provides an easy to use interface with lots of neat features.

Features of Sqlsus v0.7:-
  • Added time-based blind injection support (added option “blind_sleep”, and renamed “string_to_match” to “blind_string”).
  • It is now possible to force sqlsus to exit when it’s hanging (i.e.: retrieving data), by hitting Ctrl-C more than twice.
  • Rewrite of “autoconf max_sendable”, so that sqlsus will properly detect which length restriction applies (WEB server / layer underneath). (removed option “max_sendable”, added options “max_url_length” and “max_inj_length”)
  • Uploading a file now sends it into chunks under the length restriction.
  • sqlsus now saves variables after each command, so that forcing it to quit (or killing it) will not discard the changes that were made.
  • Added a progress bar to inband mode, sqlsus now determines the number of rows to be returned prior to fetching them.
  • get db (tables/columns) in inband mode now uses multithreading (like everything else).
  • clone now uses count(*) if available (set by “get count” / “get db”), instead of using fetch-ahead.
  • In blind mode, “start” will now test if things work the way they should, by injecting 2 queries : one true and one false.
  • sqlsus now prints what configuration options are overridden (when a saved value differs from the configuration file).
To Download sqlsus (My SQL Injection Tool) 

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Ubuntu 11.10 (Oneiric Ocelot) Released & Available For Download!!

Posted by Avik Sarkar On 10/13/2011 07:55:00 pm


Finally the countdown is over and now Ubuntu 11.10 (Oneiric Ocelot) released. It has been six months in the making and has occupied the time of a cast of thousands, finally the Debian derived GNU/Linux distribution we have all been waiting for is here. Ubuntu 11.10 the Oneiric Ocelot is released.
For more information about this release cheek the Ubuntu Wiki page

So what are you waiting for. Lets download Ubuntu 11.10 and enjoy.
 


-News Source (Ubuntu)


SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Countdown Begins, Ubuntu 11.10 (Oneiric Ocelot) Will be Available Within Few Hours

Posted by Avik Sarkar On 10/13/2011 05:11:00 pm


It has been six months in the making and has occupied the time of a cast of thousands, finally the Debian derived GNU/Linux distribution we have all been waiting for is here. Ubuntu 11.10 the Oneiric Ocelot is released on October 13th. Finally that day came. But we need to wait a little more to fell the 11.10 oneiric Ocelot. 
VOGH talked with Ubuntu  developer Team about this release and accroding to them:-
"Today we release Ubuntu 11.10: Oneiric Ocelot after a busy six months of work. Thank you to everyone who participated in this release and put their brick in the wall. We had many wonderful contributions from developers, testers, translators, authors, advocates, accessibility folks, marketeers, programmers, governors, and more. I am looking forward to seeing the release hit the tubes. :-)
This week I have been in London all week for the release week, and it has been a hectic, but useful week. I also used this week to take advantage of the timezone and hop on the phone with some community members on this side of the pond. Thanks to all those for the calls.
Speaking of this side of the pond, I am excited to be able to go to the London release party which takes place tonight on Thu 13th Oct 2011 from 6.30pm at The Cask Pub at 6 Charlwood Street, Pimlico, London, SW1V 6EE. Thanks to the Ubuntu UK team for putting together the party, and it looks like there will be a great crowd there."

All VOGH readers Please check out the event here and register if you plan on coming so the team has an idea of numbers.

Oneiric Release Schedule
  • June 2nd Alpha 1
  • June 30th Alpha 2
  • August 4th Alpha 3
  • September 1st Beta 1
  • September 22nd Beta 2
  • October 13th Ubuntu 11.10
Oneiric will be the second release of Ubuntu to be made available on the 13th, the last being Ubuntu 5.10 Breezy Badger way back in 2005.

Release Schedule of Ubuntu:-
  • Ubuntu 4.10 20th October
  • Ubuntu 5.10 13th October
  • Ubuntu 6.10 26th October
  • Ubuntu 7.10 18th October
  • Ubuntu 8.10 30th October
  • Ubuntu 9.10 29th October
  • Ubuntu 10.10 10th October

10 of the new features implemented in the Ubuntu 11.10 (Oneiric Ocelot):-
1. Breathtaking login manager (a.k.a login screen or display manager)
2. Lots of Unity launcher, Unity Dash, and Unity panel improvements, including smart application finder when dragging different files, unread counters for Mozilla Firefox, Mozilla Thunderbird, Empathy and Pidgin, and smart search in Dash.
3. Awesome backup up tool, called Deja Dup, that will backup and restore all the files (yes, including the hidden ones) in your home folder.
4. Mozilla Thunderbird 7.0 as the default email client (replacing Evolution Mail and Calendar, which has been completely removed from the system).
5. Mozilla Firefox 7.0 as the default web browser!
6. Brand-new ALT+Tab functionality that will work across multiple desktops.
7. Improved office suite - LibreOffice 3.4
8. Easily access various settings straight from the Unity panel, to setup your monitor, bluetooth devices, startup applications, printers, USB devices, and system updates.
9. Simplified and good looking file manager - Nautilus 3
10. Breathtaking Ubuntu Software Center!

-News Source (Ubuntu)


SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Linux Mint Debian 201109 Final (Gnome & Xfce) Released!

Posted by Avik Sarkar On 9/20/2011 04:31:00 pm


Linux Mint Debian 201109 Final Edition (Gnome & Xfce) Released.

What is LMDE:-
  • Linux Mint Debian Edition (LMDE) is a rolling distribution based on Debian Testing.
  • It’s available in both 32 and 64-bit as a live DVD with Gnome or Xfce.
  • The purpose of LMDE is to look identical to the main edition and to provide the same functionality while using Debian as a base.

What’s new in this Release:-
  • All Linux Mint 11 features
  • Installer improvements (keyboard variants, locale, bug fixes, UUID in fstab)
  • Update Packs, dedicated Update Manager and staged repositories
  • GTK2/GTK3 theme compatibility
  • Updated software and packages
Multi-core and multi-CPU support in 32-bit kernel:-

To guarantee compatibility with non-PAE processors, the 32-bit versions of Linux Mint Debian come with a 486 kernel by default. This kernel does not support SMP, and as a consequence is only able to detect one core and one CPU. If your CPU has multiple cores, or if you have more than one CPU, simply install the 686-PAE kernel and reboot your computer.

To download LMDE Click Here

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Related Posts Plugin for WordPress, Blogger...

Site search