Sptrace 1.4.2 released

New version of sptrace was released today. Sptrace is a secure ptrace() Linux Kernel Module (LKM). It limits users’ access to the ptrace() call. Module was updated to reflect changes in new kernel releases and tested with 2.6.26.

Continue reading “Sptrace 1.4.2 released”

Keep Doxyfile in sync with Autoconf

Generating Doxygen configuration file – Doxyfile from Autoconf is simple and helps to avoid duplication of version numbers, input and output directories and packages names. Doxyfile can be generated like Makefiles from Doxyfile.in by configure script.

Continue reading “Keep Doxyfile in sync with Autoconf”

Source code (security) auditing utilities available in Debian

Debian GNU/Linux provides several packages that can be used to audit C/C++ source code. First three search for programming errors that might lead to potential security flaws:

Next two tools find bugs in C and C++ source code by doing a static check too, but their checks are not security-related:

OpenWRT meets OpenDNS

To make whole home network use OpenDNS I need to change only 3 files on my OpenWRT router.

First step – resolv.conf

Create /etc/resolv.conf.opendns with OpenDNS servers addresses, eg:


Make sure /etc/resolv.conf defines as a name server.

Second step – dnsmasq

In /etc/config/dhcp set resolvfile variable:

option resolvfile '/etc/resolv.conf.opendns'

Restart dnsmasq with:

# /etc/init.d/dnsmasq restart

Continue reading “OpenWRT meets OpenDNS”

How to build RPM packages in CentOS chroot on… Debian!

Debian GNU/Linux has its sbuild and (much easier) pbuilder, but can you imagine that Debian includes software to create RPM-based chroots and build RPM packages under them?! Package called mach provides tool similar to pbuilder. It create chroots, manage them and allow user to create RPMs in separated, clear and reproducible environment. Just like packages should be build. Moreover its as easy to use as pbuilder is (if not even easier).
Continue reading “How to build RPM packages in CentOS chroot on… Debian!”

ESE Key Daemon 1.2.4 released

New version of ESE Key Daemon was released today.

Release notes:

  • Fixed cross-compilation bug reported by hartleys.
  • Removed debian directory (will try to include esekeyd in Debian).
  • Removed old directory (Linux 2.4 users can use 1.2.3, but 2.4 support is no longer maintained).
  • Removed lib directory (any modern (g)libc has getopt).

Download: esekeyd-1.2.4.tar.gz (.asc)

MD5: 5eb8d1b02cdd99d0681e946768e529db
SHA1: 12395b670dbf9ae93573e9cd5f57c51c3572a8aa

Web browser anonymity threats

Anonymity in important for many people. Few years ago, it was problematic issue only for hackers, human rights workers and anonymity freaks. They want to keep they identity in secret for obvious reasons. They were traced only by law enforcement agencies and government. Today everything is much more difficult. Hundreds of advertising agencies trying to reveal identity of people to target their commercials better.

Web browser can give them so many information. For example in which languages you speak (browser shares your language preferences with sites you visit)., in which city you live (this can be obtained from IP), how big is your computer display (web page can get your display resolution), what video player or office suite you have installed (they can query installed browser plugins) and much more...

Continue reading "Web browser anonymity threats"

How to mount file systems easily in Midnight Commander

Everyone know Midnight Commander default user menu (invoked with <F2> key). It contains some (more or less) useful commands and it is… customizable.

Default Midnight Commander User Menu

If you want to use different menu for some directory you just need to create file .mc.menu in target directory. I made a simple menu form /media/.

Continue reading “How to mount file systems easily in Midnight Commander”