Featured Linux Articles - Page 18

Need an in-depth introduction to a new security topic? Our features articles will bring up up-to-date on everything from buffer overflows to SE Linux policy development.

The Dual Edge of Open Source: Examining Key Benefits and Security Challenges

Open-source software (OSS) adoption has increased dramatically over recent years due to its flexibility and cost-cutting benefits, but whether or not OSS is completely safe is often controversial. Due to its open and collaborative nature, this t...
Dec 04, 2024
  0

Understanding Open Source: Benefits and Security Challenges of OSS

Open-source software (OSS) adoption has increased ...
Dec 04, 2024
  0
28.Lock Globe Esm H115

Enhance Your Business Agility and Security with Low-Code Platforms

What if your team could build an app in days, not month...
Dec 03, 2024
  0
8.Locks HexConnections CodeGlobe Esm H115

Discover LinuxSecurity Features

Malware - Future Trends

Malware - Future Trends

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Malware has truly evolved during the last couple of years. Its potential for financial and network based abuse was quickly realized, and thus, tactics changed, consolidation between different parties occurred, and the malware scene became overly monetized, with its services available on demand.

profile image Brittany Day
Hacks From Pax: Using AIDE to Ensure System Integrity

Hacks From Pax: Using AIDE to Ensure System Integrity

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Today in Hacks From Pax we'll talk about AIDE, a host intrusion detection system. AIDE can provide another important layer of security for a system, specifically a layer designed not to keep intruders out per se, but to notify administrators of a possible compromise or intrusion. By itself it won't prevent a successful intrusion, but it can help prevent the only thing worse: a successful intrusion that you don't know about yet.

profile image Brittany Day
EnGarde v3 Now Available!

EnGarde v3 Now Available!

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Guardian Digital is pleased to announce the release of EnGarde Community v3.0. This release represents the most significant number of improvements since the first version released more than four years ago. If you haven't tried EnGarde recently, then I'm certain you'll be equally as excited about this release as we are. Completely redesigned web interface, firewall functionality, integrated Security-Enhanced Linux protection, and completely free updates are just a few of the outstanding new benefits.

profile image Benjamin D. Thomas

Contribute to LinuxSecurity

Don’t sit on the sidelines of history. Join the Linux Security community
and write real news & articles about Linux that matters the most.

Contribute Now
Guide to IP Spoofing Protection

Guide to IP Spoofing Protection

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

A 1989 article titled "Security Problems in the TCP/IP Protocol Suite" by S. M. Bellovin explored IP Spoofing attacks. Bellovin described how Robert Morris, creator of the now infamous Internet Worm, figured out how Transmission Control Protocol (TCP) created sequence numbers, which is how he forged a packet sequence. This IP spoofing attack included the victim’s destination address and the ability to obtain root access to his targeted system without a User ID or password. In this article, we will discuss what IP spoofing is, its various types, how to detect or prevent attacks, and review some newer forms of IP spoofing that are being discussed in modern cybersecurity trends.

profile image Benjamin D. Thomas
Hacks From Pax: PHP Web Application Security

Hacks From Pax: PHP Web Application Security

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Today on Hacks From Pax we'll be discussing PHP web application security. PHP is a great language for rapidly developing web applications, and is very friendly to beginning programmers, but some of its design can make it difficult to write web apps that are properly secure. We'll discuss some of the main security "gotchas" when developing PHP web applications, from proper user input sanitization to avoiding SQL injection vulnerabilities.

profile image Brittany Day
Pull the Plug Revisited: An Interview Five Years Later

Pull the Plug Revisited: An Interview Five Years Later

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Five years after our original interview with Brian Gemberling, founder of PullthePlug.org, we catch up with Daniel Alvarez and the rest of the site's administrative management. Its structured management and focus on the community will ensure many years of continued success. You're asking, what is pull the plug? Read more to find out...  

profile image Benjamin D. Thomas
Hacks From Pax: Linux File & Directory Permissions Mistakes

Hacks From Pax: Linux File & Directory Permissions Mistakes

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Greetings, gentle reader, and welcome to linuxsecurity.com and our new recurring series of articles on security related mistakes and how to avoid them. I'm your host, Pax Dickinson, and today we'll be reviewing basic Linux file and directory permissions and how to avoid some common pitfalls in their use, in this episode of Hacks From Pax.

profile image Anthony Pell
Are Your Servers Secure?

Are Your Servers Secure?

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

In a word, No. No machine connected to the internet is 100% secure. This doesn't mean that you are helpless. You can take measures to avoid hacks, but you cannot avoid them completely. This is like a house — when the windows and doors are open then the probability of a thief coming in is high, but if the doors and windows are closed and locked the probability of being robbed is less, but still not nil.

profile image Blessen Cherian
Getting to Know Linux Security: File Permissions

Getting to Know Linux Security: File Permissions

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Welcome to the first tutorial in the 'Getting to Know Linux Security' series. The topic explored is Linux file permissions. It offers an easy to follow explanation of how to read permissions, and how to set them using chmod. This guide is intended for users new to Linux security, therefore very simple. If the feedback is good, I'll consider creating more complex guides for advanced users. Please let us know what you think and how these can be improved. If you have ideas for future topics, please post them in the discussion forum below.  

profile image Benjamin D. Thomas
The Tao of Network Security Monitoring: Beyond Intrusion Detection

The Tao of Network Security Monitoring: Beyond Intrusion Detection

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

The Tao of Network Security Monitoring is one of the most comprehensive and up-to-date sources available on the subject. It gives an excellent introduction to information security and the importance of network security monitoring, offers hands-on examples of almost 30 open source network security tools, and includes information relevant to security managers through case studies, best practices, and recommendations on how to establish training programs for network security staff.

profile image Benjamin D. Thomas
Encrypting Shell Scripts

Encrypting Shell Scripts

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Do you have scripts that contain sensitive information like passwords and you pretty much depend on file permissions to keep it secure? If so, then that type of security is good provided you keep your system secure and some user doesn't have a "ps -ef" loop running in an attempt to capture that sensitive info (though some applications mask passwords in "ps" output). There is a program called "shc" that can be used to add an extra layer of security to those shell scripts. SHC will encrypt shell scripts using RC4 and make an executable binary out of the shell script and run it as a normal shell script. This utility is great for programs that require a password to either encrypt, decrypt, or require a password that can be passed to a command line argument.

profile image Duane Dunston
Linux Netwosix One Year Later

Linux Netwosix One Year Later

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

This brief article outlines the history and story behind Linux Netwosix, a security-focused distribution that is still in early stages of development. Vincenzo Ciaglia, its Italian founder, gives the Linux community an update on how the project has progressed after 11 months.

profile image Brittany Day
A 2005 Linux Security Resolution

A 2005 Linux Security Resolution

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

As a preface to this paper, I wanted to take a moment mourn the loss of the many tsunami victims worldwide. Our thoughts and prayers are with each of the victims and families. Donations to help in the relief effort can be made through the following organizations; World Vision; American Red Cross; Oxfam; and many others.

profile image Benjamin D. Thomas
State of Linux Security 2004

State of Linux Security 2004

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

In 2004, security continued to be a major concern. The beginning of the year was plagued with several kernel flaws and Linux vendor advisories continue to be released at an ever-increasing rate. This year, we have seen the reports touting Window's security superiority, only to be debunked by other security experts immediately after release. Also, Guardian Digital launched the new LinuxSecurity.com, users continue to be targeted by automated attacks, and the need for security awareness and education continues to rise.

profile image Benjamin D. Thomas
Users Respond with Constructive Feedback

Users Respond with Constructive Feedback

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

When the new version of LinuxSecurity.com was launched on December 1st, we also asked our readers to "Tell us what you think." You have spoken, and we appreciate that! We received hundreds of comments & requests, and have been addressing a majority of them. We thought it was important to share some of the comments with you. While some were purely positive acknowledgements, others were thoughtful criticisms. We take every critique into account and address each as resources become available or when the criticism becomes the concern of many.  

profile image Benjamin D. Thomas
Open Letter to the Linux Security Community

Open Letter to the Linux Security Community

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Welcome to the new LinuxSecurity.com! I must admit, I am really proud of what we have been able to accomplish over the years. LinuxSecurity.com has grown from a small idea that a couple of security geeks had in 1999, to a major and well respected Linux resource. With an all new look & feel, organizational changes, security events, and additions to our staff, we hope to better serve the Linux and open source community. Although there are many aesthetic improvements, a major part of our development has focused on creating a content structure and backend system that is easy to update.

profile image Benjamin D. Thomas
Mass deploying Osiris

Mass deploying Osiris

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Osiris is a centralized file-integrity program that uses a client/server architecture to check for changes on a system. A central server maintains the file-integrity database and configuration for a client and at a specified time, sends the configuration file over to the client, runs a scan and sends the results back to the server to compare any changes. Those changes are then sent via email, if configured, to a system admin or group of people. The communication is all done over an encrypted communication channel.

profile image Duane Dunston
A Decade of Internet Security

A Decade of Internet Security

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

As we get smarter, so will those trying to exploit the technology the Internet provides. What we can do is never give up the pursuit and after 10 full years of trying, I don't imagine that we ever will.

profile image Dave Wreski
AIDE and CHKROOTKIT

AIDE and CHKROOTKIT

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Implementing an accurate security analysis into your network security toolkit is vital in ensuring your company is secure against any and all cloud security breaches that head your way. Linux AIDE and CHKROOTKIT are incredibly useful services that can help protect your data and network security. This article will discuss these two programs, how they benefit users, and how to integrate them into your security practices.

profile image Brittany Day

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved