Featured Linux Articles - Page 3

Need an in-depth introduction to a new security topic? Our features articles will bring up up-to-date on everything from buffer overflows to SE Linux policy development.

The Dual Edge of Open Source: Examining Key Benefits and Security Challenges

Open-source software (OSS) adoption has increased dramatically over recent years due to its flexibility and cost-cutting benefits, but whether or not OSS is completely safe is often controversial. Due to its open and collaborative nature, this t...
Dec 04, 2024
  0

Understanding Open Source: Benefits and Security Challenges of OSS

Open-source software (OSS) adoption has increased ...
Dec 04, 2024
  0
28.Lock Globe Esm H115

Enhance Your Business Agility and Security with Low-Code Platforms

What if your team could build an app in days, not month...
Dec 03, 2024
  0
8.Locks HexConnections CodeGlobe Esm H115

Discover LinuxSecurity Features

Hackers Corner: Complete Guide to Keylogging in Linux - Part 1

Hacker's Corner: Complete Guide to Keylogging in Linux - Part 1

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

This first part of the Complete Guide to Keylogging in Linux will explore keylogger attacks in network security. Keylogging can be valuable for testing within the Linux Security realm, so we will dive deeper into how you can write keyloggers and read events directly from a keyboard device on Linux.

profile image Brittany Day

Contribute to LinuxSecurity

Don’t sit on the sidelines of history. Join the Linux Security community
and write real news & articles about Linux that matters the most.

Contribute Now
Hackers Corner: Complete Guide to Keylogging in Linux - Part 3

Hacker's Corner: Complete Guide to Keylogging in Linux - Part 3

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

In Complete Guide to Keylogging in Linux: Part 1 and Complete Guide to Keylogging in Linux: Part 2, we discussed the basics of keylogging and a few options you can utilize to check your server for attacks in network security. This article will discuss what techniques you can implement to capture keyboard events within a Linux kernel.

profile image Brittany Day
Advanced Secure Coding Techniques for Linux Web Application Security

Advanced Secure Coding Techniques for Linux Web Application Security

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Cybersecurity is not static; it's a game of continuous evolution. As web applications burgeon, so too do the threats against them. Within Linux environments, where flexibility and open-source attributes are prized, secure coding practices, Linux devs can stand on vigilant watch against these proliferating dangers.

profile image Brittany Day
Guide to Secure Data Backup for Linux Users

Guide to Secure Data Backup for Linux Users

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Data security in a modern business environment is considered one of the most critical factors for any company. The digitalization of the world has led to more and more data being generated daily, including very sensitive data, such as internal business plans, customer payment data, etc.

profile image Duane Dunston
IaC Security Scanning: Ensuring Security in the Open-Source Environment

IaC Security Scanning: Ensuring Security in the Open-Source Environment

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

IaC, or infrastructure as code, is essential to most cloud-based applications. Implementing IaC has advantages that significantly increase the service's characteristics and efficiency. However, as well as its enormous value, IaC has certain security drawbacks, like the spreading of simple security issues on all the files or vulnerability to data exposure, which could greatly affect the security of an open-source environment.

profile image Brittany Day
Best Practices for WordPress Site Security on Linux Webservers

Best Practices for WordPress Site Security on Linux Webservers

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

At last count, W3Techs reported that 43.1% of all websites operating on the Internet today rely on the WordPress CMS. And of those, an overwhelming majority run on Linux servers. That immense popularity makes Linux servers running WordPress a prime target of hackers and other bad actors. As a result, such servers face an estimated 90,000 attacks every minute, every day.

profile image Duane Dunston
IPv6 approach for TCP SYN Flood attack over VoIP, Part I

IPv6 approach for TCP SYN Flood attack over VoIP, Part I

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

In this paper, we describe and analyze a network-based DoS attack for IP-based networks. It is known as SYN flooding. It works by an attacker sending many TCP connection requests with spoofed source addresses to a victim's machine. Each request causes the targeted host to instantiate data structures out of a limited pool of resources to deny further legitimate access.

profile image Benjamin D. Thomas
IPv6 approach for TCP SYN Flood attack over VoIP, Part III

IPv6 approach for TCP SYN Flood attack over VoIP, Part III

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

When a normal TCP connection starts, a destination host receives a SYN (synchronize/start) packet from a source host and sends back a SYN ACK (synchronize acknowledge). The destination host must then hear an ACK (acknowledge) of the SYN ACK before the connection is established. This is referred to as the "TCP three-way handshake."

profile image Benjamin D. Thomas
IPv6 approach for TCP SYN Flood attack over VoIP, Part IV

IPv6 approach for TCP SYN Flood attack over VoIP, Part IV

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Service Providers are scrambling to offer voice, video, data, and innovative services, such as gaming, interactive TV, and messaging, on a single pipe. At the same time, network equipment is being upgraded to IPV6. But some Real-Time IPV6 Security overwhelms performance due to the application intelligence, which is the rapid inspection of VoIP signaling SIP, H.323 and audio packets, and the prompt opening and shutting of "pinholes" to allow the passage of valid voice traffic over wireless networks.

profile image Benjamin D. Thomas
IPv6 approach for TCP SYN Flood attack over VoIP, Part V

IPv6 approach for TCP SYN Flood attack over VoIP, Part V

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

In this paper, we describe and analyze a network-based DoS attack for IP-based networks. It is known as SYN flooding. It works by an attacker sending many TCP connection re¬quests with spoofed source addresses to a victim's machine. Each request causes the targeted host to instantiate data structures out of a limited pool of resources to deny further legitimate access. Part I Part II Part III Part IV

profile image Benjamin D. Thomas
Intel Fixes Microcode Bug that Could Expose Your Sensitive Data

Intel Fixes Microcode Bug that Could Expose Your Sensitive Data

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

It was discovered that a sequence of processor instructions for some Intel processors leads to unexpected behavior that could allow an authenticated local user to escalate privileges (CVE-2023-23583). This bug, dubbed "Reptar," could expose sensitive information or cause system crashes, resulting in denial of service attacks leading to loss of system access.  

profile image Brittany Day
Docker Container Security Vulnerability Management &Testing

Docker Container Security Vulnerability Management &Testing

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

In the dynamic landscape of contemporary software development, Docker containerization has emerged as a cornerstone, facilitating the efficient deployment and scaling of applications. However, fortifying their security measures becomes paramount as organizations increasingly embrace Docker containers.

profile image Duane Dunston
Testing for Password Cracking Attack Risks

Testing for Password Cracking Attack Risks

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Simple passwords can be incredibly weak, whether they match the username, are a blank password, or use keyboard combinations ("qwerty"). These types of passwords may be more accessible to remember, but they do not combat cybercriminals interested in stealing your information and threatening your data and network security.

profile image Anthony Pell

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved