Linux Network Security - Page 9

Discover Network Security News

Another DoS fix for Apache HTTP server

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

The update of the Apache HTTP Server (httpd) to version 2.2.18 earlier this month to close a denial of service (DoS) problem appears to have exposed a related DoS vulnerability. The developers have now released httpd 2.2.19 to fix this new problem which has been rated as moderately critical; however, as with the previous DoS vulnerability, it requires that mod_autoindex is enabled in the web server.

Anthony Pell
May 23, 2011

Cloud-based security as a service: It's catching on and here's why

When technology manager Lincoln Cannon wants to give his company's employees and business partners controlled access to various internal resources or cloud-based services the company uses, he goes to one cloud-based single sign-on security service to assign access privileges.

Anthony Pell
May 12, 2011

Phishing Becomes More Sophisticated

The successful use of phishing emails to breach secure organizations like Oak Ridge National Laboratory and EMC's RSA security division is a stark reminder of the serious threat posed by a type of attack that was previously dismissed as low-tech.

Anthony Pell
May 09, 2011

Sony PlayStation Network Down While Hacker Proof System Built

The Sony PlayStation network down news for PS3 and Qriocity players is sobering. The network has been down for several days following an "external intrusion" a.k.a. hacker attack. Sadly, the PSN will be down longer while more security is put in place.

Anthony Pell
Apr 25, 2011

Instant cloud server security

Centrify's Tom Cromelin could hardly kept his excitement down (well, he's a marketing guy -- they get excited when the logo gets a new color) when he wanted to tell me about the new release of Centrify Express 2011. To get the full flavor, let me give it to you in his words:

Anthony Pell
Apr 05, 2011

Behind the curtain of a botnet business

A presentation at this week's LEET '11, a USENIX workshop on large-scale exploit and emergent threats, delves into the inner workings of the underground economy, specifically the rental and operation of spam botnets.

Alex
Mar 30, 2011

GoDaddy: We're ready to secure .com names with DNSSEC

With more than 47 million domain names under management, GoDaddy has a huge DNS infrastructure that it has upgraded to support the emerging Internet security standard known as DNSSEC for DNS Security Extensions.

Anthony Pell
Mar 23, 2011

3 simple reasons VoIP abuse will grow

In its recent annual security report, Cisco predicted VOIP abuse as a potential area for cyber crime growth. "Criminals use brute-force techniques to hack private branch exchange (PBX) systems to place fraudulent, long-distance calls; usually international," the report states. "These incidents, often targeting small or midsize businesses, have resulted in significant financial losses for some companies."

Alex
Mar 09, 2011

Hybrid cloud computing security: Real life tales

Mixed IT infrastructures, including cloud and non-cloud systems, will be the norm at many companies for many years. Learn about key cloud security concerns and solutions from three early cloud users. For all the talk about public clouds versus private clouds, many organizations will likely end up with a mixed IT environment that includes both types of cloud as well as non-cloud systems and applications

Alex
Feb 28, 2011

Securing road warriors' communications

In the first article of this two-part series, I looked at physical protection of laptop computers outside the office. Today we'll review fundamentals of protecting data and data communications. This pair of articles is designed to be useful in security-awareness training for employees who take corporate laptop computers out of the office.

Alex
Feb 23, 2011

Security vulnerabilities galore in social networks

A new web site, socialnetworksecurity.org, has been set up to publish details of security vulnerabilities in social networks such as Facebook, Lokalisten, Friendscout24.de, wer-kennt-wen.de and XING. Most of the vulnerabilities listed could be exploited for cross-site scripting (XSS) attacks. Jappy.de, for example, contains one such vulnerability which allows contacts' cookies to be stolen.

Anthony Pell
Feb 21, 2011

Cloud computing shackled by security concerns

A second area of focus must be in the way we understand and address threats. The threat landscape has evolved dramatically in the past three years: Starting in 2008 with the growing ability of viruses and malware to evade anti-virus signature technologies; to the pandemic scale of attacks launched by criminals in 2009 for profit; to more sophisticated attacks organised by nation states in 2010.

Alex
Feb 17, 2011

Vulnerability management tools: Dos and don'ts

DON'T shortchange remediation. Surprisingly, organizations will perform vulnerability scans, or hire someone to conduct a scan, get a report and then not follow through. They may cherry-pick one or two critical items and neglect the rest. The result is that the organization has spent time and money without doing much for its security.

Alex
Feb 14, 2011

Beating Back the Botnets

Botnets are insidious. They spread like digital weeds and infect thousands to tens of thousands of machines at a time. Their only purpose is to enrich and empower the botnet owners as they infiltrate endpoints on consumer systems, colleges, and enterprises around the world. These botnets are used to send spam, launch denial of service attacks, and

Anthony Pell
Feb 03, 2011

Hackers turn back the clock with Telnet attacks

A new report from Akamai Technologies shows that hackers appear to be increasingly using the Telnet remote access protocol to attack corporate servers over mobile networks.

Anthony Pell
Jan 28, 2011

Could a new breed of DOS attacks make the cloud unaffordable?

The cloud is the current Next Big Thing in computing, and the Next Big Thing in attacks could be a new breed of economic denial-of-service attacks intended to use up resources and drive up the cost of cloud computing, warns a senior security researcher at Adobe Systems.

Anthony Pell
Jan 20, 2011

Waledac Botnet Makes Its First Push Of The New Year

An old threat has reappeared in the new year, researchers said this week. According to a blog by researchers at Websense, the Waledac botnet appeared in a new version in the last days of 2010, sending out large amounts of new year-related spam messages.

Alex
Jan 19, 2011

Wireshark updates address vulnerabilities

The Wireshark development team has released version 1.2.14 and 1.4.3 of its open source, cross-platform network protocol analyser. According to the developers, the security updates address a high-risk vulnerability (CVE-2010-4538) that could allow a remote attacker to initiate a denial of service (DoS) attack or possibly execute arbitrary code on a victim's system.

Anthony Pell
Jan 13, 2011

Amazon

Alex
Jan 12, 2011

Amazon cloud enables wireless hacks

Amazon

Anthony Pell
Jan 10, 2011

Linux Network Security - Page 9

Harnessing Proxies for Enhanced Threat Intelligence: A Guide with Open Source Tools

Understanding HTTP Proxy Servers: A Vital Linux Network Security Tool

Exploring Vulnerability Scanners: Tools & Strategies for a Secure Network

Discover Network Security News

Another DoS fix for Apache HTTP server

Cloud-based security as a service: It's catching on and here's why

Phishing Becomes More Sophisticated

Sony PlayStation Network Down While Hacker Proof System Built

Instant cloud server security

Behind the curtain of a botnet business

GoDaddy: We're ready to secure .com names with DNSSEC

3 simple reasons VoIP abuse will grow

Hybrid cloud computing security: Real life tales

Securing road warriors' communications

Security vulnerabilities galore in social networks

Cloud computing shackled by security concerns

Vulnerability management tools: Dos and don'ts

Beating Back the Botnets

Hackers turn back the clock with Telnet attacks

Could a new breed of DOS attacks make the cloud unaffordable?

Waledac Botnet Makes Its First Push Of The New Year

Wireshark updates address vulnerabilities

Amazon

Amazon cloud enables wireless hacks

LinuxSecurity Poll

Which open source security automation tool do you use to protect against vulnerabilities?

Get the Latest News & Insights

News

Advisories

HOWTOs

Features

About Us

Powered By