Linux Network Security - Page 14

Discover Network Security News

Managed security service packs a lot of protection into one box

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

As more and more critical applications and services move to the cloud, organizations are increasingly receptive to the idea of using a managed security service to protect their network and information assets. The number and types of external threats to a network are growing uncontrollably, and unless a company has a dedicated and highly specialized team devoted to network security, it's hard to keep up with the rapidly changing threat landscape. After all, the threats of the Internet are the same for every company regardless of its size.

Alex
Jan 04, 2010

Understanding Cloud Taxonomies and Security

OWASP AppSec DC 2009 had a compelling session that defined cloud taxonomies and the security implications associated with the cloud computing. The three taxonomies that have become part of our vernacular are: 1. Infrastructure as a Service (IaaS): Set of virtualized components that can be assembled to build a application. Amazon EC2, Rackspace, Opsource, and GoGrid are examples of IaaS where you can rent "virtual" hardware and software as a "pay-as-you-go" services. If you need 5 Linux servers running MySQL Database for 3 months, you'd subscribe to an IaaS provider and using their REST or Web service-based API (or command line if you're too cool) to provision, de-provision and monitor your instance.

Alex
Dec 30, 2009

26C3: Network design weaknesses

At the 26th Chaos Communication Congress (26C3) in Berlin, security researcher Fabian Yamaguchi demonstrated a number of vulnerabilities that can apparently be found in many average communication networks and affect all levels from the access layer to the application layer. Attackers exploit many minor design flaws which allow "dangerous attacks" when combined, explained the Berlin-based security expert who last year investigated vulnerabilities in the basic TCP internet protocol. Overall, the "bugs" can reportedly be exploited to hijack a proxy server such as Squid and control all of the network traffic that flows through it.

Anthony Pell
Dec 29, 2009

Amazon hit by DDoS attack

Internet users in parts of California were hit by DDoS attack preventing them from reach several sites. including Amazon. The sites' DNS provider, UltraDNS, was targeted by the DDoS attack. Amazon Web Services (AWS) was the first to signal something was amiss and began investigating a problem at 5.43 pm Pacific Time, The problem persisted until 6:38 pm, but in the meantime the S3 service continued to operate, AWS said.

Anthony Pell
Dec 24, 2009

Metasploit 3.3.3 Released

Metasploit provides useful information to people who perform penetration testing, IDS signature development, and exploit research. This project was created to provide information on exploit techniques and to create a useful resource for exploit developers and security professionals. The tools and information on this site are provided for legal security research and testing purposes only. Metasploit is an open source project managed by Rapid7.

Anthony Pell
Dec 23, 2009

Pupils bypassing school internet security

Many young people are using 'proxy servers' to get round their schools' internet security systems. The free services offer instant access to banned websites, including online games and social networking. Figures suggest the use of proxies has risen sharply in recent years. Security experts are warning that pupils who log on put themselves at risk of cyber crime.

Anthony Pell
Dec 22, 2009

UK retail Wi-Fi security still patchy

Wi-Fi security in UK retail environments is improving, but shops remain vulnerable to the sorts of attacks carried out as part of the infamous TJX credit card heist.

Anthony Pell
Dec 21, 2009

Botnet Operators Infecting Servers, Not Just PCs

Botnet operators have always been able to easily infect and convert PCs into bots, but they also are increasingly going after servers -- even building networks of compromised servers. Web servers, FTP servers, and even SSL servers are becoming prime targets for botnet operators, not as command and control servers or as pure zombies, but more as a place to host their malicious code and files, or in some cases to execute high-powered spam runs.

Alex
Dec 17, 2009

Google Public DNS: DNS security threats and mitigations

Here's a great overview of DNS and its intrinsic security issues, and how Google hopes to address them, and improve the security of DNS on the Internet. Because of the open, distributed design of the Domain Name System, and its use of the User Datagram Protocol (UDP), DNS is vulnerable to various forms of attack. Public or "open" recursive DNS resolvers are especially at risk, since they do not restrict incoming packets to a set of allowable source IP addresses. We are mostly concerned with two common types of attacks:

Dave Wreski
Dec 05, 2009

Google wants to unclog Net's DNS plumbing

Google wants to speed up a key part of the Internet's inner workings called the Domain Name System and is inviting technically savvy folks to try their ideas out. The DNS is a crucial part of the Internet. It converts the text addresses people can remember into the numeric Internet Protocol addresses actually used to locate information on the Internet. For example, CNET.com's IP address is 216.239.122.102.

Anthony Pell
Dec 04, 2009

Koobface Rears Up

News, of the latest iteration of the Koobface Botnet, has hit the blogosphere. Utilizing client based attack vectors, this evil bit of badness can

Alex
Dec 01, 2009

Bug puts net's most popular DNS app in Bind

Makers of Bind have warned of a security vulnerability in versions of the domain name resolution application that could allow attackers to trick servers into returning unauthorized results.

Alex
Nov 25, 2009

Tempting Those Blackhatted Poohs with a Taste of Virtual Honey

It isn

Alex
Nov 24, 2009

Using a Cisco Router as a

Have you ever thought about your routers. I mean - *really* thought about them? They think all day long, processing all of the packets in and out of your company

Anthony Pell
Nov 20, 2009

Cloud Security's Silver Lining: Q&A With ISF President Howard Schmidt

The bad guys of the Internet -- black hat hackers, scammers, and the like -- are becoming more organized and directed in their attacks, according to Howard Schmidt, president of the Information Security Forum. As companies begin looking toward cloud services, they're often wary of the problems they've faced in the past but also careful not to fall into the same traps again.

Anthony Pell
Nov 18, 2009

How Secure Is Cloud Computing?

Great interview with crypto-legend Whitfield Diffie. Cryptography solutions are far-off, but much can be done in the near term, says Whitfield Diffie. Cloud computing services, such as Amazon's EC2 and Google Apps, are booming. But are they secure enough? Friday's ACM Cloud Computing Security Workshop in Chicago was the first such event devoted specifically to cloud security.

Anthony Pell
Nov 17, 2009

Searching an Encrypted Cloud Searching

Recent advances in cryptography could mean that future cloud computing services will not only be able to encrypt documents to keep them safe in the cloud--but also make it possible to search and retrieve this information without first decrypting it, researchers say.

Anthony Pell
Nov 17, 2009

The Botnet Hunters

They're the Internet equivalent of storm chasers, spending endless hours scanning and sleuthing, looking for the telltale signs of botnets. Here's an inside look at the battle against cybercrime's weapons of mass infection.

Anthony Pell
Nov 17, 2009

DNS problem linked to DDoS attacks gets worse

Internet security experts say that misconfigured DSL and cable modems are worsening a well-known problem with the Internet's DNS (domain name system), making it easier for hackers to launch distributed denial-of-service (DDoS) attacks against their victims.

Alex
Nov 16, 2009

VeriSign: Major internet security update (DNSSEC) by 2011

VeriSign has said a significant outstanding internet security vulnerability will be closed by 2011, after delays caused by technical aspects of the implementation. The problem is that DNS, the Domain Name System that translates internet addresses such as website URLs into numerical values, can be seeded with false values and used to misdirect users.

Anthony Pell
Nov 16, 2009

Linux Network Security - Page 14

Harnessing Proxies for Enhanced Threat Intelligence: A Guide with Open Source Tools

Understanding HTTP Proxy Servers: A Vital Linux Network Security Tool

Exploring Vulnerability Scanners: Tools & Strategies for a Secure Network