Linux Network Security - Page 16

Linux Pentesting Distros: An Essential Tool for Strengthening Network Security

Maintaining robust network defenses requires a proactive approach to keep pace with today's rapidly evolving network security threats. One crucial element of an effective network security strategy is penetration testing, or staged attacks in network ...
Oct 10, 2024
  0

Enhancing Network Security with Linux Proxy Servers

Network security is of utmost importance for organizati...
Sep 30, 2024
  0
4.Lock AbstractDigital Esm H115

OPNsense 24.7 'Thriving Tiger': Elevating Open-Source Network Security and Performance

OPNsense 24.7 'Thriving Tiger" marks an impressive...
Jul 29, 2024
  0
18.WifiCutout Landscape Esm H115

Discover Network Security News

Wireshark 1.2.0 released

Wireshark 1.2.0 released

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Wireshark is the world's foremost network protocol analyzer, and is the de facto (and often de jure) standard across many industries and educational institutions. Wireshark development thrives thanks to the contributions of networking experts across the globe. It is the continuation of a project that started in 1998. Wireshark 1.2.0 has been released. This is the new stable release branch of Wireshark and many new and exciting features have been added since 1.0 was released.

New DOS attacks threaten wireless data networks

New DOS attacks threaten wireless data networks

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Forget spam, viruses, worms, malware and phishing. These threats are apparently old school when compared to a new class of denial-of-service (DOS) attacks that threaten wireless data networks. The latest wireless network threats were outlined in a talk here Thursday by Krishan Sabnani, vice president of networking research at Bell Labs, at the Cyber Infrastructure Protection Conference at City College of New York.

Clickjacking: Hijacking clicks on the Internet

Clickjacking: Hijacking clicks on the Internet

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Read on for info on this new security vulnerability, and learn exactly how it works. Lots of people seem to have an opinion on this article at CNET. Do you see this vulnerability as being a big problem for you? "Most exploits (like worms and attacks that take advantage of holes in software) can be patched, but clickjacking is a design flaw in the way the Web is supposed to work," Grossman said. "The bad guy is superimposing an invisible button over something the user wants to click on...It can be any button on any Web page on any Web site." The technique was used in a series of prank attacks launched on Twitter in February. In that case, users clicked on links next to tweets that said "Don't Click" and then clicked on a button that said "Don't Click" on a separate Web page. That second click distributed the original tweet to all of the Twitter user's followers, thus propagating itself rather quickly.

Hardened OS Vendor Builds Secure Virtual Layer For Network Devices

Hardened OS Vendor Builds Secure Virtual Layer For Network Devices

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Nice article from a press release at Interop. What kind of virtualization security does Linux have, and how does it compare? What steps do people take to secure their virtual servers?Ultrasecure operating system maker Green Hills Software is quietly providing some major network equipment manufacturers with an extra layer of security for its devices. Green Hills, which last fall released a commercial version of its hardened Integrity-178B operating system used in military fighter planes, is now leveraging that technology for the network, as well. Company officials here revealed they have built a secure virtualization platform for networking equipment based on a combination of the company's secure OS virtualization and networking technologies.

MD5 - The Internet has a Major Problem

MD5 - The Internet has a Major Problem

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Firstly, allow me to recap. A couple of days ago, I reported a presentation at the Chaos Computer Club conference in Berlin which outlined a major problem with the way Certificate Authorities handle message hashing, essentially this attack relied on well-known problems with the MD5 hash algorithm. Problems based on hash collisions, which were previously considered to be theoretical having been discovered in 2004, were now well-lodged within the domain of reality. Have you heard about the news about the reported problem with how Certificate Authorities are handling message hashing? Read on for more information on some security issues with the current Certificate Authorities.

Helping Protect Cookies With HTTPOnly Flag

Helping Protect Cookies With HTTPOnly Flag

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

The bottom line is this - while this cookie option flag does absolutely nothing to prevent XSS attacks, it does significanly help to prevent the #1 XSS attack goal which is stealing SessionIDs. While HTTPOnly is not a "silver bullet" by any means, the potential ROI of implement it is quite large. Notice I said "potential" as in order to provide the intended protections, two key players have to work together. This article looks at one way you can make your Web cookies more secure by using the Apache's extension called modsecurity. If you are interested in this please read on for more information and how you set this up on your own Apache web server.

Firefox Issues Eight Patches for Web Browser

Firefox Issues Eight Patches for Web Browser

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Mozilla has issued eight patches for its Firefox Web browser, three of which fix problems classified as critical.The patches come after security experts have recommended using a browser other than Microsoft's Internet Explorer 7 and older versions of IE due to a dangerous vulnerability. Microsoft is due to release an emergency patch for that problem Wednesday. Have you upgraded your Firefox install to the latest version yet? This article looks at the security issues that are handled by theses patches. Also this is the last release of updates to Firefox 2.0.

Metasploit Decloaking Engine

Metasploit Decloaking Engine

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

This tool demonstrates a system for identifying the real IP address of a web user, regardless of proxy settings, using a combination of client-side technologies and custom services. No vulnerabilities are exploited by this tool. A properly configured Tor setup should not result in any identifying information being exposed. Have you used Metasploit for your penetration testing? This article looks at the Decloaking Engine. If you want to learn more about this extension to Metasploit read on...

Linux and UNIX How To: Scripting SSH and SFTP

Linux and UNIX How To: Scripting SSH and SFTP

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

SSH is an indispensable tool that I use every day for file transfers, remote execution of tasks, setting up network port redirection between systems (tunneling), and securely driving a shell on a remote system. While the SSH commandline client on UNIX and Linux systems is how I interact most often with SSH servers on the remote end, there are times when it is helpful to script some action or series of actions rather than performing them interactively. This is where Python and paramiko come in. paramiko is a library for Python that provides a programmatic interface to SSH. This combination of Python and SSH allows you to drive SSH tasks you would normally perform manually. Do you use SSH or SFTP to make secure connections to your remote hosts? Do you want to automate this process? This article shows you a handy programming library call paramiko to help developing scripts that uses SSH or SFTP.

Keeping an Eye On Your Network with PasTmon

Keeping an Eye On Your Network with PasTmon

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

The PasTmon passive traffic monitor keeps an eye on your network, recording which clients are interacting with which services, when and how long things took. You can then use the application's PHP Web interface to investigate these figures to see if any host is connecting to Web services that it shouldn't, or is contacting services suspiciously more frequently than you would expect for normal operation, or when response times become excessively long. Knowing what traffic is going on your network is an important security practice. This article looks at the traffic monitoring software called PasTmon. Do you have any favorite security tools that you use on your network?

Set Up a SSH-Based Point to Point Connection

Set Up a SSH-Based Point to Point Connection

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

OpenSSH version 4.3 introduced a new feature: the ability to create on-the-fly "Virtual Private Networks" via the tunnel driver (the so-called "tun" driver). This allows you to create a network interface that bridges two physically disparate network segments in different locations. This article explains how to use SSH to set up SSH-based point to point connections with OpenSuse 11.0 which can then be used to create routes that create virtual private networks. This article will show you how to set up an on-the-fly Virtual Private Network with the tunnel driver. If you are interesting in setting up your own or want to learn more please read on...

OpenSSH Speed Tips and Tricks

OpenSSH Speed Tips and Tricks

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Although using public key authentication instead of passwords is a great method for increasing the security of SSH transfers, transferring SSH identity keys can be a royal pain. First, you create your key pairs; then, you copy the public key into the correct locations on all the machines you want to log into. The keys must be in a particular format, and you must go into the correct directory with the correct permissions. Fortunately, ssh-copy-id, a slick utility included with OpenSSH, makes it easy. This article looks a ways to make using OpenSSH more efficient. Do you have any tips, for using ssh?

Implementing VoIPER: VoIP Exploit Research Toolkit

Implementing VoIPER: VoIP Exploit Research Toolkit

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

With VoIP devices finding their way into the majority of major enterprises and a significant number of residential installations, the possible consequences of a security vulnerability that can be leveraged by malicious hackers are ever increasing

Zeroshell Delivers Big Network Services in a Small Package

Zeroshell Delivers Big Network Services in a Small Package

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Hand-rolling your own Linux-based network servers, routers and wireless access points is easier than ever largely because of the proliferation of tiny, specialized Linux distributions like Zeroshell. Zeroshell weighs in at just over 100 megabytes, making it perfect for embedded devices like PC Engines WRAP boards, Soekris boards, Mini-ITX, and other small form-factor computers Check out this lightweight Linux distro which is suited to delivering network security services running on embedded devices.

Analyzing Malicious SSH Login Attempts

Analyzing Malicious SSH Login Attempts

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Malicious SSH login attempts have been appearing in some administrators' logs for several years. This article revisits the use of honeypots to analyze malicious SSH login attempts and see what can be learned about this activity. The article then offers recommendations on how to secure one's system against these attacks. Have you ever looked at your ssh logs and notice attackers trying to get in? This article analyses those logs and presents some recommendations to show you how to make your ssh server more secure.

Access Remote Network Services with SSH Tools

Access Remote Network Services with SSH Tools

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

You probably rely on the services on your own private network -- wikis, mail servers, Web sites, and other applications you've installed. What happens when you have to leave the friendly confines of your network? With minimum exposure and few simple tools, you can get all of the comforts of home anywhere you can find an Internet connection. Do you want to learn how to use SSH tools to access services on a remote private network securely? Read on to find out about some of the features of SSH which you may not be familiar with.

Protecting a Web Application Against Attacks Through HTML Shared Files

Protecting a Web Application Against Attacks Through HTML Shared Files

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

"Many Web applications have a file-sharing feature that allows Web users to share files by uploading them to, and downloading them from, a Web-accessible file repository. Shared files may include HTML files and other files containing scripts that are executed by the browser in the security context of the user that downloads the file. This opens the door to a range of crossuser attacks, including attacks by former users and even attacks by a user of a virtual application instance against a different virtual instance of the same application. Such attacks are in essence XSS attacks, but the usual defenses against XSS are typically not available, because shared files cannot be sanitized." The title of this article caught my eye. This article looks at ways to protect your Web applications against attacks through HTML shared files. Read on for more information....

Firefox 3.1 will Have a Private Browsing Mode

Firefox 3.1 will Have a Private Browsing Mode

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Mozilla is adding a private browser feature to its forthcoming Firefox 3.1 release. Private browsing aims to help users make sure their Web browsing doesn't leave traces on their computers, said the function's developer, Ehsan Akhgari. Akhgari said. "Private browsing is only about making sure that Firefox doesn't store any data which can be used to trace your online activities -- no more, no less." Will you be using the new private browser mode that will be included in Firefox 3.1? Check out this article to learn more about it.

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved