Linux Network Security - Page 21

Linux Pentesting Distros: An Essential Tool for Strengthening Network Security

Maintaining robust network defenses requires a proactive approach to keep pace with today's rapidly evolving network security threats. One crucial element of an effective network security strategy is penetration testing, or staged attacks in network ...
Oct 10, 2024
  0

Enhancing Network Security with Linux Proxy Servers

Network security is of utmost importance for organizati...
Sep 30, 2024
  0
4.Lock AbstractDigital Esm H115

OPNsense 24.7 'Thriving Tiger': Elevating Open-Source Network Security and Performance

OPNsense 24.7 'Thriving Tiger" marks an impressive...
Jul 29, 2024
  0
18.WifiCutout Landscape Esm H115

Discover Network Security News

Chrooted SSH/SFTP On Fedora 7

Chrooted SSH/SFTP On Fedora 7

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

This document describes how to set up a chrooted SSH/SFTP environment on Fedora 7. The chrooted users will be jailed in a specific directory where they can't break out. They will be able to access their jail via SSH and SFTP. Do feel using a chroot environment helps in protecting your Linux box? It can protect your system by having chrooted users unable to effect anything thing else expect for their own environment. Have you used chroot for security, if so do you use it every time you add a new user?

Secure DNS? Not Just Yet

Secure DNS? Not Just Yet

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

In fact, there are a number of ways DNS can be subverted to provide bogus information. An attacker could gain access to the DNS server and change records or use one of the many publicly available tools to forge a response. He could insert bogus information into a DNS cache or add false information to your computer's host name table, as we've seen with numerous worms and Trojans. Many of these attacks are difficult to pull off, and they're often short-lived and relatively easy to detect and correct. Still, while they last, damage can be done. How can you make sure that the domain name you entered into your browser is leading you to the right place? There are some Firefox extensions that can make you aware of these fake sites. Do you use any of them?

IPSec vs. SSL VPNs

IPSec vs. SSL VPNs

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

When IP VPNs came on the scene in the late 1990s IPSec quickly established itself as the standard to provide secure network-layer connectivity over insecure IP networks, typically the Internet. The article brings up an interesting point about the increased complexity that comes along with many IPSec connections - the more people who wish to establish these VPNs, the more cumbersome it gets due to maintenance and installation procedures. System administrators may be interested in finding out how SSL VPNs are on the rise and can provide an alternative to repeated setups.

Mozilla rushes to fix regression bugs in Firefox

Mozilla rushes to fix regression bugs in Firefox

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Mozilla Corp. will rush another version of Firefox to users as early as next week, the company's user interface designer said Tuesday, to fix five bugs it introduced in last Wednesday's security update. Firefox 2.0.0.8 patched ten vulnerabilities, including three critical flaws, but also shipped with five regression bugs -- problems unintentionally introduced when code was changed to plug other holes. What do you think about the amount of Firefox security flaws being found. One thing is true is that they are taking the time to fix them and release patches as fast as possible to the end users.

NAC: Stand-Alone Appliances vs. Built Into the Infrastructure

NAC: Stand-Alone Appliances vs. Built Into the Infrastructure

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

The true question becomes, what kind of NAC should you invest in now that will provide sustaining value to your enterprise for years to come? In reality, the answer probably has more to do with the capabilities of the NAC system than its form factor. We'll first talk about which form makes sense in which deployments and then talk about the sustainable feature set. Read on for an interesting article on what to consider when applying NAC to your network infrastructure. Do you have any tips for helping someone implement a system that not only solves your NAC problems, but leaves it extensible enough in the future for any changes?

Secure Remote Access to Your Desktop

Secure Remote Access to Your Desktop

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Accessing your home server safely can be problematic, especially if you don't have a fixed IP address, but with Linux, DynDNS, PAM, and NX Free you can create a safe remote access path to your machine. Have you ever found your self needing to access your home computer while traveling? One thing you should think about is how can I do this securely? This article talks about some tips on how you can security have remote access to your home computer.

Top 14 VoIP Vulnerabilities

Top 14 VoIP Vulnerabilities

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

How are VoIP networks weak and vulnerable to attack and catastrophic failure? Securing VoIP Networks, the new book by Peter Thermos and Ari Takanen, looks at VoIP infrastructure and analyzes its vulnerabilities much as the Open Web Application Security Project did for Web-related vulnerabilities and Mitre did with its Common Weakness Enumeration dictionary for software. And it

Preventing Brute Force Attacks With BlockHosts

Preventing Brute Force Attacks With BlockHosts

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

In this article I will show how to install and configure BlockHosts on a Debian Etch system. BlockHosts is a Python tool that observes login attempts to various services, e.g. SSH, FTP, etc., and if it finds failed login attempts again and again from the same IP address or host, it stops further login attempts from that IP address/host. By default, BlockHosts supports services that use TCP_WRAPPERS, such as SSH, i.e. services, that use /etc/hosts.allow or /etc/hosts.deny, but it can also block other services using iproute or iptables. What do you think about software like BlockHosts? If users have strong passwords then software like BlockHosts will not be useful. Personal I don't like having my firewall change depending on if a script kiddie is trying a brute force attack on my network.

Firefox 3.0 Alpha Blocks Malware, Secures Plug-in Updates

Firefox 3.0 Alpha Blocks Malware, Secures Plug-in Updates

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

The malware blocker, which was first mocked up in June, will block Web sites thought to contain malicious downloads. The feature, a companion to the phishing site alert system in the current Firefox 2.0, will use information provided by Google Inc. to flag potentially-dangerous sites, warn anyone trying to reach those URLs with Firefox and automatically block access to the site. Have you tested out Firefox 3.0 Alpha 8? The ability to alert a users of a possible malware sites is an important security feature. I am interested in how this add-on works. Will there be any performance lose in using it extension?

Virus Protection With F-PROT Antivirus On Ubuntu Feisty Fawn

Virus Protection With F-PROT Antivirus On Ubuntu Feisty Fawn

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

This tutorial shows how you can install and use F-PROT Antivirus on an Ubuntu Feisty Fawn desktop. Although there aren't many Linux viruses out there, this can be useful if you often exchange files with Windows users - it can help you to not pass on any Windows viruses (that don't do any harm to Linux systems) to Windows users. F-PROT Antivirus for Linux is free for home use. This was the first time I have heard of F-PROT Antivirus. Personal I don't use any virus scanners on my Linux machines, but I happy to see that they are out there. Do you use any antivirus software on your Linux box?

Firefox 3 Secures Extensions

Firefox 3 Secures Extensions

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Those same extensions that add power to Firefox, generally speaking, could arguably represent a security risk as well. It's a security gap that Mozilla is now plugging with its Alpha 8 development release of its next generation Firefox 3 browser. The new security extensions are designed to make getting updates more secure by using SSL. Firefox have been struggling to keep their browser secure as of late. Do you think Firefox 3 will be more secure then the current release? One thing is for sure, is the developers are taking security more seriously.

10 tips for Securing Apache

10 tips for Securing Apache

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Even with Apache's focus on producing a secure product, the Web server can still be vulnerable to any number of attacks if you fail to take some security precautions as you build your server. In this article, Scott Lowe provides you with 10 tips that will help you keep your Apache Web server protected from predators. Any tips on how to make Apache more secure I am always interested in reading. Even having the correct permissions to web files helps protects the web server. This article talks about many other tips but what do you do to secure Apache?

Virus Protection With AVG Antivirus On Ubuntu

Virus Protection With AVG Antivirus On Ubuntu

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

This tutorial shows how you can install and use AVG Antivirus on an Ubuntu Feisty Fawn desktop. Although there aren't many Linux viruses out there, this can be useful if you often exchange files with Windows users - it can help you to not pass on any Windows viruses (that don't do any harm to Linux systems) to Windows users. When I think about virus scanning for desktops I think about a windows machine not a Linux machine. But as Linux and particularly Ubunutu becomes increasingly more popular so too we will see more viruses targeting Linux. However it's good to know that we have opensource virus scanners that we can use. Do you use a virus scanner on your Linux machine?

Nmap explained from an Ethical Hackers View

Nmap explained from an Ethical Hacker's View

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Nmap (Network MAPper) is a network scanner written by Gordon Lyon. It is a free and open source tool and is available at insecure.org with versions for Windows and Linux and is ubiquitous in its use. Nmap can be (and is) used to for instance, scan for open ports on a remote server, to detect the OS run on the server, what all services are running on the remote server and so on. In the hands of a ethical hacker Nmap can be used for helping to audit a network but it's also used by attackers. So this brings up the question is software like Nmap ethical?

Slammer, Other Older Threats Making a Comeback

Slammer, Other Older Threats Making a Comeback

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Gunter Ollmann, director of security strategy for IBM ISS, says Slammer is the most common network threat he and his fellow researchers find today, and there are likely more hosts infected by it now than when it first hit the Net. But it's not just Slammer that's made a comeback -- Ollmann says other "eradicated" malware is making a comeback as well, including older Web-based threats. This article is claiming the slammer worm is the most common network threat even today. I wonder what could be causing this? Aren't users keeping their operating systems up-to-date with the latest patches? One thing which I found interesting was anti-virus software don't always find this worm because they retire old signatures for performance reasons.

Points of Attack: PHP and Ajax

Points of Attack: PHP and Ajax

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

The more points of entry you allow, the more security risks you present. Add the complexity of Ajax to the mix, and it gets harder to tell exactly where the vulnerable spots of your web application are. Read on for a concise article on preliminary checks you should run on any PHP or Ajax application to ensure you're not opening up any possible venues of attack.

FireCAT 1.1 Released - Turn Firefox into a Security Platform

FireCAT 1.1 Released - Turn Firefox into a Security Platform

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

FireCAT is a Firefox Framework Map collection of the most useful security oriented extensions. It can be used to turn your favorite browser (Firefox) into a powerful security framework. Have you heard of FireCAT? I find it useful for doing security audits but it can other security tasks. Did you tested out the other features like information gathering or web proxying?

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved