Linux Network Security - Page 25

Discover Network Security News

Bad Web Habits Risk Our Security

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Security experts have blamed the continued prevalance of older viruses such as the Netsky and Mytob worms on people's bad habits. Attackers are abandoning traditional methods of sending malware via email, as they are too easy for virus scanners to spot. Instead, they are opting to include links in emails that direct recipients to infected web pages.

Bill Keys
Apr 04, 2007

Risky E-mail Use: What Government and Corporate users need to know

Whether it's government officials or company employees, e-mail users who send messages outside their official networks could be putting their organizations at risk for legal action, regulatory compliance problems, intellectual property thefts and more.

Bill Keys
Apr 03, 2007

IAB Chair Mulls DNS Security

IAB chair Olaf Kolkman says DNSSEC isn

Bill Keys
Mar 29, 2007

Enterasys Blades Add Security, Policy Routing to Switches

Enterasys Networks this week unveiled new blades for its Matrix N-Series flow switches that feature improved routing and security capabilities. The four new Diamond Distributed Forwarding Engines (DFEs), essentially new line cards, deliver high-density Gigabit Ethernet and 10 Gigabit Ethernet aggregation. The blades' architecture guarantees that only authorized users access information resources and prevents intruders from taking advantage of vulnerabilities to tap into business assets.

Bill Keys
Mar 27, 2007

Is Web 2.0 a Security Risk?

British firms are at risk of data leakage through their employees' increasing use of Web 2.0 technologies and social networking websites, security experts have warned. A survey of more than 1000 office workers found that 42 percent of those aged between 18 and 29 discussed work-related issues on social networking sites and blogs.

Bill Keys
Mar 26, 2007

VoIP Still Faces Security Hangups

After legal and regulatory victories, Internet voice remains a consumer play, as businesses remain skeptical. Though Internet voice providers are overcoming some regulatory and legal hurdles, the major barrier standing between them and the mainstream corporate market is still a glaring lack of security, analysts say.

Bill Keys
Mar 24, 2007

Novell Delivers Next-Generation Security Information solution

Novell introduced the latest version of Sentinel, its award-winning security information and event management solution. Representing a significant update from previous versions, Sentinel from Novell version 6.0 offers new capabilities for automating real-time monitoring of the enterprise security environment, identifying and remediating security incidents and documenting regulatory compliance.

Brittany Day
Mar 23, 2007

How to Make a Honeypot Network Security System Pay Off

Honeypots have largely been relegated to use by academia and antivirus vendors because most enterprise IT teams figure they're too expensive to run and could land their companies in legal trouble. But honeypots aren't as scary as all that, according to an expert on the topic who spoke at the InfoSec World Conference & Expo in Orlando Tuesday.

Bill Keys
Mar 22, 2007

A new day for business security

It might not seem as if a building security guard and a network administrator have much in common. But they do--and the distinction between the two is blurring more every day. It's true that the people who control building access from security desks and those securing computer networks both watch traffic and walk perimeters to safeguard an organization's assets. But now, technology, tighter security controls, federal regulations and potential cost benefits are bringing the two traditionally separate worlds together--and the convergence is driving industry alliances that may have seemed unusual in the past.

Brittany Day
Mar 20, 2007

Protection From The Inside Out

To stop data leakage, try a two-punch strategy that combines outbound content-monitoring tools with digital rights-management appliances. A disgruntled employee here, a careless one there, and just about any enterprise can find itself facing a mountain of trouble from confidential information made public. Help is at hand. Armed with increasingly sophisticated outbound-content monitors, information security officers finally have the weapons they need to conquer the threat of data leakage.

Bill Keys
Mar 19, 2007

Security Pro Zeroes in on Oracle Bugs

Bug hunter David Litchfield says the Oracle community shouldn't be so smug when it comes to database security. He represents NGS Software, which has serviced Oracle in the past and Microsoft at present. David Litchfield, a noted bug hunter, has made it his mission to tell the world that database software is insecure -- Oracle's database software in particular. Litchfield has been vocal in his criticism of Oracle, even calling for the resignation of Oracle Chief Security Officer Mary Ann Davidson.

Bill Keys
Mar 16, 2007

OpenBSD hit by 'critical' IPv6 flaw

A vulnerability in the way OpenBSD handles IPv6 data packets exposes systems running the traditionally secure open-source operating system to serious attack. A memory corruption vulnerability error exists in the OpenBSD code that handles IPv6 packets, Core Security Technologies said in an alert published Tuesday. Exploiting the flaw could let an attacker commandeer a vulnerable system, according to Core, which said it discovered the issue and crafted sample exploit code.

Brittany Day
Mar 15, 2007

New Shield Repelled Internet Backbone Attack

An attack in early February on key parts of the backbone of the internet had little effect, thanks to new protection technology, according to a report released this week. The distributed denial-of-service attack on the Domain Name System (DNS) proved the effectiveness of the Anycast load-balancing system, the Internet Corporation for Assigned Names and Numbers (ICANN) said in a document published on Thursday. ICANN regulates internet domain name and address registration and operates one of the main so-called root DNS servers.

Bill Keys
Mar 14, 2007

Zabbix: State-of-the-art network monitoring

Zabbix is an enterprise-class open source distributed monitoring solution for servers, network services, and network devices. It's easier to use and provides more functionality than Nagios or BigBrother.

Anthony Pell
Mar 13, 2007

RSS Security Threats With Financial Services

Web 2.0 technologies are penetrating deeper into the financial services sector as Enterprise 2.0 solutions, adding value to financial services. Analysts can leverage information sources to go beyond the obvious. Trading and Banking companies like Wells Fargo and E*Trade are developing their next generation technologies using Web 2.0 components; components that will be used in banking software, trading portals and other peripheral services.

Bill Keys
Mar 12, 2007

SMEs Wary of Online Backup Due to Security

The number one concern for small to medium-sized enterprises (SMEs) considering online backup is security and as a result less than 10pc of Irish SMEs are planning to invest in online backup in 2007, broadband player Magnet said today quoting research from iReach.

Bill Keys
Mar 08, 2007

IRC Bot a Growing Threat To Enterprise Networks

A new internet relay chat (IRC) bot is building an even larger zombie family that could pose a significant threat to enterprise networks, security researchers said today.

Brittany Day
Mar 07, 2007

sshguard: Protection for OpenSSH

Are you concerned about brute force dictionary attacks on SSH? Given the popularity of these attacks, you should be. sshguard is a new tool to help protect against such attacks. Although it is still in beta stage, it appears to work well.

Brittany Day
Mar 06, 2007

How Dangerous Is Skype?

There's been a lot information -- and misinformation -- available about whether Skype is dangerous to corporate networks and individual users. How dangerous is it? In this article, I'll separate the truth from the myths when it comes to Skype vulnerabilities.

Brittany Day
Mar 06, 2007

Single Packet Authorization

Countless pieces of software, protocols and complex interdependencies together form a system for which it is difficult to guarantee any particular property-particularly security. Even software specifically designed to enhance security can, at the behest of clever individuals armed with detailed knowledge, work to its detriment. Vulnerabilities have been discovered in all sorts of security software from firewalls to implementations of the Secure Shell (SSH) Protocol. For example, OpenSSH is developed by some of the most security-conscious developers in the world, and yet it occasionally contains a remotely exploitable vulnerability. This is an important fact to note because it seems to indicate that security is hard to achieve and, therefore, bolsters the case for a defense-in-depth approach. This article explores the concept of Single Packet Authorization (SPA) as a next-generation passive authentication technology beyond port knocking.

Brittany Day
Mar 06, 2007

Linux Network Security - Page 25

Harnessing Proxies for Enhanced Threat Intelligence: A Guide with Open Source Tools

Understanding HTTP Proxy Servers: A Vital Linux Network Security Tool

Exploring Vulnerability Scanners: Tools & Strategies for a Secure Network