Linux Network Security - Page 27

Linux Pentesting Distros: An Essential Tool for Strengthening Network Security

Maintaining robust network defenses requires a proactive approach to keep pace with today's rapidly evolving network security threats. One crucial element of an effective network security strategy is penetration testing, or staged attacks in network ...
Oct 10, 2024
  0

Enhancing Network Security with Linux Proxy Servers

Network security is of utmost importance for organizati...
Sep 30, 2024
  0
4.Lock AbstractDigital Esm H115

OPNsense 24.7 'Thriving Tiger': Elevating Open-Source Network Security and Performance

OPNsense 24.7 'Thriving Tiger" marks an impressive...
Jul 29, 2024
  0
18.WifiCutout Landscape Esm H115

Discover Network Security News

Voice Over IP Under Threat

Voice Over IP Under Threat

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

There has recently been considerable alarm about the possibility of a malicious code spreading via Skype. Skype is a system that allows voice communication over established Internet connections, in an environment very similar to that of telephone calls. It even allows calls to be made to telephones from a computer, with lower tariffs than that of a normal call. The real problem that a malicious code for Voice over IP (VoIP) would suppose is that it opens a whole new field for hackers to create new types of malware. Initially, one might think of malicious code that uses VoIP in order to propagate, as was the case with the Trojan mentioned at the beginning. In reality, this represents nothing more than finding a new communication channel.

Securing a Converged Network

Securing a Converged Network

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Network security has traditionally been viewed in business as more of a cost than a benefit. But the latest trends are towards converged networks where voice, video and data are sent over the same network infrastructure. This change presents new challenges for network professionals and network security is playing a bigger role than ever. Traditional voice only networks are circuit-switched and virtually secure. Sure they can be listened in on, but physical access is required which makes it much more difficult.

CSI: TCP/IP

CSI: TCP/IP

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Located on the less fashionable north end of the Las Vegas strip, the Riviera Hotel and Casino has seen better days. Even the girls in posters for the hotel's topless revue could use a makeover. But hey, it's cheap. Which is why 6,000 hackers have descended upon it for DefCon, billed as the "largest underground hacking event in the world." So while the hotel is no doubt happy for the business, it's also

Sniffing On Ethernet Undetected

Sniffing On Ethernet Undetected

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

All you need is a MAC and a dev and you can sniff without sending packets. So I have been in some tight spots where I had to sniff a password or two off the wire, or sniff some packets off the wire undetected and based on the packets content do something. So I tried a few things and this is what worked.

VOIP More Vulnerable

VOIP More Vulnerable

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

If you're talking over your IP network right now, then voice-over-IP should be at the top of your security priorities for next year. Securing enterprise IP voice hasn't been on most organizations' radar screens, mostly because VOIP so far hasn't been a popular target of attackers or bug hunters, nor have many organizations torn out their traditional voice systems altogether, anyway. But security experts say it's time to make VOIP security a priority.

DNS Security and Threat Mitigation

DNS Security and Threat Mitigation

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

The Internet is a seemingly limitless source of information. It provides the power of collective knowledge and information to a vast array of users who access innumerable resources for countless reasons. These resources are typically accessed by using a human readable name designed to be easily remembered, thus increasing the usability of the resource. These human readable names, as the very term implies, are for the sake of the human users. Network devices, however, find each other by using a number, referred to as IP (Internet Protocol) addresses. The Domain Name System is the service that maps the human readable names to device specific IP addresses creating the user friendly nature of networked systems.

Me code write good

Me code write good

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Viruses and worms pose some of the most formidable threats in the modern computer security land-scape. With some virus writers on the bleeding edge of technology, making use of 0-day exploits and innovative techniques to circumvent system security features. However, for every Blaster, there

Using Nepenthes Honeypots to Detect Common Malware

Using Nepenthes Honeypots to Detect Common Malware

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

In the past few years, a number of serious flaws in Windows have been exposed, including MS03-026 [ref 1], the flaw that Blaster [ref 2] used to spread in 2003, right up to the recent Mocbot/Wargbot worm [ref 3] which exploited MS06-040 [ref 4] from August 2006. The number of distinct pieces of malware exploiting these flaws has rapidly increased over the same time period. There are several variants of most worms and many more than that of most of the bot families, such as Agobot, Phatbot, Sdbot, and so on. As is now well-known, bots are collections of compromised "zombie" computers used together in a botnet network for nefarious purposes. In the paper, they give detection rates for newly capture malware range between 73% and 84% across four different antivirus engines. Clearly, relying on antivirus software is not going to work for everyone, all the time. In this paper we describe how a particular low-interaction honeypot, Nepenthes [ref 6], can be used to quickly alert an administrator to a network compromise. It captures malware and can assist in containing and removing the infection.

Packet Challenge: Fragments and a Blast from the Past

Packet Challenge: Fragments and a Blast from the Past

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

This time around, packets from one of my own DNS servers. If you would like to follow along, you can find the full unobfuscated packet trace here. (quick update... turns out that the router and DNS queries involved are part of www.nlnetlabs.nl, a network research labs that does experiment with DNS servers... so maybe this is all some side effect of an experiment they are running. Thanks to Don for pointing this out to me. After visiting their website, I did see a number of similar ICMP admin prohibited packets with flipped fragmentation bytes, but the embeded packet's source port was 80!

Why One Virus Engine Is Not Enough

Why One Virus Engine Is Not Enough

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

It is a well known fact that viruses, trojan horses, worms, spam, and other forms of malware present a real threat to all modern-day organizations and affect productivity and business operations negatively. According to the 2006 FBI Crime and Security Survey, 97% of organizations have anti-virus software installed, yet 65% have been affected by a virus attack at least once during the previous 12 months. Network World cited studies that placed the cost of fighting Blaster, SoBig.F, Sober and other email viruses at $3.5 billion for US companies alone. Similarly a 2006 study by the British government found that 43% of companies in the United Kingdom were infected by viruses during 2005.

WAN Acceleration: Best Practices for Preserving Security

WAN Acceleration: Best Practices for Preserving Security

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

As more and more enterprises undergo server centralization projects, new products will be introduced to improve network and application performance. By following basic security precautions, enterprises can ensure that these performance improvements do not come at the expense of data security.

Backdoors and Holes in Network Perimeters

Backdoors and Holes in Network Perimeters

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

The Supervisory Control and Data Acquisition (SCADA) system of a natural gas utility was compromised resulting in a reduction of operation. The breach was discovered when operator interfaces became unresponsive and the system was no longer acquiring data. As a result, the system was disconnected from the network and a combination of manual operation overrides and limited fail-over to a backup server went into effect until the environment could be restored. Technicians troubleshooting the incident identified the deletion of several core application files on the primary control server as the source of the problem.

The Changing Faces of Internet Security Threats

The Changing Faces of Internet Security Threats

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Increasingly, organizations are developing comprehensive security strategies and implementing a variety of online and on-demand security applications and services across the entire range of their IT operations. The need for fast, efficient and unobtrusive protection has led some security systems developers to become managed security service providers (MSSPs). In addition to delivering patches and system updates via automatic or on-demand downloads, MSSPs are broadening the range of security management services they provide.

Sniffin

Sniffin

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

This time we will install a network protocol analyzer to watch the traffic on our LAN from initiating and connecting a SIP call. The Wireshark open source project was formerly known as Ethereal. I used to work for a great company called Cybera as a programmer, and I was always fascinated by networking. I

Network Security

Network Security

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Most small business networks grow and evolve as the business grows. In one way, this is good. It shows the business is growing, becoming stronger. Unfortunately, from a network perspective, it can be a disaster in the making. Most small business networks are setup in a peer-to-peer (P2P) format. In contrast, large corporate networks are setup in a domain format. What does this mean to you? First, let us define the two network formats. In a P2P format every PC is responsible for its own security access. Basically, each PC is equal to every other PC in the network. These networks generally consist of less than ten computers and require a large amount of administrative overhead to function securely.

How well do you know your network?

How well do you know your network?

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

The information security officer for a network of healthcare centers in New York found an employee sending confidential payroll information to a recruiter. A California-based semiconductor manufacturing technology provider caught a worker e-mailing PowerPoint slides detailing product plans to a former colleague at a competitor to show off the "cool things" he was working on. A network administrator for a school district in Indiana nabbed a student trying to finagle school lunch account information stored on an off-limits server.

Hacking Tor, the Anonymity Onion Routing Network

Hacking Tor, the Anonymity Onion Routing Network

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

On October 4th one of our readers sent in a very worrying analysis of what appeared to be "traffic modification" (in his words) on the part of the Tor network. The Tor ("The Onion Router") network is an anonymizing peer-to-peer network of routers on the Internet which uses various techniques to bounce traffic around the Internet in such a way that traffic analysis becomes difficult if not impossible to perform. Tor is a perfect example of a dual-use technology: it can be used to avoid government-imposed Internet censorship or to protect the identity of a corporate whistleblower but at the same time it is sadly ideal for various nefarious uses.

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved